Skip to main content
MGR-ISMGR-IS

Data protection

Below please find information on the processing on your personal data by us and on the rights you have as a result of the applicable data protection laws.

The details pertaining to which of your personal data we will process in each specific case and the ways we use such data depend on the respective business relationship we have with you.

Data Controller

MGR Integration Solutions GmbH
Marina Grigorian and Dr. Reiner Marzinkewitsch
Stadttor 1
D-40219 Düsseldorf, Germany

Phone:   (+49) 211 300 34 65
Telefax: (+49) 211 300 32 00
Email: info@mgr-is.de

You can reach our operationally appointed data protection officer under the following contact information:

MGR Integration Solutions GmbH
Data Protection Officer
Stadttor 1
D-40219 Düsseldorf, Germany
Phone:   (+49) 211 300 34 65
Email: datenschutz@mgr-is.de

 

Data and Data Sources

We collect and process personal data we receive in conjunction with our business relationship, or the potential development of a business relationship or in conjunction with any job application process. In addition, we process personal data we receive from affiliated companies and that we need for the completion of purchase orders. Likewise, we process personal data we receive from public sources, such as the trade register, the media, press, social media as well as the Internet in a manner permitted under applicable laws and that we are allowed to process. This also applies to additional data we receive from you.

Potentially, the following personal data may be processed in conjunction with the above-mentioned processing purposes: Name, address, additional contact information such as phone number, email address, etc.; as well as gender, position/vocational specifics and titles.

Whenever you use the online services we provide, it is possible that additional information, such as your username and login times as well as your IP address will be recorded.

Purpose and Legal Basis for the Processing of Data

The collection and processing of your personal data shall occur exclusively for specific purposes that are aligned with the business objectives of our company. These are, in particular, the development, implementation and operation of integration solutions, the provision of IT support services and software maintenance as well as project management.

The processing of your personal data may become necessary for a variety of related requirements and is thus based on different legal grounds pursuant to Articles 6 and 9 of the GDPR. Specifically, these are:

  • The fulfillment of a contractual relationship or of pre-contractual activities arising from your inquiry (Article 6 Sect.1 b GDPR).
  • Your prior consent for specific purposes obtained by us. You have the right to revoke any consent you give us at any time. Such revocations are effective for the future as of the data they are made. Such revocations have no impact on data processing that has already occurred (Article 6 Sect. 1 a GDPR).
  • The compliance with a legal obligations to which the controller is subject (Article 6 Sect. 1 c GDPR).
  • The protection of legitimate interests of our company or of third parties within the scope of the weighing of interests, e.g. to safeguard the security of IT processes and of our IT operations or for the claiming of legal entitlements (Article 6 Sect. 1 f GDPR).

Data Sharing and Data Transfer

Positions, departments within our company, as well as affiliated companies are given access to your data that they require for the fulfillment of contractual and statutory obligations. We share data with service providers only if this is necessary in conjunction with the business relationship. This will happen only if such providers comply with our written data protection instructions. Such providers may be facilities or contract processors handling the following services: Processing of financial disclosures by banks and maintenance of IT applications, the archiving, processing of receipts, call center services, compliance services, controlling, data eradication, purchasing/procurement, client administration, letter shops, marketing, media technology, travel expense management, telephony, commercial financial auditing services, handling of payment transactions, attorneys and courts.

Public administrative agencies may be additional recipients of data, if a statutory or government agency mandated obligation exists.

Any transfer of data to countries outside of the EU or the EEA (third country) shall occur only if this is necessary for the performance of your order or mandated by law. Moreover, such sharing may also occur if you have given us your prior consent to such sharing.

We enter into the EU Standard Contractual Clauses with recipients in third countries that provide adequate guarantees aiming at the protection of personal data.

Deletion of Data

We will archive your data only as long as the data are needed. The duration of archiving is contingent upon our contractual obligations and the statutory mandates. They are based on the respective processing purpose so that it is impossible to provide any information on a generally applicable archiving period.

Rights of Data Subjects

As a data subject, you have the following rights:

  • The right of access by the data subject (Article 15 GDPR)
  • The right to rectification (Article 16 GDPR)
  • The right to erasure (‘right to be forgotten’) (Article 17 GDPR)
  • The right to restriction of processing (Article 18 GDPR)
  • The right to data portability (Article 20 GDPR)
  • The right to object (Article 21 GDPR)
  • The right to lodge a complaint with a supervisory authority (Article 77 GDPR)
    The authority responsible for our company is:

Landesbeauftragte für Datenschutz und Informationsfreiheit (State Commissioner for Data Protection and Freedom of Information of North Rhine Westphalia)
Kavalleriestraße 2-4
40213 Düsseldorf, Germany

Phone: (+49) 211 38424-0
Telefax: (+49) 211 38424-10

Automated Making of Decisions and Profiling

We principally do not use any automated decision making tools (including profiling) pursuant to Article 22 GDPR for the establishment and performance of a business relationship. If we should decide to use such processes, we will send you a separate notification if required by law.

Status: February 18, 2022