Privacy Policy

of MediaSupply, a data base of proFoto Werbeagentur GmbH („MediaSupply“)

Stand: November 2022

1. Person Responsible

The controller responsible for data processing is proFoto Werbeagentur GmbH, Alfred-Nobel-Straße 6, 97080 Wuerzburg, Germany.

2. Purpose, duration and legal bases for data processing

Your personal data are processed on the basis of your consent (Art. 6 para. 1 p. 1 lit. a) GDPR). If you send us your personal data by e-mail when you contact us, we will process your personal data to process your requests, to contact you and possibly also to execute pre-contractual measures or to fulfil a contract (Art. 6 para. 1 p. 1 lit. b) GDPR). If required, the processing of your data will extend beyond the actual fulfilment of the contract to include the safeguarding of our legitimate interests or those of third parties as follows: The review and optimisation of processes for needs analysis and direct contact, advertising or market and opinion research, provided you have not objected to the use of your data, the assertion of legal claims and defence in the event of legal disputes, to guarantee IT security and IT operation, the facilitation of various different payment methods for your online order(s), to guarantee the operation of our website, the use of social media functions and measures for business management and the further development of services and products (Art. 6 para. 1 p. 1 lit. f) GDPR). 

We are also subject to various retention and documentation obligations and may also be legally obliged to share personal data to authorities (Art. 6 para. 1 p. 1 lit. c) GDPR).

Data are transferred to third countries (states outside the EU and the European Economic Area – EEA) only if to do so is required to execute contracts concluded with you or by law, or if you have given us your consent to do so.

We will provide details to you separately, if required by law.

3. Processing of personal data

3.1 Logfiles

However, when the website of MediaSupply is accessed, the following data is automatically logged by the web server:

  • IP address of the requesting PC;
  • Date and time of the request;
  • Access method/function requested by the requesting PC;
  • Entry values (e.g. file name) requested by the requesting PC;
  • Web server access status (file transferred, file not found, command not executed etc.);
  • Name of the requested file and
  • URL from which the file was requested/the desired function was released.

This information is used exclusively for the purpose of identifying and tracing unauthorised accesses to the web server and other criminal acts. The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f) GDPR. Our legitimate interests are the assurance of IT security as well as the assurance of the operation of our Internet presence. The recipient of the data is our processor, Aut O’Mattic A8C Ireland Ltd. (WordPress), who is the provider of our content management system.

3.2 Cookies

This pro Foto Werbeagentur GmbH website uses the following types of cookies, the scope and functionality of which will be explained below:

  • technically essential cookies/similar technologies; and
  • marketing cookies/similar technologies.

Cookies are text files that are saved on your computer by the browser and contain information about the use of our website. The following cookies/similar technologies are used on our website:

Technically essential cookies/similar technologies

Name of the cookie/similar technology

Purpose

Legal basis

Recipient

Storage period

WPML

wp-wpml_current_language

WPML is a multi-language plugin for WordPress websites. The cookies store the user’s language and can redirect the user to the version of the website that matches the language of the user’s browser.

Section 25 (2) No. 2 of the German Telecommunications-Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutzgesetz, TTDSG)

MediaSupply, Aut O’Mattic A8C Ireland Ltd. (WordPress)

1 day

wp-wpml_current_admin_language_*

WPML is a multi-language plugin for WordPress websites. The cookies store the user’s language and can redirect the user to the version of the website that matches the language of the user’s browser.

Section 25 (2) No. 2 of the German Telecommunications-Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutzgesetz, TTDSG)

MediaSupply, Aut O’Mattic A8C Ireland Ltd. (WordPress)

Unlimited

_icl_visitor_lang_js

WPML is a multi-language plugin for WordPress websites. The cookies store the user’s language and can redirect the user to the version of the website that matches the language of the user’s browser.

Section 25 (2) No. 2 of the German Telecommunications-Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutzgesetz, TTDSG)

MediaSupply, Aut O’Mattic A8C Ireland Ltd. (WordPress)

Session

wpml_browser_redirect_test

WPML is a multi-language plugin for WordPress websites. The cookies store the user’s language and can redirect the user to the version of the website that matches the language of the user’s browser.

Section 25 (2) No. 2 of the German Telecommunications-Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutzgesetz, TTDSG)

MediaSupply, Aut O’Mattic A8C Ireland Ltd. (WordPress)

Session

Elementor

elementor

Elementor is the software used to create the layout of this website. Cookies are used to save the number of page views and the user’s active sessions. The data collected is not used for analytical purposes and is instead only used to ensure that hidden elements are not displayed again during multiple active sessions, for example.

Section 25 (2) No. 2 TTDSG

MediaSupply, Aut O’Mattic A8C Ireland Ltd. (WordPress)

Unlimited

elementor

Elementor is the software used to create the layout of this website. Cookies are used to save the number of page views and the user’s active sessions. The data collected is not used for analytical purposes and is instead only used to ensure that hidden elements are not displayed again during multiple active sessions, for example.

Section 25 (2) No. 2 TTDSG

MediaSupply, Aut O’Mattic A8C Ireland Ltd. (WordPress)

Session

Real Cookie Banner

real_cookie_banner*

Real Cookie Banner asks website visitors for their consent to save cookies and process personal data. For this purpose, a UUID (pseudonymous user identification) is assigned to each website visitor, which is valid until the cookie used to save consent expires.

Section 25 (2) No. 2 TTDSG

MediaSupply, Aut O’Mattic A8C Ireland Ltd. (WordPress)

1 day

real_cookie_banner*-tcf

Real Cookie Banner asks website visitors for their consent to save cookies and process personal data. For this purpose, a UUID (pseudonymous user identification) is assigned to each website visitor, which is valid until the cookie used to save consent expires.

Section 25 (2) No. 2 TTDSG

MediaSupply, Aut O’Mattic A8C Ireland Ltd. (WordPress)

Unlimited

real_cookie_banner-test

Real Cookie Banner asks website visitors for their consent to save cookies and process personal data. For this purpose, a UUID (pseudonymous user identification) is assigned to each website visitor, which is valid until the cookie used to save consent expires.

Section 25 (2) No. 2 TTDSG

MediaSupply, Aut O’Mattic A8C Ireland Ltd. (WordPress)

Session

Google

NID (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

1 month

rc::a (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

Unlimited

rc::b (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

Unlimited

rc::c (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

Unlimited

SIDCC (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

1 year

__Secure-3PAPISID (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

2 years

SSID (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

2 years

SAPISID (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

2 years

APISID (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

2 years

HSID (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

2 years

SID (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

2 years

__Secure-3PSID (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

2 years

SEARCH_SAMESITE (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

6 months

CONSENT (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

18 years

1P_JAR (Google reCAPTCHA)

Google reCAPTCHA is a solution for detecting bots, e.g. when entering data in online forms, and for preventing spam. It uses cookies to identify the user within the data about the user known to Google and to evaluate the user’s degree of maliciousness. This aggregated data can be linked to data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

Section 25 (2) No. 2 TTDSG

Google Ireland Limited

1 month

Marketing cookies/similar technologies

Name of the cookie/similar technology

Purpose

Legal basis

Recipient

Storage period

___

___

___

___

___

3.3 Google reCAPTCHA

We also use the reCAPTCHA feature from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (‘Google’) on this website. This feature is mainly used to detect whether input is coming from a natural person or whether the site is being misused by a bot (i.e. machine and automated processing). The service includes the processing of the IP address, all cookies that Google has saved over the past 6 months, browser language settings, browser plug-ins, Java scripts, time spent on the website, mouse or touch pad movements and the cookie ID as well as any other data required by Google for the reCAPTCHA service. The legal basis for data processing is Article 6 (1) (f) GDPR. Our legitimate interest lies in determining individual personal responsibility on the Internet and avoiding misuse and spam on our website. When using Google reCAPTCHA, personal data may also be transmitted to Google LLC servers in the USA.

Where personal data is transmitted to, stored and further processed on Google servers in the USA, Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland has concluded agreements with the Google companies based in the USA that incorporate the standard data protection clauses adopted by the EU Commission, which allow personal data to be transferred to the USA in individual cases.

For more information about Google reCAPTCHA and Google’s privacy policy, please visit: https://www.google.com/intl/de/policies/privacy/.

3.4 Contact form

You will find a contact form on MediaSupply’s website. The data you enter there will be stored for the purpose of individual communication with you, and the data processing is justified, in accordance with Art. 6 para. 1 p. 1 lit. f) GDPR, by our desire to offer you a simple contact option. Your data will also be stored for the purpose of answering your request, as well as for possible follow-up questions.

If you contact us in order to request a quote, the legal basis for data processing is Art. 6 para. 1 p. 1 lit.  b) GDPR.

3.5 Website content management system

We use the ‘Wordpress’ content management system from our processor Aut O’Mattic A8C Ireland Ltd. to display our website in an attractive way. The processing takes place on the basis of our legitimate interest in accordance with Article 6 (1) (f) GDPR. Our legitimate interest is to provide you with a website that is as attractive and as user-friendly as possible. The recipient of the data processed in this respect is Aut O’Mattic A8C Ireland Ltd. The personal data will be processed for as long as is necessary to fully achieve the specified purpose.

3.6 Elementor

We use Elementor software from Elementor Ltd., Tuval St 40, Ramat Gan, 5252247, Israel. This was used to create the layout of this website. Cookies are used to save the number of page views and the user’s active sessions. The data collected is not used for analytical purposes and is instead only used to ensure that hidden elements are not displayed again during multiple active sessions, for example. The legal basis for processing is Article 6 (1) (f) GDPR in conjunction with Section 25 (2) No. 2 TTDSG. Our legitimate interest lies in us wanting to display to you a secure website that does not show multiple sessions at the same time. The recipient of the data processed in this respect is Aut O’Mattic A8C Ireland Ltd. The personal data will be processed for as long as is necessary to fully achieve the specified purpose.

3.7 Real Cookie Banner

We use the cookie banner from devowl.io GmbH, Tannet 12, 94539 Grafling (‘Real Cookie Banner’). Real Cookie Banner asks website visitors for their consent to save cookies and process personal data. For this purpose, a UUID (pseudonymous user identification) is assigned to each website visitor, which is valid until the cookie used to save consent expires. Cookies are used to test whether cookies can be saved, to save reference to documented consent, to save which services from which service groups the visitor has consented to, and, if consent is obtained under the Transparency & Consent Framework (TCF), to store consent to TCF partners, purposes, special purposes, features and special features. As part of the disclosure obligation in accordance with the GDPR, consent collected is fully documented. In addition to the services and service groups to which the visitor has consented, and if consent is obtained according to the TCF standard, to which TCF partners, purposes and features the visitor has consented, this includes all cookie banner settings at the time of consent as well as the technical circumstances (e.g. size of the area displayed at the time of consent) and user interactions (e.g. clicking on buttons) that resulted in consent. Consent is collected once for each language. The legal basis for processing is our legal obligation and our legitimate interest in accordance with Article 6 (1) (c) and (f) GDPR in conjunction with Section 25 (2) No. 2 TTDSG. Our legitimate interest is to give you a choice as to which cookies are saved when you visit our website and which are not.

3.8 Emojis

We also use an emoji set for our website content management system. WordPress Emoji is an emoji set loaded from wordpress.org. No cookies in the technical sense are saved on the user’s client, but technical and personal data such as the IP address are transmitted from the client to the service provider’s server to facilitate use of the service. The legal basis for this is your freely given consent in accordance with Article 6 (1) (a) GDPR. Personal data will be processed for as long as is necessary to achieve the purpose.

3.9 Google Fonts

This site uses web fonts to consistently display fonts, which are provided by Google Ireland Limited Gordon House, Barrow Street Dublin 4. Ireland (‘Google’). When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

Your browser has to connect to Google’s servers to do so. As a result, Google will learn that your IP address has accessed our website. We use Google Fonts to ensure that our website content is displayed in a consistent and attractive way. This constitutes a legitimate interest within the meaning of Article 6 (1) (f) GDPR. We use Google Fonts to make the display of our entire online service as attractive and consistent as possible.

If your browser does not support web fonts, your computer will use the standard font.

Further information about Google Web Fonts is available at https://developers.google.com/fonts/faq and in Google’s privacy policy at https://www.google.com/policies/privacy/.

4. User rights

4.1 Withdrawal of consent, objection

If you have given MediaSupply consent to the processing of personal data in the context of using MediaSupply’s services, you can withdraw this consent at any time with effect for the future in accordance with Article 7 (3) GDPR. . The revocation can be sent by email to datenschutz@mediasupply.eu or in writing to the address listed below. The effects of the revocation will be limited to the storage and use of personal data that may not be used or stored without your consent based on statutory permissions. This withdrawal of consent, once declared to us, will have an impact on the permissibility of the processing of your personal data. However, please note that it may not then be possible to process the data concerned in the future.

If we base the processing of personal data on the balance of interests, you may object to the processing pursuant to Article 21 GDPR. This will be the case if the processing is not specifically required to fulfil a contract with you. If you lodge such an objection, we would ask you to tell us why we should no longer process your data in the manner in which we have previously done so. If you provide a reasoned objection, we will review the matter and either cease or adapt our data processing or present you with the compelling legitimate reasons which permit us to continue to process your data. If you have exercised your right to object, the data controller will no longer process your personal data unless it can prove that there are compelling legitimate grounds for the processing that outweigh the data subject’s interests, rights and freedoms or that the processing serves the purpose of the assertion, exercise or defence against legal claims.

You can of course object at any time to the processing of your personal data for the purposes of advertising and data analysis. You can notify us of your objection to advertising by e-mailing us at:  datenschutz@mediasupply.eu or via the address given below.

4.2 Your other rights

On request, MediaSupply will provide you pursuant to Article 15 GDPR with information concerning the personal data stored by MediaSupply. You also have the option at any time to require MediaSupply to correct your data pursuant to Article 16 GDPR, to erase it pursuant to Article 17 GDPR or to restrict the processing thereof pursuant to Article 18 GDPR. Pursuant to Article 20 GDPR, you have the right to require us to hand over to you or a third party in a common machine-readable format data that we have automatically processed on the basis of your consent or for the fulfilment of a contract. If you have requested that the data be directly transferred to another controller, this will be done only if it is technically feasible.

The only data that will be excluded from deletion are those that MediaSupply requires for processing outstanding orders or for asserting existing rights and claims, as well as data that MediaSupply has to store as required by law. Such data will however be blocked.

You also have the right to lodge a complaint with a data protection supervisory authority pursuant to Article 77 GDPR.

We will be happy to provide you with further assistance.

Address:

pro Foto Werbeagentur GmbH,

Alfred-Nobel-Str. 6,

97080 Wuerzburg,

Germany

info@mediasupply.eu

Platforma pro správu souhlasů od Real Cookie Banneru