Data Protection Statement of picturemaxx AG

Data Protection Statement of picturemaxx AG

Thank you for visiting our websites and your interest in our company and products.

The protection of personal data is very important to us. We want to offer you comprehensive services while at the same time protecting your privacy.


Please note therefore our Privacy Policy, given below.

Table of Contents

01.   General information about the collection of personal data
02.   Contact details
03.   Explanations of the legal bases and period of storage
04.   Your rights
05.   Visits to the picturemaxx website and creation of log files
06.   Registration for "my-picturemaxx"
07.   Newsletter
08.   TELL A FRIEND function
09.   Contact form
10.   To what extent does picturemaxx run website analyses?
11.   Use of Google Maps
12.   Social media links
13.   Disclosure to third parties
14.   Security standards
15.   Changes to this statement

1. General information about the collection of personal data

picturemaxx AG ("picturemaxx") attaches great importance to the protection of your personal data. This Data Protection Statement describes how picturemaxx ("we", "us" and "our") uses and protects personal data collected at www.picturemaxx.com, www.my-picturemaxx.com, howto.picturemaxx.com and at other websites and SaaS solutions which we offer ("picturemaxx website").

Personal data are all data which might refer to you personally, including for example your form of address, name, address, e-mail address, IP address, etc. We only collect and process your personal data in compliance with the provisions of the EU General Data Protection Regulation ("GDPR") and other provisions of European and applicable national data protection law.

Personal data is only collected and used with your consent or if the processing of such data is permitted by law. The following provisions provide information about the type, scope and purpose of the collection and processing of your personal data.

In the event that we make use of the services of a processor for the purpose of providing specific functions of our services or if we use your data for advertising or analysis purposes, we will also inform you in detail in the following about the action taken. We also provide information about the stipulated criteria for and the period of storage. We also inform you about your rights with regard to every kind of data processing.

This Data Privacy Policy refers exclusively to our picturemaxx website. If links on our picturemaxx website take you to third-party websites, please find out how your data are used at such websites.

Contact

2. Contact details

2.1. Name and address of person responsible for data processing

picturemaxx is the responsible legal person for data protection within the meaning of the GDPR and under all other applicable EU data protection law ("controller"). If you have any questions, suggestions or criticisms relating to data protection regarding our website, please contact:

picturemaxx AG
Stefan-George-Ring 2
81929 Munich 
GERMANY 

e-mail: info@picturemaxx.com 

2.2. Name and address of the data protection officer

Anyone affected (“data subject”) can contact our data protection officer directly with questions and suggestions at any time. Our data protection officer can be contacted as follows: 

picturemaxx AG
Data Protection Officer
Stefan-George-Ring 2
81929 Munich
GERMANY 

e-mail: dataprotection@picturemaxx.com

3. Explanations of the legal bases and period of storage

3.1. Legal bases of the processing of personal data

In the event that we asked for your consent for processing of your personal data Article 6 (1) sentence 1 a) GDPR is the legal basis for processing your personal data. You are entitled to withdraw any consent you have given at any time with effect for the future. 

Under Article 6 (1) sentence 1 b) GDPR, the processing of your personal data is legitimate if such processing is necessary for the performance of a contract with you or your company. This also applies to all processing operations which are relevant prior to entering into a contract.

Under Article 6 (1) sentence 1 c) GDPR, the processing of your personal data is legitimate if such processing is necessary for compliance with one of our legal obligations.

Under Article 6 (1) sentence 1 f) GDPR, the processing of your personal data is legitimate if such processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.

3.2. Period of storage and erasure of data

Any personal data which we collect, process and store will be kept by us for as long as there is a specific purpose for such storage. Your data will be erased or their processing restricted as soon as the specific purpose for which they were stored no longer applies.

It is possible, however, that European regulations, applicable national laws or other rules may require us to store data which we have processed for a longer period of time. We will erase or restrict the processing of your data when these periods of storage have expired.

Right to object

4. Your rights

For the purposes of the GDPR you are the data subject of any of your personal data which we process. As a data subject you have the following rights with regard to picturemaxx:

4.1. Right of access by the data subject 

You have the legal right to request information about whether we are processing your personal data. If this is the case, you have the right to be informed about the extent to which your personal data are being processed.

4.2. Right to rectification 

You have the right to obtain from picturemaxx the rectification of inaccurate personal data concerning you and/or to have incomplete personal data completed.

4.3. Right to restriction of processing

In certain circumstances you have the right to restrict the processing of your personal data.

 4.4. Right to erasure

In certain circumstances you have the right to obtain from picturemaxx the erasure of personal data concerning you without undue delay. The right to erasure does not apply if processing is necessary.

4.5. Notification obligation

If you have asserted your right to rectification, erasure or restriction to picturemaxx, picturemaxx must communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.

4.6. Right to data portability

You have the right to receive, in a structured, commonly used and machine-readable form, any personal data concerning you which you have provided to picturemaxx. You also have the right in certain circumstances to transmit those data to another company without hindrance from picturemaxx to which the personal data have been provided initially.

4.7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you based on Article 6 (1) sentence 1 f) GDPR. picturemaxx may then no longer process the personal data relating to you unless picturemaxx demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

If the personal data relating to you are processed for the purposes of engaging in direct advertising, you have the right to object at any time to the processing of your personal data for such advertising purposes. You can inform us of such objection by contacting us as follows:

picturemaxx AG
Stefan-George-Ring 2
81929 Munich
e-mail: info@picturemaxx.com 

4.8. Right to withdraw the consent

You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the legitimateness of processing based on consent before its withdrawal.

4.9. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

Cookies

5. Visits to the picturemaxx website and creation of log files

Our system automatically collects data and information from your computer system every time you visit our picturemaxx website. The following data are then collected:

  • Information about the type of browser you are using
  • Information about your operating system
  • Information about your internet service provider
  • Your IP address
  • The date and time of your visit to our website
  • Information about the website from which your system has reached our website
  • Information about the website which you access from our website

The data which we collect on you are stored in our system's log files. As a rule, these data are not stored with other personal data. One exception to this rule is the information collected by us about your browser settings. 

The temporary storage of data and log files is legitimate under Article 6 (1) sentence 1 f) GDPR. We have a legitimate interest in collecting and temporarily storing the data referred to because temporarily storing the IP address by the system is necessary in order to deliver the website to your computer.

Data are stored in log files to ensure the functioning of the website. This information is also used to optimise our website and to warrant the security of our information technology systems. Your log files are not assessed for marketing purposes.

The data will be erased or altered in a way that prevents them being assigned to you as soon as they cease to be necessary for the purposes referred to here. Data which are stored in log files are erased after 30 days.

my-picturemaxx

6. Registration for "my-picturemaxx"

6.1. Processing by picturemaxx

In addition to downloading and installing, our "my-picturemaxx" software can only be used by registering using a form provided by us directly in "my-picturemaxx". When you register you will be required to provide certain mandatory data in addition to voluntary information; these types of data are identified separately. Such data includes but is not limited to

  • Your user name
  • Your name
  • Your address
  • Your country of origin or that of your company
  • Your e-mail address
  • Your password

We use, store and process these data because this is necessary in order to establish, define the contents of or amend the contractual relationship between you and picturemaxx as well as for claiming and settling the relevant services.

Such processing of data in "my-picturemaxx" is legitimate under Article 6 (1) sentence 1 b) and f) GDPR. We erase your data if they are no longer needed for the stated purpose and if they are not subject to contractual or legal retention periods. We will therefore delete your data after 10 years at the latest.

6.2. Disclosure to third parties

If you permit links to be made to administrators or customers via "my-picturemaxx", your user name, your first and family name, your address (including country) and your e-mail address are being displayed to this group of people for administrative purposes and for settlement in a separate protected area of "my-picturemaxx".

Only if you operate "my-picturemaxx" on your own account or you are an administrator/main contact person in your own company/organisational unit your first and your family name, your position and the e-mail address and contact data of your company/organisational unit are passed on to the partner making an offer via "my-picturemaxx" ("media provider") for the purpose of entering into a contract and agreeing the use of the researched media material. Directly after your registration we will send your data to our media providers in order to introduce you to them. We will obtain your consent for this in advance. You can withdraw your consent at any time - with effect for the future. After your registration we only will forward your data exclusively to our media-providers for contract processing purposes.

The processing of data as stated in "my-picturemaxx" is legitimate under Article 6 (1) sentence 1 a), b) and f) GDPR. The processing described above serves primarily to execute the contract. Despite, the picturemaxx-network lives from the fact that the individual participants communicate with each other and learn about the existence of new members, so that picturemaxx also has a legitimate interest in data processing in cases where you have not given your consent.

We erase your data as soon as they are no longer needed for this purpose and if they are not subject to contractual or legal retention periods. 

Newsletter

7. Newsletter

7.1. Sending of Newsletter

You can subscribe to a free newsletter on the picturemaxx website. With your consent you will be informed via the newsletter about the latest picturemaxx-software, services and changes to existing products. The data which you enter when subscribing to the newsletter are transmitted to us. These data are usually:

  • Your e-mail address
  • Your name
  • The name of your company
  • Your country or that of your company
  • Any other data you provide voluntarily

We need your e-mail address in order to send you the newsletter and to identify and check that you have given your consent. The information about your country is used to send you the newsletter in the appropriate language. The other information you provide is given voluntarily.

We use the double opt-in procedure to subscribe to our newsletter. This means that, after you have subscribed, we will send an e-mail to the e-mail address given by you asking you to confirm that you wish to receive the newsletter. If you do not confirm your subscription within 24 hours, your information will be blocked and automatically erased after one month. After receiving your confirmation, we store your e-mail address and other data for the purpose of sending the newsletter. This processing is legitimate under Article 6 (1) sentence 1 a) GDPR.

We also store your IP addresses and the time of your subscription and confirmation. The purpose of this procedure is to demonstrate that you have subscribed and to clarify any possible misuse of your personal data. This processing is legitimate under Article 6 (1) sentence 1 f) GDPR.

We erase your data as soon as you or we have ended the subscription for the newsletter. You can cancel the newsletter subscription at any time by withdrawing your consent with effect for the future. There is a link in every newsletter sent to you which you can click to automatically unsubscribe. Alternatively, you can send an e-mail to info@picturemaxx.com or a message to the controller referred to above in this Data Protection Statement.

7.2. Disclosure to third party

Our newsletter is either sent by picturemaxx directly or by our service provider, Newsletter2Go GmbH ("Newsletter2Go"), Köpenicker Str. 126, 10179 Berlin, Germany. Newsletter2Go stores the data entered by you for picturemaxx for the purpose of sending the newsletter. We use the services of Newsletter2Go as an order processor.

The services provided by the Germany-based company Newsletter2Go are subject to the GDPR and the stringent requirements of the order processing agreement made with it. Your data are only sent to third parties by Newsletter2Go in compliance with the legal requirements of the GDPR.

Under Article 6 (1) sentence 1 f) GDPR, it is legitimate for us to pass on your data (name and e-mail address) to Newsletter2Go as we use Newsletter2Go’s software to send the picturemaxx newsletter.

We will erase your data as soon as we do not need it anymore for its purposes. You will find more information about data protection at Newsletter2Go at: https://www.newsletter2go.co.uk/data-protection/

8. TELL A FRIEND function

We offer you our TELL A FRIEND function on the picturemaxx website. You can use this function to recommend particular pages and information on the picturemaxx website to other people who you think might be interested in our picturemaxx website. After you have clicked the TELL A FRIEND function you can send a link to the website you are recommending and its title to the recipients you have selected from your e-mail address. To do this you must enter the e-mail address of the person in your e-mail program and, if you wish, an additional personal message. We do not use, store or process either your message or your personal data in connection with the TELL A FRIEND function.

Forms

9. Contact form

9.1. Processing by picturemaxx Deutschland

You can make contact with us by electronic means using the contact form on our website. If you wish to contact us in this way, the data which you enter will be sent to us and stored. This applies to the following data in particular:

  • Your form of address
  • Your full name
  • Your e-mail address
  • Your telephone number (optional)
  • Your company 
  • Your country of origin or that of your company
  • The subject of your enquiry
  • The type of enquiry
  • The question and reason for your enquiry

The processing of this data is legitimate under Article 6 (1) sentence 1 a), b) or f) GDPR. We only process any personal data which you enter to deal with your request, which is in our interest. This may involve the initiation of a contract. The data are erased as soon as they are no longer required for the purpose for which they have been collected and provided that they are not subject to any legal or contractual archiving obligations. The conversation has come to an end when it is apparent from the circumstances that the matter being discussed has been finally clarified. 

If we have obtained your consent and your data are processed by us for marketing purposes, the following applies: You can withdraw your consent to picturemaxx for the processing or any other use of your personal data at any time with effect for the future. In this case, the conversation cannot be continued. All personal data which are stored when contact is made are then erased if they are not required to be retained by law and if no other legal grounds for processing the data exist.

The following data are also stored at the time you send your message:

  • Your IP address 
  • The date and time at which you have made contact

These additional personal data processed during the transmission operation are used to prevent the contact form from being misused and to ensure the security of our information technology systems. Other personal data collected during transmission will be erased after a period of 30 days at the latest. The data are used exclusively to process the conversation. The processing of this data is legitimate under Article 6 (1) b) or f) GDPR.

9.2 Transmission to affiliated international offices

In certain circumstances the data entered by you may be passed on to the picturemaxx international offices, if the thematic and regional content of your enquiry relates to the relevant office (order processing). In this case also picturemaxx remains your first point of contact and you can continue to assert your rights against picturemaxx.

In some circumstances, picturemaxx may transfer the data to countries outside the European Economic Area (EEA), for example to the USA. This is just the case, if picturemaxx employees abroad are the right picturemaxx contact partners to answer your request. picturemaxx will, however, take the necessary steps to ensure that an appropriate level of data protection is maintained. If picturemaxx sends your data to the United States, for example, additional measures are taken, such as concluding EU-compliant data transmission agreements with the data importer, if this is necessary.

By sending off the contact form you declare that you agree to transmission of the data entered in the contact form to regional picturemaxx offices abroad (for example USA), if the thematic and regional content of your enquiry relates to the relevant international office. You may withdraw your consent from picturemaxx at any time with effect for the future. 

The transmission of your data is legitimate under Article 6 (1) sentence 1 a) b) and f) GDPR. If your request is related to a foreign picturemaxx office, picturemaxx has an interest in contacting the employees in the foreign offices in order to be able to process your request. We erase your data as soon as they are no longer needed to achieve their intended purpose and if they are not subject to contractual or legal retention periods.

10. To what extent does picturemaxx run website analyses?

10.1. Use of cookies

Whenever you use our picturemaxx website different types of cookies are used and stored on your computer in addition to the data referred to above. Cookies are small text files which are stored on your computer or mobile device whenever you visit our picturemaxx website. These cookies send us various types of information.

We use the following types of cookie:

  • Cookies are sometimes necessary for the proper functioning of our website. By setting cookies we can determine, for example, that you have visited our website.
  • Cookies enable us to provide you user-friendly services which it would simply be impossible to offer without setting cookies.
  • Cookies allow the information and services on our website to be optimised to meet the needs of the user. As already stated, cookies allow us to recognise you when you return to our website. This in turn enables us to make it easier for you to use our website.
  • Cookies can also be used to analyse the way the website is used. It is then possible, for example, to determine how many users visit the website and what parts of the website could be improved. However, analysis of this kind does not establish any kind of connection between you and the statistics compiled on the basis of the data which are collected. We will inform you if cookies are used to analyse websites.

Cookies will be stored on your computer. You can decide whether you want to erase the cookies from your computer at any time. You can change the settings in your browser to determine yourself whether the transmission of cookies from your computer to us should be disabled, restricted or whether the cookies should be completely erased. If you disable all the cookies from our website, you may no longer be able to use all the website functions in full. 

The following list provides further information about disabling cookies or managing your cookie settings in the browser which you are using:

You will find a list of the cookies we actually use here:

Cookie

Function

Period of cookie storage

WGWIN

Session cookie, window manager

Browser session

(S)THUMBSESSID
(with leading "S" for secure connection / HTTPS)

Session cookie for web shop thumbnails

Browser session

COOKIEPOLICY

Stores the agreement to
storage of cookies (cookie banner)

10 years as of acceptance
(default value, is not overwritten by either website)

REMEMBERME

Stores a token which logs the
user in automatically after the
end of a browser session if this is requested by the user when logging in (checkbox).

30 days as of first login
(default value, is not overwritten by either website) or directly when the visitor logs out

 

10.2.    Google Analytics

Our picturemaxx website uses Google Analytics, a web analytics service of Google. Google can be contacted at Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses cookies. These are text files which are stored on your computer to analyse the way you use the picturemaxx website. The information about the way you use our website created by the cookie is usually sent to and stored on a Google server in the USA. IP address anonymization is performed on the picturemaxx website so that your IP address is truncated beforehand by Google within Member States of the European Union or in other countries which are parties to the EEA agreement. Only in exceptional cases is the full IP address sent to and only then truncated on a Google server in the USA. Google uses this information on behalf of the website operator to evaluate the way you use our website, to collate reports on website activities and to provide picturemaxx other services related to website and Internet use. The IP address sent by your browser by Google Analytics is not combined with other data held by Google.

In exceptional cases in which personal data are sent to the USA, Google is subject to the EU-US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.

The use of Google Analytics is covered by Article 6 (1) sentence 1 a) GDPR where consent is obtained in advance and by Article 6 (1) sentence 1 f) GDPR, as picturemaxx has a legitimate interest in processing data in this case. You may withdraw your consent at any time with effect for the future. We use Google Analytics to analyse the use which is made of our website and to improve it on a regular basis. We will only process your data for as long as is necessary to fulfil the purpose for which they have been collected (in this case for creating and evaluating statistics).

You can change your browser settings to prevent cookies from being stored; however, you should realise that, in these circumstances, you may find that you are unable to make full use of functions on the website. You can also prevent the data (including your IP address) relating to your use of the website which is captured by the cookie being sent to or processed by Google by downloading and installing the browser plug-in from the following link:
https://tools.google.com/dlpage/gaoptout?hl=de

You can prevent cookies being set by using an opt-out cookie. Click here if you wish to prevent cookies being set the next time you visit this picturemaxx website: https://tools.google.com/dlpage/gaoptout?hl=en.

More information about the purpose and scope of data collection and the processing of such data by Google is provided in Google's privacy policy. This policy also provides more information about your rights and the settings which enable you to protect your privacy: https://policies.google.com/privacy?hl=en&gl=en.

11. Use of Google Maps

This website uses Google Maps API, a map service from Google Inc. ("Google"). Google can be reached at Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. This enables us to display interactive maps directly on the website and makes it easy for you to use the map functions.

When you visit the picturemaxx website Google receives the information that you have accessed the corresponding subpage of our website. The following data are also sent to Google:

  • Your IP address
  • The date and time of your enquiry
  • The difference in time between your time zone and Greenwich Mean Time (GMT)
  • The content of the request (specific page)
  • Access status /HTTP status code
  • The amount of data transmitted
  • Website from which the request originates
  • The type of browser you are using
  • The operating system you are using and its user interface
  • The language and version of your browser software

This is done regardless of whether Google has provided a user account for you to log in with or whether you don't have a user account. If you have logged in through Google, your data are assigned directly to your account. You must log out before visiting the picturemaxx website if you do not wish Google to identify you with your profile. Google stores your data as user profiles and uses them for advertising, market research and/or web design purposes. Such evaluations are carried out in particular (including for users who are not logged in) to provide tailored advertising. You are entitled to object to the creation of this user profile: this right must be asserted against Google directly.

It is simple to disable the Google Maps service and this then prevents data being transferred to Google: Simply disable JavaScript in your browser. However, we do point out that you will then no longer be able to use the map display function.

Google also processes your personal data in the USA and is subject to the EU-US Privacy Shield for this purpose: https://www.privacyshield.gov/EU-US-Framework. The use of Google Maps API is legitimate under Article 6 (1) sentence 1 f) GDPR as processing is necessary for the purposes of the legitimate interests pursued by picturemaxx. We use Google Maps API to be able to offer you a map function.

More information about the purpose and scope of data collection and the processing of such data by Google is provided in Google's privacy policy. This policy also provides more information about your rights and the settings which enable you to protect your privacy: https://policies.google.com/privacy?hl=en&gl=en.

12. Social media links

12.1. Principles

We use the following simple social media links on the picturemaxx website. When you are visiting the picturemaxx website, your personal data is not automatically shared or passed on to providers of social media networks. Your data is only sent to the provider of the social media network and stored there, in case you click the link (which is placed as a button) and are already logged in or respectively you proceed the log in by entering your access data into a pop-up window which is opened by clicking the link in case you are not already logged in. You can control which data you wish to release by altering the data protection settings which are available on most social media platforms. More information about how you can change your data protection settings and how external social media sites handle your personal identifiable data is provided in the following:

12.2. Facebook

We link to Facebook ("Facebook"). Facebook is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The link is recognisable by the Facebook logo. As soon as you click the link a connection is created between your web browser and Facebook's servers. The type, scope, purposes and processing of the data by Facebook and the rights and settings options for the protection of the user's privacy are detailed in Facebook's data protection statement (https://www.facebook.com/about/privacy).

12.3. Twitter

We link to the Twitter network. ("Twitter"), a service of Twitter Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The link is recognisable by the Twitter logo. Your web browser will establish a connection to the Twitter server every you click the Twitter logo on the picturemaxx website. Details relating to the processing of your data by Twitter and your rights and setting options to protect your personal data are contained in the Twitter data protection statement (https://twitter.com/de/privacy).

12.4. LinkedIn

We link to the LinkedIn network ("LinkedIn") on the picturemaxx website. LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. The link is recognisable by the LinkedIn logo. Your web browser will establish a connection to the LinkedIn server when you click the link. LinkedIn's data protection statement is available at https://www.linkedin.com/legal/privacy-policy. LinkedIn's cookie regulations are available at https://www.linkedin.com/legal/cookie-policy.

12.5. Xing

This service uses a link to the social network xing.com, which is operated by XING AG ("Xing"), Gänsemarkt 43, 20354 Hamburg, Germany. When you click on the link, your web browser connects to the Xing server. This link is recognisable by the Xing logo. The purpose and scope of data collection and further processing and use of the data by Xing as well as your rights and settings options for the protection of your privacy are detailed in the Xing data protection statement at https://privacy.xing.com/en.

12.6. Instagram

We link to the Instagram network ("Instagram"), which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA. The link is identified by the Instagram logo in the form of an "Instagram camera". If you click such an Instagram logo your browser will establish a direct connection to the Instagram servers. The purpose and scope of data collection and further processing and use of the data by Instagram as well as your rights and settings options for the protection of your privacy are detailed in the Instagram data protection statement at: https://help.instagram.com/155833707900388.

12.7. Google+

We link to Google+. Google+ is operated by the Google Inc. ("Google"), 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. The link is recognisable by the Google+ logo. If you click such a Google + logo your browser will establish a direct connection to the Google+ servers. More information about the purpose and scope of data collection and the processing of such data by Google is provided in Google's privacy policy. This policy also provides more information about your rights and the settings which enable you to protect your privacy: http://www.google.de/intl/de/policies/privacy.

13. Disclosure to third parties

13.1. Principles

We will only pass on your personal data – and will inform you appropriately – in compliance with the applicable data protection laws to service providers, business partners, affiliated undertakings and other third parties.

We may disclose personal data to service providers working on our behalf and require them to perform services in our name (order processing). These service providers may be affiliated undertakings of picturemaxx or external service providers. In this context we comply with stringent national and European data protection regulations. These service providers are bound by our instructions and are subject to stringent contractual limitations on the processing of personal data. Accordingly, data may only be processed if this is necessary for the performance of services in our name or in order to comply with legal requirements. We stipulate precisely and in advance the rights and obligations of our service providers in relation to personal data.

We may disclose personal data to a third party if we are required to do so by law or in legal proceedings or in order to supply and manage our products and services. We may also be required to provide information to law enforcement agencies or other public authorities. We are also authorised to release data if such disclosure of information is necessary for the purposes of collaboration and thus of providing picturemaxx services to you or if you declare your consent to such disclosure. Disclosure can also rarely be avoided in the course of tax audits.

13.2. Server housing

Our website and thus also your data are housed on picturemaxx’s servers with QSC AG ("QSC"), Mathias-Brüggen-Str. 55, 50829 Cologne in Munich, Germany. QSC may only access the servers or respectively the data on the servers in accordance with our instructions (order processing). QSC also adopts stringent technical measures to protect your personal data. Your data are held exclusively on picturemaxx servers in Germany and QSC has only access to those servers in a case of emergency and only in line with our instructions.

The processing of your data is legitimate under Article 6 (1) sentence 1 f) GDPR. The purpose of processing data is that QSC provides the premises and infrastructure to run the picturemaxx servers. More information about data protection and the period for which your data etc. are stored by QSC is available at: https://www.qsc.de/de/datenschutz/

13.3. Amazon

For the provision of cloud infrastructure services, picturemaxx uses the services of Amazon Web Services Inc. ("Amazon"), 410 Terry Avenue North, Seattle WA 98109, United States. Amazon may only use the data in accordance with our instructions (order processing). Amazon also adopts stringent technical measures to protect your personal data. Amazon does not pass on your personal data to third parties unless this is necessary in order to perform the agreed services or if Amazon is required to do so by law or to comply with a valid and mandatory instruction issued by a government or regulatory authority. The data provided for this purpose are kept to a minimum. In some circumstances, Amazon may also store the information in countries outside the EEA. Amazon will, however, take the necessary steps to ensure that an appropriate level of data protection is maintained. If Amazon sends your data to the United States, for example, additional measures are taken, such as concluding EU-compliant data transmission agreements with the data importer if this is necessary. Amazon participates in the EU-US Privacy Shield Framework.

The processing of your data is legitimate under Article 6 (1) sentence 1 f) GDPR. The purpose of processing data is that Amazon does to store picturemaxx’s data on Amazon servers.

The duration of the data storage depends on the legal storage obligations.

More information from Amazon about data protection is available at:
https://aws.amazon.com/compliance/eu-data-protection/?nc1=h_ls.

13.4. Salesforce

picturemaxx stores and uses the data you provide on the website in systems of salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany ("Salesforce") for the purposes of customer relationship management ("CRM"). Salesforce may only access the data in accordance with our instructions (order processing). Salesforce also takes strict technical measures to protect your personal information. Salesforce will not disclose your personal data to third parties unless such disclosure is necessary to complete the agreed services or Salesforce must do so in order to comply with the law or a valid and binding directive from a government or supervisory authority. The data transmitted for this purpose is limited to the necessary minimum. The legal basis for the processing of your data is Article 6 (1) sentence 1 f) GDPR. The purpose of data processing is for Salesforce to help us with CRM. The duration of the data storage depends on the legal storage obligations.

For more information about Salesforce's privacy practices, please visit: https://www.salesforce.com/uk/company/privacy/

13.5. Other service providers

Other picturemaxx service providers that are recipients of personal data are our freelancers, who support us in the following areas:

  • Customer support
  • Administration
  • Development
  • Programming
  • CRM

These service providers are also obliged within the framework of order processing agreements in accordance with Section 14.1.

The legal basis for the processing of your data is Article 6 (1) sentence 1 f) GDPR. The duration of the data storage depends on the legal storage obligations.

14. Security standards

picturemaxx has implemented appropriate physical, technical and administrative security standards to protect personal data against loss, misuse, modification or destruction. Our service providers and associated undertakings are contractually committed to safeguarding the confidentiality of personal data. They are also prohibited from using data for purposes not approved by us.

15.  Changes to this statement

We may update this Data Protection Statement from time to time. We therefore recommend that you regularly read this Data Protection Statement to ensure that you are familiar with our data protection practice. This Data Protection Statement was last updated on May 23, 2018.

PRINT
 
 
 

© 2018

picturemaxx AG. All rights reserved. Errors excepted.

powered by BACKSTAGE

Search

Cookies

Our website uses cookies to provide necessary site functionality and improve your user experience. By continuing to browse this website, you are agreeing to the use of cookies. Further details

Ok