I. General Information
1. Important terms
Browser: Computer program for displaying websites (e.g. Chrome, Firefox, Safari)
Third countries: countries outside the European Union (EU)
GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data, on the free movement of data and on the repeal of Directive 95/46/EC (General Data Protection Regulation), available here .
Personal Data: Any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more special features that express the physical , physiological, genetic, psychological, economic, cultural or social identity of that natural person.
Profiling: Any type of automated processing of personal data that consists in using this personal data to evaluate certain personal aspects relating to a natural person, in particular aspects related to work performance, economic situation, health, personal preferences analyze or predict that natural person’s interests, reliability, conduct, whereabouts or relocation
Services: Our offers to which this data protection declaration applies (see scope).
Tracking: The collection of data and its evaluation regarding the behavior of visitors to our services .
Tracking technologies: Tracking can take place both via the activity logs (log files) stored on our web servers and by collecting data from your end device via pixels , cookies and similar tracking technologies .
Processing: Any process carried out with or without the help of automated processes or any such series of processes in connection with personal data such as collection, recording, organization, ordering, storage, adaptation or modification, reading out, querying, use, disclosure by transmission, distribution or any other form of provision, comparison or linking, restriction, deletion or destruction.
Pixel: Pixels are also called counting pixels, tracking pixels, web beacons or web bugs. They are small, invisible graphics in HTML e-mails or on websites. When a document is opened, this small image is loaded from a server on the Internet, and the download is registered there. In this way, the operator of the server can see whether and when an e-mail was opened or a website was visited. This function is usually implemented by calling a small program (Javascript). In this way, certain types of information can be recognized and passed on on your computer system, such as the content of cookies , the time and date of the page view and a description of the page on which the tracking pixel is located.
2. Scope
This data protection declaration applies to the following offers:
- our online offer “ Momasquad.com ” (website), available in particular at Momasquad.com ,
- our online offer ” vergleich.Momasquad.com “ (website), available in particular at Momasquad.com,
- whenever reference is made to this data protection declaration from one of our offers (e.g. websites, subdomains, mobile applications, web services or integration into third-party websites), regardless of how you access or use it.
All of these offerings are collectively referred to as “ Services ”.
3. Controller
The person responsible for data processing – i.e. the person who decides on the purposes and means of processing personal data – in connection with the services is:
4. Data Protection Officer
data protection request form
Or via the address given under I.3 (to the attention of the data protection department) or via:
E-Mail: | |
Telephone: | +1 617-626-1250 |
II. The data processing in detail
In this section of the data protection declaration we inform you in detail about the processing of personal data within the scope of our services . For better clarity, we structure this information according to certain functionalities of our services . During normal use of the services , different functionalities and thus also different processing can come into play one after the other or simultaneously.
1. General information on data processing
Unless otherwise stated, the following applies to all processing operations described below:
a) No obligation to provide & consequences of non-provision
The provision of personal data is not required by law or contract and you are not obliged to provide data. We will inform you as part of the input process if the provision of personal data is required for the respective service (e.g. by designating it as a “mandatory field”). In the case of required data, non-provision means that the service in question cannot be provided. Otherwise, non-provision may mean that we cannot provide our services in the same form and quality.
b) Consent
In various cases, you have the option of giving us your consent to further processing in connection with the processing described below (possibly for part of the data). In this case, we will inform you separately about all modalities and the scope of the consent and about the purposes that we are pursuing with this processing in connection with the submission of the respective declaration of consent. The processing based on your consent is therefore not listed again here ( Article 13 (4) GDPR ).
c) Transfer of personal data to third countries
If we transmit data to third countries , ie countries outside the European Union, then the transmission takes place exclusively in compliance with the legally regulated admissibility requirements.
If the transfer of the data to a third country does not serve to fulfill our contract with you, we do not have your consent, the transfer is not necessary to assert, exercise or defend legal claims and no other exception regulation according to Art. 49 DSGVO applies, we transfer Your data will only be sent to a third country if there is an adequacy decision pursuant to Art. 45 GDPR or suitable guarantees pursuant to Art. 46 GDPR .
By concluding the EU standard data protection clauses issued by the European Commission with the receiving body, we meet the requirements for verification with regard to suitable guarantees under Article 46 (2) (c) GDPR and with regard to an appropriate level of data protection in the third country . Copies of the EU Standard Data Protection Clauses are available on the European Commission’s website, available here .
d) Hosting by external service providers
Our data processing takes place to a large extent with the involvement of so-called hosting service providers, who provide us with storage space and processing capacities in their data centers and, according to our instructions, also process personal data on our behalf. With all of the functionalities mentioned below, it can happen that personal data is transmitted to hosting service providers. These service providers either process data exclusively in the EU or we have guaranteed an appropriate level of data protection with the help of the EU standard data protection clauses (see under c.).
e) Transmission to government authorities
We transmit personal data to state authorities (including law enforcement authorities) if this is necessary to fulfill a legal obligation to which we are subject (legal basis: Art. 6 para. 1 letter c) DSGVO ) or it to assert, exercise or defend legal claims is required (legal basis Art. 6 Para. 1 Letter f) GDPR ).
f) storage period
The “Storage period” section states how long we use the data for the respective processing purpose. After this period, the data will no longer be processed by us, but will be deleted at regular intervals, unless ongoing processing and storage is required by law (in particular because it is necessary to fulfill a legal obligation or to assert, exercise or defend legal claims ) or you give us additional consent.
g) Longevity of cookies
Some of the data processing presented in the following sections is carried out with the help of cookies . Only the operator of the web server who originally set the cookie can access the information stored in a cookie via the Internet. Access by third parties in this way is not possible. The cookies have different functional periods. Some cookies are only active during a browser session and are then deleted, others work for longer periods, but mostly less than a year. After the functional period has expired, a cookie is deleted by the browser . You can cookiesusing the browser functions (usually under “Options” or “Settings”). This means that the storage of cookies can be deactivated, made dependent on your consent in individual cases or restricted in some other way. You can also delete cookies at any time.
h) designations of data categories
In the next sections, the following summary category designations are used for certain types of data:
- Account data: login/user ID and password
- Personal master data: title, salutation/gender, first name, last name, date of birth
- Address data: street, house number, address supplements, if applicable, postal code, city, country
- Contact details: telephone number(s), fax number(s), e-mail address(es)
- Login Data: Information about the Service through which you signed up; Times and technical information for registration, confirmation and deregistration; data you provided when registering
- Order data: Products ordered, prices, payment and delivery information
- Payment data: account data, credit card data, data on other payment services such as PayPal
- Usage data for press mailing list: Accreditation topic, accreditation time, consent to usage restrictions/declaration of consent, downloads of press materials
- Access data: date and time of visit to our service; the page from which the accessing system reached our site; pages viewed during use; data for session identification (session ID); also the following information from the accessing computer system: Internet protocol address used (IP address), browser type and version, device type, operating system and similar technical information.
i) Data collection from public sources
We collect personal data from publicly available sources. Publicly accessible sources include, in particular, publicly accessible websites, all public directories that are available to the general public (telephone number and similar directories) and public registers, even if they may require a login (e.g. commercial register).
We process all categories of data stored in publicly accessible sources. This can be, for example , personal master data , address data , contact data , payment data , order data , as well as all other data categories such as interests, preferences, affinities and the like.
The data is collected for the purpose of fulfilling the principle of correctness according to Art. 5 Para. 1 Letter d) DSGVO , if necessary for the purpose of contract execution according to Art. 6 Para Art. 6 Para. 1 Letter b) and f) GDPR , as well as for the purpose of direct advertising that is as appropriate as possible in accordance with Art. 6 Para. 1 Letter f) GDPR in connection with Recital 46 GDPR .
2. Accessing our Services
Scope(s): Website “momasquad.com”
Below we describe how your personal data is processed when you access our services (e.g. loading and viewing the website, opening and navigating within the mobile device app). In addition, we use technically or legally necessary auxiliary tools that do not collect any data themselves (such as a tag manager), but only serve to ensure the security of the website, the administration and operation of other tools or the management of the consent you have given (Consent Management Platform). . In particular, we point out that the transmission of access datato external content providers (see under b.) is unavoidable due to the technical functioning of information transmission on the Internet. The third-party providers are themselves responsible for the data protection-compliant operation of the IT systems they use. The service providers are responsible for deciding how long the data will be stored.
a) Purpose of data processing and legal basis and, if applicable, legitimate interests, storage period
- By data category:
- access data
- Intended use:
- connection setup; Presentation of the content of the Service; error diagnosis
- Legal basis:
- Article 6 paragraph 1 letter f) GDPR
Legitimate interest pursued by us:
proper functioning of the Services ; security of data and business processes; prevention of abuse; Prevention of damage caused by interference in information systems
- Storage duration:
- 4 weeks
b) Recipients of the personal data
- Recipient category:
- External content providers who provide content (e.g., images, videos, embedded social network posts, advertising banners, fonts, update information, shortened links) necessary to display the Service
- Affected data:
- access data
- Legal basis:
- Article 6 paragraph 1 letter f) GDPR
Legitimate interest pursued by us:
proper functioning of the Services ; (accelerated) presentation of the content
3. General Newsletter
Scope(s): Website “momasquad.com”
In addition to the purely informational use of our website, we offer you the opportunity to register for our newsletter. If you register for one of our free newsletters, we will inform you regularly about selected new products, test campaigns, valuable tips and news as well as exclusive offers.
As part of registering for the newsletter, you will receive an additional confirmation message containing a link to final registration (so-called “double opt-in procedure). This ensures that the newsletter was ordered by you and not by a third party. When registering, your data will first be stored on our servers or the servers of the service providers used and a confirmation message with a link to final registration will be sent to the email address provided. If you do not confirm the registration using the link in this e-mail, the data will be deleted after 30 days. Only by confirming the link will your data be finally saved for the purpose of sending the newsletter. If you no longer agree to the storage of data for this purpose and therefore no longer wish to use our offer, you can unsubscribe from our newsletter at any time. For this purpose, there is a corresponding link in every newsletter.
We would like to point out that your interactions with the newsletter are measured (“opening and clicking behavior”). For this measurement, the e-mails sent contain tracking pixels or corresponding links, which can measure the opening and click rates within the newsletter for the purpose of optimizing our future newsletter . In addition, based on your consent, we can link the click behavior with an individual ID in order to be able to clearly assign your clicks. This link is for the purpose of individualized, interest-based adaptation of the newsletter.
a) Purpose of data processing and legal basis and, if applicable, legitimate interests, storage period
- By data category:
- personal master data ; login data ; usage profile data newsletter ; access data ; Contact data , in particular your e-mail address
- Intended use:
- Verification of the registration process (“double opt-in”) including traceability of registrations and cancellations (“logging”); Dispatch and interest-based design of the newsletter; Measurement of the opening and click rates for the purpose of optimizing our newsletter offer
- Legal basis:
- Article 6 paragraph 1 letters a) and f) GDPR
Legitimate interest pursued by us:
Logging of the registration and cancellation process for our newsletter as well as effecting the sending and design of our newsletter by means of additional success measurements
- Storage duration:
- Personal data will be deleted as soon as further processing is no longer required to achieve the respective purpose and statutory retention periods do not prevent deletion. This is regularly the case upon receipt of your revocation. In the event of your revocation, however, we reserve the right to save your e-mail address for the purpose of proving a previously given consent. The storage takes place exclusively for the purpose of defending against possible legal claims.
b) Recipients of the personal data
- Recipient category:
- Service provider for sending out newsletters; Companies within the group of companies, insofar as this is necessary for the purpose of sending and optimizing the newsletter
- Affected data:
- all data mentioned under point a) of this section
- Legal basis:
- Article 6 paragraph 1 letter f) GDPR and Article 28 GDPR
Legitimate interest pursued by us:
Internal administrative purposes, in particular as part of the proper sending of the newsletter
4. Customer Feedback or Contacting Customer Service
Below we describe how your personal data is processed when you contact us with inquiries.
Purpose of data processing and legal basis and, if applicable, legitimate interests, storage period
- By data category:
- personal master data ; contact details ; Content of inquiries/complaints
- Intended use:
- Handling customer inquiries and user complaints
- Legal basis:
- Article 6 paragraph 1 letters b) and f) GDPR
Legitimate interest pursued by us:
improving our service; customer retention
- Storage duration:
- processing of the request
5. Data processing on our Facebook fan page
We also use social media platforms to ensure that our online offering is up-to-date, informative and appealing. In this context, we use in particular the option of a separate Facebook fan page (hereinafter “fan page”). For this purpose, we use the technical platform and the services of the company Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter “Meta”).
We would like to point out that you use this fan page and its functions at your own risk. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also call up the information offered via the fan page via our regular offer on this website.
a) Data processing by Meta when visiting our fan page
When you visit our fan page, Meta records, among other things, your IP address and other information that is stored on your device in the form of cookies . This information is used to provide us, as the operator of the fan page, with statistical information about the use of the fan page. Meta provides more information on this under the following link:
https://de-de.facebook.com/help/pages/insights
The data collected about you in this context will be processed by Meta and, if necessary, transmitted to countries outside the European Union. Meta describes what information Meta receives and how it is processed in general terms in its data usage guidelines. There you will also find information about how to contact Meta and how to set up advertisements. The data usage guidelines can be accessed via the following link:
https://www.facebook.com/privacy/policy/
How Meta uses the data from visiting the fan page for its own purposes, to what extent activities on the fan page are assigned to individual users, how long Meta stores this data and whether data from a visit to the fan page is transmitted to third parties not named conclusively and clearly by Meta and is therefore not extensively known to us.
When you access our fan page, the IP address assigned to your end device is transmitted to Meta. According to Meta, this IP address is anonymised. Meta also stores information about the end devices of its users (e.g. as part of the “registration notification” function). It may be possible for Meta to assign IP addresses to individual users.
If you are currently logged in to Facebook as a user, there is a cookie with your Facebook ID on your device. This enables Meta to understand that you have visited this site and how you have used it. This also applies to all other meta pages. Facebook buttons integrated into websites make it possible for Meta to record your visits to these websites and assign them to your Facebook profile. Based on this data, content or advertising can be offered tailored to you.
If you want to avoid this, you should log out of Facebook or deactivate the “stay logged in” function, delete the cookies on your end device and close and restart your browser . In this way, Facebook information that can be used to identify you directly is deleted. This allows you to use our fan page without revealing your Facebook ID. When you access interactive features of the website (like, comment, share, message, etc.), a Facebook login page appears. After a possible registration, you are again recognizable for Meta as a specific user.
Information on how you can manage or delete existing information about you at Meta can be found on the following Meta support pages:
https://www.facebook.com/privacy/policy/
b) Data processing in joint responsibility (“Page Insights”)
Below we describe how we process your personal data together with Meta when operating the fan page:
The subject of joint responsibility is the processingpersonal data as part of a so-called Page Insights event (hereinafter “Insights”). Insights are summarized statistics that are created based on specific events. These events are logged by meta servers when people interact with pages and the content associated with them. We do not have access to the personal data that is processed as part of the events, only to the summarized insights that are made available to us by Meta. Events used to create insights do not store IP addresses, cookie IDs, or any other identifiers associated with people or their devices other than a Facebook user ID for people logged into Facebook.
The processing takes place in particular for the purpose of being able to guarantee an attractive, appealing and user-friendly design of our fan page.
As part of an agreement on joint responsibility within the meaning of Art. 26 Para. 1 Sentence 2 GDPR , it was agreed with Meta that Meta assumes primary responsibility for the fulfillment of data protection rights and obligations with regard to the processing of Insights data. Further information on the type and scope of processing within the framework of joint responsibility can be found here:
https://www.facebook.com/legal/terms/page_controller_addendum
c) Purpose of data processing and legal basis and, if applicable, legitimate interests, storage period
- By data category:
- usage data; Technical specifications; profile information; User Content; further contact data and contact information; location data; analysis dataIf you are logged in to your Facebook account when accessing the content, this data can also be assigned to your member account.
- Intended use:
- Interest-based design of the offerThe operation of the fan page and the associated processing of your personal data serves the purpose of designing our offers in a needs-based, attractive, up-to-date and contemporary manner.
- Legal basis:
Art. 6 Para. 1 Sentence 1 Letter a) GDPR :
If you communicate with us within the framework of the fan page in question, for example through the comment or messenger function, the associated processing of your personal data takes place on the basis of your voluntary decision.Art. 6 Para. 1 Sentence 1 Letter f) GDPR :
Our legitimate interest is based on the provision of a contemporary and up-to-date information platform and the creation of additional options for contacting our users.- Storage duration:
- Personal data will be deleted as soon as further processing is no longer required to achieve the respective purpose and statutory retention periods do not prevent deletion. This is regularly the case with receipt of your revocation or your objection. Additional information on the processing of your personal data by Meta can be found here:
https://www.facebook.com/privacy/policy/
d) Participating companies of joint responsibility
- Participating companies:
- the company specified under I.3; Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
- Affected data:
- usage data; Technical specifications; profile information; User Content; further contact data and contact information; location data; analysis dataIf you are logged in to your Facebook account when accessing the content, this data can also be assigned to your member account.
- Legal basis:
- Article 6 paragraph 1 letters a) and f) GDPR
e) Recipients of the personal data
- Recipient category:
- Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland
- Affected data:
- usage data; Technical specifications; profile information; User Content; further contact data and contact information; location data; analysis dataIf you are logged in to your Facebook account when accessing the content, this data can also be assigned to your member account.
- Legal basis:
- Article 6 paragraph 1 letter f) GDPROur legitimate interest is based on the provision of a contemporary and up-to-date information platform and the creation of additional options for contacting our users.
6. Data processing on our Instagram fan page
We operate this fan page on the “Instagram.com” platform of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland (“Facebook”) ( Instagram Data Policy ). Every call and every interaction on our fan page leads to data processing, regardless of whether you have an Instagram or Facebook account or not. In the case of a logged-in account, the operators of Instagram and/or their affiliated companies may combine the information about the fan page call with your account information and may use this to create profiles. If you do not want such a profile to be created, log out before accessing our fan page.
We use “Instagram Insights” to process statistical data from our fan page such as gender, age range, location, page views, interactions and information on paid activities, reach, accounts reached, impressions and impressions per day. This is done on the basis of our legitimate interest ( Art. 6 Para. 1 Letter f) GDPR ) in making posts on the site more attractive or in finding the right time for publication.
You have the right to information, deletion and correction of your data, restriction of processing , objection to processing , data portability and complaints to the supervisory authority. You can exercise these rights both towards Facebook Ireland Ltd. [ contact form ] as well as against us LisaHanes@momasquad.com , whereby we forward your inquiries there according to our agreement with Facebook.
As we are jointly responsible for the processing of your data, we have a Page Controller Addendum with Facebook.
7. Tracking & Usage Analysis
Below we describe in which cases when using our services your personal data is processed to analyze the use of our services and when tracking technologies are used to track and evaluate the behavior of visitors, for example to show them advertising tailored to them.
BurdaForward GmbH observes the requirements of the IAB Europe Transparency & Consent Framework and complies with its specifications and guidelines. BurdaForward GmbH uses the Consent Management Platform with the identification number n/a.
- Usage analysis with a legal basis of legitimate interest, Art. 6 Para. 1 Letter f) GDPRWe carry out usage analyzes based on the legal basis of Art. 6 Para. 1 Letter f) GDPR , i.e. after a weighing of interests . You can find an overview of the technologies and services used here . There you will also find an explanation of how each service works and what data is used for processing .
In doing so, we pursue the legitimate interests
- to check our services , to optimize them and adapt them to the needs of users and to fix errors,
- To statistically determine parameters about the use of our services (range, intensity of use, surfing behavior of users) – on the basis of uniform standard procedures – and thus to obtain values that are comparable across the market in order to optimally market our services ,
- measure the success of advertising campaigns, optimize our ads for the future and also allow marketers and advertisers to optimize their ads accordingly.
Can I object to the collection and evaluation?
Yes. You can find an opportunity to object to the respective processing here .
- Tracking with legal basis consent, Art. 6 Para. 1 Letter a) GDPRWe carry out tracking if you consent. We explain the type and scope of the tracking to you in the consent dialog . For clarification: If no consent is requested, no tracking takes place on this basis.
Consent is voluntary. It is granted by clicking on the corresponding button in the consent dialog on our services . There you will find all the necessary information about the type and scope of data processing.
Can I revoke my consent?
You can revoke your consent at any time for the future. You can find a way to withdraw your consent here . The lawfulness of the processing up to the point of revocation remains unaffected.
III. data subject rights
1. Right to Object
If we process your personal data in order to operate direct advertising, you have the right to object to the processing of your personal data for the purpose of such advertising at any time with effect for the future; this also applies to profiling insofar as it is associated with such direct advertising.
You also have the right, for reasons arising from your particular situation, to object at any time with future effect to the processing of personal data relating to you, which is carried out in accordance with Article 6 (1) (e) or (f) GDPR to insert this also applies to profiling based on these provisions .
You can exercise your right to object free of charge. In order to process your request faster, please use our form under the following link:
data protection request form
Alternatively, you can contact us using the contact details given under I.4 .
2. Right to information
You have the right to request confirmation from us as to whether personal data relating to you is being processed and, if necessary, information about this personal data and the other information listed in Article 15 GDPR .
3. Right to Rectification
You have the right to demand that we immediately correct any incorrect personal data concerning you ( Article 16 GDPR ). Taking into account the purposes of the processing , you have the right to request the completion of incomplete personal data – also by means of a supplementary declaration.
4. Right to Erasure (“Right to be Forgotten”)
You have the right to demand that personal data relating to you be deleted immediately if one of the reasons given in Art. 17 Para. 1 GDPR applies and the processing is not for one of the purposes regulated in Art. 17 Para. 3 GDPR is required.
5. Right to restriction of processing
You are entitled to demand a restriction in the processing of your personal data if one of the conditions regulated in Art. 18 Para. 1 Letter a) to d) GDPR is met.
6. Right to data portability
Under the conditions specified in Art. 20 Para. 1 GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format, and the right to transfer this data to another person responsible without to transmit disability by us. When exercising the right to data portability, you have the right to have the personal data transmitted directly by us to another responsible body, insofar as this is technically feasible.
7. Right of Withdrawal upon Consent
If the processing is based on your consent, you have the right to withdraw your consent at any time. This does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation .
8. Right to Complain
You have a right of appeal to the supervisory authority responsible for our company. The supervisory authority responsible for our company is:
State Office for Data Protection Supervision , Louisburg Square, Boston, MA 02108, USA,