Data Protection Policy

Data protection information

We welcome you to our website and thank you for your interest in our company. The protection of your personal data is important to us. We process your data in compliance with the applicable legal provisions on the protection of personal data, especially the EU General Data Protection Regulation (EU-GDPR) and the country-specific implementation laws applicable to our company.
Our privacy statement explains which of your personal data we will collect via our website, what we use it for, when we will delete them and how your data is protected as best as possible through security measures. We will also inform you about the respective legal basis that allows us the corresponding processing of data.
You will also be informed about the statutory rights in connection with the processing of this data.

Personal data is such information which allow for the identification of an individual. This includes, in particular, name, address, date of birth, phone number, e-mail address and also IP address.

It is anonymous data if it is not possible to make a reference to the user.
The responsible party according to the data protection law is:

MGV Stromversorgungen GmbH
Bayerwaldstraße 27
D – 81737 München

Data collection / personal data

When you visit our website, we usually do not require any personal data from you. When visiting our website, you only transmit data to our web server via the Internet browser (out of technical necessity).
The following data for the communication between your Internet browser and our web server is recorded during the active connection:

• Web browser and operating system
• Name of the Internet service provider
• Information about the website from which your visit originated
•  Information about the websites that you retrieve on our site, the date and time of day of the visit
• Name of the requested file; whether, for example, the file has been transmitted data volume
• The IP address assigned to you by your Internet service provider
For reasons of technical security – especially to fend off attempted attacks against our web server – we will store this data according to Section 6 Para. 1 lit. f EU-GDPR. The data will be anonymised after seven days at the latest by shortening the IP address at the domain level. A reference to the individual user will not be established. The data will be processed only in anonymised form for statistical purposes.

Other data collections

We will process all the personal data that we obtain from you via the website solely for the purposes described below in more detail. This takes place in accordance with the legal provisions in each case or only with your consent respectively.
Section 6 EU-GDPR, in particular, specifies when the processing of data is allowed. It names the constellations when processing of data is allowed. This is the case, for example,
• if you have given consent (Section 6, Para. 1 lit. a EU-GDPR)
•  if the data is required for the performance of a contract / precontractual measures (Section 6 Para. 1 lit. b EU-GDPR),
•  if the data is required for meeting a legal obligation (Section 6 Para. 1 lit. c EU-GDPR) or
•  for the protection of our company’s legitimate interests unless your interests worthy of protection do not outweigh them (Section 6 Para. 1 lit. f EU-GDPR).
Collected data will always be kept confidential. Only authorised persons involved in each case with the technical, commercial or customer support have access to your data in our company.
We will not disclose your data to third parties unless we are legally required to do so.

Contact form / making contact by e-mail (legal basis Section 6 Para. 1 lit. a, b EU-GDPR)

A contact form is provided on our website which can be used for making electronic contact. If you contact us via the contact form, we will process your data in order to contact you and to answer any questions/requests. In this case we will observe the principle of data minimisation and data avoidance so that you need only to provide the data that we need in order to get in contact with you. This include your e-mail address as well as the message field itself. Your IP address will also be processed for technical reasons as well as for legal protection purposes. All other data is entered in optional fields and can be optionally provided (e.g. for a more tailored reply to your questions). If you contact us by e-mail, we will process all personal data provided in the e-mail solely to process your request.

Webshop (Section 6 Para. 1 lit. b EU-GDPR)

We will process the data you provided on the order form only for performing or processing the contractual relationship unless you have given consent for further use. The principle of data minimisation and data avoidance will be observed by only having to provide data that we need to fulfil the contract or for performing our contractual obligations (your name, address, e-mail address as well as the payment data required for the selected type of payment). Your IP address will also be processed for technical reasons as well as for legal protection purposes. Unfortunately, we have to reject the conclusion of the contract without these data as we won’t be able to perform the contract or might have to terminate an existing contract. Of course, you are free to provide more data if you wish to do so.

Newsletter (Section 6 Para. 1 lit. a EU-GDPR)

You can subscribe to a free newsletter on our website. The e-mail address and your name provided with the newsletter registration will be used for sending the personalised newsletter. The principle of data minimisation and data avoidance will be observed as only the e-mail address (possibly the name in case of a personalised newsletter) is marked as a required field. Your IP address will also be processed with the order of the newsletter for technical reasons and for legal protection purposes. Of course, You can unsubscribe via the unsubscribe option provided in the newsletter, thus revoking your consent. You also have the option at any time to unsubscribe from the newsletter directly on our website.

Promotional material for existing customers (Section 6 Para. 1 lit. f EU-GDPR)

The MGV Stromversorgungen GmbH will not send any promotional offers to you.

Payment systems (Section 6 Para. 1 lit. a, b EU-GDPR), credit assessment (section 6 Para. 1 lit. f EU-GDPR)

In our online shop you can pay on account and with credit card. For this purpose, we will collect the corresponding payment-related data in order to be able to carry out your order as well as the processing of the payment. Your IP address will also be processed for technical reasons as well as for legal protection purposes.
We will observe the principle of data minimisation and data avoidance so that you only have to provide the data that we need to carry out the payment processing and thus the processing of the contract and to which we are legally required.
Unfortunately, we have to reject the conclusion of the contract without this data as we won’t be able to perform the contract.
Our payment system uses a SSL encryption for the protected transmission of your data. 
Note regarding the payment: Should you select the advanced payment option in our online shop, we will send you an advance payment invoice and you will receive the goods including invoice after the transfer. A credit assessment will not be carried out in this case. In case of a credit risk, we will transfer your data (name, address, mail address, information about the company and possibly contract and claim data) to the IHD Gesellschaft für Kredit und Forderungsmanagement mbH, Augustinusstr. 11 B, 50226 Frechen and possibly to other cooperating credit agencies for the credit assessment as well as for checking the deliverability and for the collection processing. Section 6 I b GDPR and Section 6 I f GDPR form the legal basis of this transmission. Transmissions based on Section 6 I f GDPR may take place only if this is required to protect our company’s legitimate interests and if they do not outweigh the interests or fundamental rights and freedoms of the affected person that require the protection of personal data.
For decision-making about the justification, execution or termination of the contractual relationship, we will also collect or use automatically generated probability values that use, among other things, address data for their calculation. Go to  ww.ihd.de/datenschutz/Artikel14.html to find detailed information about our contractual partner, the IHD, in accordance with Section 14 GDPR – thus the business purpose – the purpose of the local data storage, the legal basis, the data recipients of the IHD, about the right of voluntary disclosure and the right to deletion and correction as well as profiling. For information about their contractual partners in the area of credit agencies, please go to: www.ihd.de/datenschutz#vertragspartner

Note regarding the credit card payment:

As is common with credit card payments, the information in regard to the credit card will be verified and a credit assessment will be performed.

 Cookies (section 6 Para. 1 lit a EU-GDPR in case of consent)

Our websites use cookies in several places. They are used to make our offers more userfriendly, more effective and more secure. Cookies are small text files which are stored on your computer and which your browser saves (locally on your hard drive). These cookies allow us to analyse how visitors use our websites. This allows us to design the website contents according to the needs of the visitors. The cookies also give us the opportunity to measure the effectiveness of a certain display and to place it, for example, according to the thematic user interests. Most of the cookies used by us are “session cookies”. They will be automatically deleted after your visit. Permanent cookies will be automatically deleted from your computer if their period of validity (usually six months) has been reached or if you delete them yourself prior to the expiry of the validity. Most web browsers will accept cookies automatically. However, you can usually change the settings of your browser if you prefer not to send the information. You can still use the offers on our website without restrictions (exception: configuration tools). We use cookies to make our offer more user-friendly, more effective and more secure. We also
use cookies that allow us to analyse how visitors use our websites. This allows us to design the website contents accordingly. The cookies also give us the opportunity to measure the effectiveness of a certain display and to place it, for example, according to the thematic user interests. Cookies are saved on the user’s computer and sent from this computer to our site. As a user, you have therefore also full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Furthermore, cookies already set can be deleted at any time via an Internet browser or other software programs. This is possible with all common Internet browsers.

Please note:

If you deactivate the placement of cookies, not all functions on our website may not be fully available.

User profiles /web tracking processes

Analysis programs and other methods to evaluate your user behaviour are not used on our website.

Social plug-ins of social networks

We do not use social plug-ins of social networks.

Data transmissions – recipients / categories of recipients

• Government authorities and institutions (such as, the tax office)
• Companies that perform the credit assessment
• Other business units in the group of companies
• Shipping providers, suppliers, pay services
• Departments: Only authorised persons that are involved in each case with the technical, commercial or customer support have access to personal data

Secure transmission of your data

In order to protect the data against accidental or wilful manipulations, loss, destruction or access by unauthorised persons, we use the corresponding technical and organisational security measures. The data exchange from and to our website is encrypted in each case. We offer HTTPS for our website as a transmission protocol. There is also, the option to use alternative communication paths (e. g. the mailing route).

Online offers in case of children

Children and persons under the age of 16 are not allowed to transmit personal data to us or to provide a declaration of consent without the consent of a legal guardian (usually a parent). We would like to ask parents and legal guardians to actively participate in the online activities and interests of their children.

Links to other providers

Our website also contains – clearly visible – links to websites of other companies. If links to websites of other providers exist, we have no influence on their contents. We can therefore not be made liable for said content The corresponding provider or operator of the site is always responsible for the content of said site. Linked sites are checked for any possible and identifiable legal violations at the time the link was established. Unlawful content could not be identified at the time the link was established. However, a constant content check of linked sites is not reasonable without any specific indications of a legal violation. Should legal violations become known, such links will be immediately removed.

Rights of affected persons / further questions?

Under the legal requirements, you have the right to the free information of your data as well as the right to a correction and restriction of the processing as well as the deletion of your data unless a legal retention period exists. You can also object to the data processing, assert your right to data portability or file a complaint against the data processing at the competent regulatory authority for data privacy. If you have given us consent for the processing of data, you can, revoke this consent at any time with effect for the future without providing reasons. Please do not hesitate to contact our data protection officer who will gladly answer any questions (datenschutz@mgv.de).

Transparency and information obligations for customers, clients, contractual partners and interested parties
of
MGV Stromversorgungen GmbH according to the EU General Data Protection Regulation (GDPR)

Here you will find more information: MGV_Information_EU_GDPR.pdf