Matthias Rosenberger, Bernadette Schramm and Nils-Claudio Sierck are responsible for editorial content in accordance with Section 18 II of the German State Media Treaty (Medienstaatsvertrag – MStV).
Malao GmbH is a corporation under German law and it is entered in the commercial register of Munich under HRB 256899 and its VAT identification number is DE331164489.
The managing partners are Matthias Rosenberger, Bernadette Schramm and Nils-Claudio Sierck.
Malao GmbH
Rosenheimer Straße 108
81669 München, Germany
Tel: +49 89 287 773 00
Email: future(at)malao(dot)film
(C) Copyright 2012-2021. The content published on this website is governed by German copyright and related rights law. Any use outside the scope of German copyright and related rights law requires the prior written approval of the provider or rights holder. This applies in particular to the duplication, editing, translation, saving, processing and reproduction of content in databases and other electronic media and systems. The unauthorised reproduction or distribution of specific content or entire pages is not permitted and is punishable by law.
This Privacy Notice describes how Malao GmbH, Rosenheimer Straße 108, 81669 München, Germany ("Malao ", "we" or "us"), as the controller within the meaning of the EU General Data Protection Regulation ("GDPR"), the Federal Data Protection Act ("BDSG") and other data protection regulations ("Applicable Data Protection Laws"), processes personal data and other information from users ("Users" or "you") of our Website https://malao.film ("Website").
1. CATEGORIES OF PERSONAL DATA, PURPOSE OF PROCESSING, LEGAL BASIS AND ORIGIN
The use of the Website and its functions requires the following processing of certain personal data on a regular basis:
1.1 Informational use of the Website
If you access our Website and use it for purely informational purposes (i.e. without using additional functions such as the contact form), the Website may automatically collect, process and store certain personal data in a pseudonymized form. This is device and usage information that may include (i) specific information about the device used to access the Website (including model, operating system, IP address, language and similar information) and (ii) information about the use of features, functions or notifications on the device to recognize you and to analyze trends.
The legal basis for this is our legitimate interest (Art. 6 para. 1 lit. f) GDPR) to monitor and maintain the performance of the Website and to analyze uses, activities and trends in connection with our Website.
1.2 Web analysis with Google Analytics
When you access our Website, the Google Analytics service is loaded for statistical evaluation of the use of our Website. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). By using the "anonymizeIp()" extension, we ensure that Google Analytics only transfers a shortened version of your IP address to Google.
By accessing the Website and loading the service, Google obtains knowledge that our Website was accessed via your IP address. Google Analytics uses cookies which are stored on your terminal device unless you have prohibited the use of cookies in your browser and allow for an analysis of your use of our Website. The information generated by the cookies about your use of the Website will be transferred to and stored by Google on servers in the United States. Any data transfers to the US are carried out in accordance to the Model Contractual Clauses that we concluded with Google: https://privacy.google.com/businesses/processorterms/mccs/.
The use of Google Analytics is based on our legitimate interests (Article 6 para. 1 sentence 1 lit. f) GDPR), which consist in appropriately designing and optimizing our Website. In addition, we have concluded an agreement for data processing with Google in accordance with the requirements of the German data protection authorities for the use of Google Analytics.
We collect your IP address to enable its shortening and then transmission to Google. You are not obliged to provide this personal data, a use of our Website is possible without the provision. You can prevent the provision of this personal data by setting your browser software accordingly by installing the browser add-on available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
More information about Google Analytics can be found at http://www.google.com/intl/de_ALL/analytics. Google's privacy policy can be found at https://www.google.com/policies/privacy/.
1.3 Contact form and newsletter distribution with MailChimp
When you use the contact form included on our Website or contact us by e-mail or other means, e.g. to request information or send us content for inspection, the information provided in the contact form will first be stored by our IT service provider, MailChimp, transmitted to us and processed for the purpose of dealing with the request. MailChimp is a service provided by Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. We have concluded an agreement with MailChimp in which we oblige MailChimp to protect the data of our customers and not to pass them on to third parties. This contract can be viewed at the following link: https://mailchimp.com/legal/data-processing-addendum/.
With MailChimp we can organize and analyze our newsletter campaigns. If you enter your data in the contact form, it will be stored on MailChimp's servers in the United States. Any data transfers to the US are carried out in accordance to the Standard Contractual Clauses that we concluded with MailChimp: https://mailchimp.com/legal/data-processing-addendum/#Annex_C_-_Standard_Contractual_Clauses.
When you sign up for our newsletter on our website, the data entered will be processed also by MailChimp. We base these data processing operations on your consent given (Art. 6 para. 1 lit. a) GDPR). You can withdraw your consent to receive our newsletter at any time by clicking the link in each newsletter or by contacting us under the contact details provided in section 7. If you withdraw your consent, your data will be deleted from MailChimp.
When you open an e-mail sent with MailChimp, a file contained in the e-mail (so-called web beacon) connects to the servers of MailChimp in the USA. This allows us to determine whether a newsletter message has been opened and which links have been clicked. In addition, technical information (e.g. time of retrieval, IP address, browser type and operating system) is collected. This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
We process your data for the purpose of processing and answering your enquiry and any follow-up questions, to prevent misuse of the contact form, to ensure the security of our information technology systems and to analyze our newsletter campaigns. We base these data processing operations on our legitimate interests (Art. 6 para. 1 lit. f) GDPR) which include processing your enquiry, protecting our information technology systems and enabling us to design and optimize our newsletters to meet your needs.
MailChimp privacy policy can be found at https://mailchimp.com/legal/terms/. Detailed information about the cookies used by MailChimp can be found at https://mailchimp.com/legal/cookies/#Cookies_served_through_our_Websites.
1.4 Customer relationship management
We process your contact data in order to maintain an effective customer relationship management (CRM). For this purpose, we are using a CRM system provided by Pipedrive Pipedrive OÜ, Mustamäe tee 3a, 10615 Tallinn, Estland (“Pipedrive”). Pipedrive acts for us as a processor within the meaning of Art. 28 GDPR and exclusively according to our instructions. This is ensured by a contractual arrangement in which we have entered into with Pipedrive. The data processing is carried out on the legal basis of Art. 6 (1) lit. f GDPR, i.e. our legitimate interest in designing, operating and maintaining our customer relationships as efficiently as possible.
2. PROVISIONS ON THE USE OF COOKIES
We use cookies to ensure the provision, protection and improvement of our services. Below we describe the cookies we use and explain why we use cookies and how we use the information we collect. We also explain how cookies enable the proper functioning of our Website and why you may not be able to use the full functionality of the Website if you disable the use of cookies. If you do not consent to the use of cookies, you may change your cookie setting at any time by following the instructions below.
2.1 What are cookies?
Cookies are text files that contain small amounts of information and are stored on your computer or mobile device when you visit a website. During subsequent website visits, cookies are sent back to the original website or another website that recognizes the cookie. Cookies are primarily used to ensure the proper or efficient functioning of a website and to provide information to the website operator. Cookies perform several functions. For example, they allow you to better navigate between different pages, store your preferences and generally improve your user experience. There are two main types of cookies:
• our own cookies, which we store directly on your computer or mobile device;
• third-party cookies that are stored for us and can be used by us for various purposes related to functionality, performance/analysis, contact/newsletter subscription, and payment processing.
Cookies may be stored on your computer or mobile device for different periods of time. Some cookies are session cookies; they only remain temporarily for the duration of a session and end when you close your browser. Other cookies are persistent cookies that remain on your computer or mobile device for a fixed period of time and are not deleted when you close your browser. Persistent cookies may be used by our Website to recognize your computer or mobile device when you reopen your browser and surf the Internet.
2.2 Why do we use cookies?
We use cookies for several purposes, including:
• to facilitate, simplify and improve your access to and operation of our Website;
• track data flows and usage behavior related to our Website;
• understand how many users regularly use our Website and which operating systems (e.g. Windows or Mac OS) and Internet browsers (e.g. Firefox, Chrome, or Internet Explorer) they use;
• monitor and continuously improve the performance of our Website;
• personalize and improve your online experience.
2.3 What types of cookies do we use?
The types of cookies we or our partners use in connection with our Website can be divided into three categories: "cookies required for basic purposes", "functionality cookies" and "performance and analysis cookies". Below we have collected additional information for each category, including information about the purpose of the cookies we or a third party store.
| Type of cookie |
What it does |
How to block it |
| Cookies required for basic purposes |
These cookies are necessary to provide you with our services and the services available through the Website and to enable you to use various website features. Without these cookies, services that you have requested could not be provided. |
Please read the instructions below under "How to delete or manage cookies". |
| Functionality cookies |
Functionality cookies save the settings you have made on the Website and allow us to tailor the Website for you. This means that when you stay on or return to the Website, we can offer you our services in exactly the way you want. We use the
MailChimp service to contact you and send you our newsletter. To provide this service, MailChimp uses cookies over which Malao has no control. Further information on MailChimp can be found in section 1.3. |
Please read the instructions below under "How to delete or manage cookies". |
| Performance and analysis cookies |
We use these cookies to analyze how our Website is accessed, how it is used or what services the Website provides, to provide you with a better user experience and to maintain, operate and continually improve the Website. Performance and
analysis cookies allow us, for example:
- better understand the visitors to our Website to improve the presentation of our content;
- determine the number of unique users of our Website;
- improve our Website by tracking errors that occur; and
- to conduct research and diagnostics to improve our offerings.
We use Google Analytics and MailChimp to understand how users use our Website. For more information, see sections 1.3 and 1.4. |
Please read the instructions below under "How to delete or manage cookies". |
2.4 How to delete or manage cookies
You have the right to accept or decline the storage of cookies on your device. You can exercise this right at any time by changing the settings in your browser according to your wishes.
However, if you disable cookies, you may not be able to use all the interactive features of the website and its content.
Most browsers provide instructions on how to customize cookie settings. The cookie settings are usually located under the menu item "settings" of your browser. If you wish to limit the use of third-party cookies, you can do so using one of the following links:
• Your Online Choices (http://www.youronlinechoices.com/uk/)
• Network Advertising Initiative (http://www.networkadvertising.org/)
• Digital Advertising Alliance (http://www.aboutads.info/consumers)
Please note that many companies are listed on these pages that do not set cookies via our Website.
3. DATA RECIPIENTS
3.1 External service providers
Malao may engage external service providers who act as our data processors to provide certain services to us, such as email, Website, marketing or other IT services. While providing these services, the external service providers may have access to or process your personal data.
Based on the data processing agreements concluded with them, the external service providers used are obligated to take appropriate technical and organizational security measures to protect the personal data processed and to process the personal data only in accordance with the assignment.
3.2 Additional recipients
Malao may also disclose your personal data to law enforcement and government agencies, legal advisers and other external advisers in accordance with Applicable Data Protection Laws. The legal basis for this processing is compliance with legal obligations (Art. 6 para. 1 lit. c) GDPR) to which Malao is subject or our legitimate interests (Art. 6 para. 1 lit. f) GDPR), such as exercising or defense of legal claims.
4. YOUR RIGHTS AS A DATA SUBJECT AND HOW TO ASSERT THEM
According to Applicable Data Protection Laws, as a data subject you may have the right of access (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), the right to erasure (Art. 17 GDPR), the right to restriction of processing (Art. 18 GDPR) and the right to data portability (Art. 20 GDPR). The right to access and the right to erasure may be restricted under certain circumstances in accordance with applicable local data protection law. In addition, you are entitled to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).
If you have declared your consent to the processing of your personal data, you can withdraw this consent at any time with future effect. Such withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal. If you withdraw your consent, we will no longer process your personal data unless any other (legal) basis permits this. However, if the consent is withdrawn and no other legal basis exists, we must delete the personal data immediately (Art. 17 para. 1 lit. b) GDPR).
Under certain circumstances, on grounds relating to your particular situation, you have the right to object at any time (Art. 21 para. 1 GDPR) to the processing of personal data concerning you processed on the basis of our legitimate interests (Art. 6 para. 1 lit. f) GDPR). Furthermore, if your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for these purposes, to the extent that it is related to such direct marketing (Art. 21 para. 2 GDPR). In this case, we will no longer process your personal data for these purposes.
In order to exercise your rights, please contact us under the contact details provided in section 7.
5. STORAGE PERIOD OF YOUR PERSONAL DATA
Your personal data will be stored as long as necessary for the purposes of the data processing described in section 1 above. If Malao no longer processes your personal data for the described purposes, we will remove it from our systems and records or make it completely anonymous so that you can no longer be identified from it. Your data will not be erased or made completely anonymous if and as long as we have to store your data in order to fulfil legal or regulatory obligations, e.g. legal retention requirements, which may arise from the German Commercial Code (Handelsgesetzbuch, HGB) or the German Tax Code (Abgabenordnung, AO), for example, which stipulate retention periods of 6 to 10 years, or if we need the data to preserve evidence within the limitation period, which is usually 3 years, but can be up to 30 years in individual cases.
6. CONTACT
If you have any questions about this Privacy Notice or the processing of your personal data, please contact us at:
Malao GmbH
Rosenheimer Straße 108
81669 München
Germany
Tel: +49 89 287 773 00
Email: future(at)malao(dot)film
