top of page

Privacy Policy

Introduction

We ("we", "us", "our") take the protection of the data of users ("users" or "you") of our website and/or our mobile app (the "website" or the "mobile app") very seriously and are committed to protecting the information that users provide to us, in connection with the use of our website and/or our mobile app (together: "digital assets"). Furthermore, we are committed to protecting and using your data in accordance with applicable law.

This privacy policy explains our practices regarding the collection, use and disclosure of your data through the use of our digital assets (the "services"), when you access the services through your devices.

Please read the privacy policy carefully and make sure that you fully understand our practices regarding your data before you use our services. If you have read, fully understood and do not agree with our approach, you must stop using our digital assets and services. By using our services, you accept the terms of this privacy policy. Your continued use of the services constitutes your acceptance of this privacy policy and any amendments to it.

In this privacy policy you will learn:

 

  • How we collect data

  • What data we collect

  • Why we collect this data

  • Who we share the data with

  • Where the data is stored

  • How long the data is kept

  • How we protect the data

  • How we deal with minors

  • Updates or changes to the privacy policy

What data do we collect?

Below is an overview of the data we may collect:

 

  • Non-identified and non-identifiable information that you provide during the registration process or that is collected through the use of our services ("non-personal data"). Non-personal data does not allow conclusions as to who collected it. Non-personal data that we collect consists mainly of technical and aggregated usage information.

  • Individually identifiable information, namely information that identifies you or can identify you with reasonable effort ("personal data"). The personal data we collect through our services may include information requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses and more. When we combine personal data with non-personal data, we will treat it as personal data for as long as it remains combined.

How do we collect data?

Below are the main methods we use to collect data:

 

  • We collect data when you use our services. So, when you visit our digital assets and use services, we may collect, record and store usage, sessions and related information.

  • We collect data that you provide us yourself, for example, when you contact us directly via a communication channel (such as an email with a comment or feedback).

  • We may collect data from third-party sources as described below.

  • We collect data that you provide us when you log into our services via a third-party provider, such as Facebook or Google.

Why do we collect this data?

We may use your data for the following purposes:

 

  • to provide and operate our services;

  • to develop, customize and improve our services;

  • to respond to your feedback, requests and wishes;

  • to analyze request and usage patterns;

  • for other internal, statistical and research purposes;

  • to improve our data security and fraud prevention capabilities;

  • to investigate violations and enforce our terms and policies and to comply with applicable law, regulations or governmental orders;

  • to provide you with updates, news, promotional materials and other information related to our services. For promotional emails, you can decide yourself whether you want to continue receiving them. If not, simply click on the unsubscribe link in these emails.

Who do we share this data with?

We may share your data with our service providers in order to operate our services (e.g. storing data via third-party hosting services, providing technical support, etc.).

 

We may also disclose your information in the following circumstances: (i) to investigate, detect, prevent or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (ii) to establish or exercise our rights to defend against legal claims; (iii) to protect our rights, property or personal safety and the safety of our users or the public; (iv) in the event of a change of control in us or in any of our affiliated companies (through merger, acquisition or purchase of (substantially) all assets, etc.); (v) to collect, hold and/or manage your data through authorized third-party vendors (e.g. cloud service providers), as reasonable for business purposes; (vi) to cooperate with third parties to improve your user experience. To avoid misunderstandings, we may transfer and disclose to third parties or otherwise use non-personal data at our own discretion.

 

Cookies and similar technologies

When you visit or access our services, we authorize third parties to use web beacons, cookies, pixel tags, scripts and other technologies and analytics services ("tracking technologies"). These tracking technologies may enable third parties to automatically collect your data to improve the navigation experience on our digital assets, optimize their performance and ensure a tailored user experience as well as for security and fraud prevention purposes.

 

To learn more about this, please read our Cookie Policy.

 

We will not share your email address or other personal data with advertising companies or advertising networks without your consent.

Where do we store the data?

Non-personal data

Please note that our companies as well as our trusted partners and service providers are located around the world. For the purposes explained in this privacy policy, we store and process all non-personal data that we collect in different jurisdictions.

 

Personal data

Personal data may be maintained, processed and stored in the United States of America, Ireland, South Korea, Taiwan, Israel and to the extent necessary for the proper provision of our services and/or as required by law (as further explained below) in other jurisdictions.

How long is the data retained?

Please note that we retain the collected data for as long as necessary to provide our services, to comply with our legal and contractual obligations to you, to resolve disputes and to enforce our agreements.

We may correct, amend or delete inaccurate or incomplete data at any time at our own discretion.

How do we protect the data?

The hosting service for our digital assets provides us with the online platform through which we can offer you our services. Your data may be stored through our hosting provider's data storage, databases and general applications. It stores your data on secure servers behind a firewall and it provides secure HTTPS access to most areas of its services.

 

Regardless of the measures and efforts taken by us and our hosting provider, we cannot and do not guarantee absolute protection and security of the data you upload, publish or otherwise share with us or others.

For this reason, we would like to ask you to set secure passwords and, if possible, not to provide us or others with any confidential information whose disclosure you believe could cause you substantial or irreparable harm. Furthermore, because email and instant messaging are not considered secure forms of communication, we request that you do not share any confidential information through either of these communication channels.

How do we deal with minors?

Minors can use our services. However, if they want access to certain features, they may have to provide certain information. Some data (including data collected through cookies, web beacons and other similar technologies) may be collected automatically. If we knowingly collect, use or disclose information collected from a child, we will provide notice and seek parental consent in accordance with applicable law. We do not condition a child's participation in an online activity on the child providing more contact information than is reasonably necessary to participate in that activity. We only use the data we collect in connection with the services the child requested.

 

We may also use a parent's contact details to communicate about the child's activities in the services. Parents may review data we have collected from their child, prohibit us from collecting further data from their child and request that any data we have collected be deleted from our records.

 

Please contact us to review, update or delete your child's data. To protect your child, we may ask you to provide proof of your identity. We may deny you access to the data if we believe your identity is questionable. Please note that certain data cannot be deleted due to other legal obligations.

We will only use your personal data for the purposes set out in the privacy policy and only when we are satisfied that:

 

  • the use of your personal data is necessary to perform or conclude a contract (e.g. to provide you with the services themselves or customer service or technical support);

  • the use of your personal data is necessary to comply with relevant legal or regulatory obligations or

  • the use of your personal data is necessary to support our legitimate business interests (provided that it is done at all times in a way that is proportionate and respects your data protection rights).

 

As an EU resident, you can:

  • request confirmation as to whether or not personal data concerning you is being processed and access to your stored personal data and certain supplementary information;

  • request to receive personal data you have provided to us in a structured, commonly used and machine-readable format;

  • request the correction of your personal data that is stored by us;

  • request the deletion of your personal data;

  • object to the processing of your personal data by us;

  • request the restriction of processing of your personal data

  • or file a complaint with a supervisory authority.

 

Please note, however, that these rights are not unlimited and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal data we collect and how we use it, please contact us as set forth below.

 

In the course of providing the services, we may transfer data across borders to affiliated companies or other third parties and from your country/jurisdiction to other countries/jurisdictions around the world. By using the services, you consent to the transfer of your data outside the EEA.

 

If you are located in the EEA, your personal data will only be transferred to locations outside the EEA where we are satisfied that an adequate or comparable level of protection of personal data is in place. We will take appropriate steps to ensure that we have adequate contractual arrangements with our third parties to ensure that appropriate security measures are in place so that the risk of unlawful use, alteration, deletion, loss or theft of your personal data is minimized and that these third parties act at all times in accordance with applicable laws.

​Updates or changes to the privacy policy

We may revise this privacy policy at our sole discretion from time to time, the version posted on the website is always current (see indication of "status"). We ask you to check this privacy policy regularly for changes. In case of significant changes, we will publish a notice on our website. If you continue to use the services after being notified of changes on our website, this will be considered as your confirmation and consent to be bound by the changes to the privacy policy.

Contact

If you have general questions about the services or the data we collect about you and how we use it, please contact us at:

 

Name: Hanspeter Beißer

Address: Stiftung Maximilianeum, Max-Planck Straße 1, 81675 Munich

Email address: stiftung@maximilianeum.de

bottom of page