Data privacy statement

We are pleased to welcome you to our website and with your interest in the msg.Check-In app. Not only is offering our customers end-to-end support very important to us, but so is ensuring that your personal information is protected.

The following explains the actions taken by msg systems Romania, after your request of information using the contact form, regarding the msg.Check-In app.

Should our data privacy statement change, it will be updated on this page in order to keep you informed as to which data msg systems Romania stores and uses.

The most important data privacy information can be found below.

I. Name and address of the responsible party

Responsible for the collection, processing and use of your personal data pursuant to the EU General Data Protection Regulation is:

msg systems Romania
Str. Samuel Brassai nr.9
Cluj-Napoca 400104

Romania

E-mail: msg.Check-In@msg.group

II. Name and address of the data protection officer

Data protection officer of the responsible party is:

Claus Bauer

msg systems Romania
Str. Samuel Brassai nr.9
Cluj-Napoca 400104

Romania

E-mail: dataprotection@msg-systems.ro

Should you wish to object to the collection, processing or use of your data by msg systems ag as set forth in these data privacy policies as a whole or in regard to specific measures, please e-mail, fax or mail your objection to the aforementioned address.

III. Provision of the website

1. Collection of personal information when visiting our website

The only personal information we collect when you visit our websites is the information your browser communicates to our servers. When you browse our website, we collect the information required on the technical side to display our website and to ensure stability and security. The following information is collected in such cases:

  • User’s IP address
  • Date and time of your inquiry
  • Content of the request (specific site)
  • Respective data volume transmitted
  • Website from which the inquiry is received
  • Information on the browser type
  • User’s operating system
  • Language and version of the browser software
  • Websites from which the user’s system accesses our Internet site
  • Websites the user's system accesses from our website

This information is also stored in our system’s log files. This information is not stored together with other personal information.

2. Legal basis for the data processing

Art. 6 (1(f)) of the General Data Protection Regulation (GDPR) forms the legal basis for any processing necessary to ensure a legitimate interest of our company or a third party, as long as such do not outweigh the interests, fundamental rights and fundamental freedoms of the person in question.

3. Purpose of the processing

The IP address must be temporarily stored by the system in order to enable the delivery of the website to the user’s computer. To that end, the user’s IP address must be stored for the duration of the session. IP addresses are required for problem diagnosis, website administration and demographic information.

The information recorded is solely used for data security reasons, specifically to prevent attack attempts on our web server, and for statistical analysis.

4. Retention period

Data is deleted as soon as it is no longer required for the purpose it was collected. Any information collected in order to provide the website is deleted as soon as the respective session is terminated.

Information stored in log files is deleted no later than after seven (7) days. Storage beyond that period is also possible. In that case, the user’s IP addresses are deleted or rendered anonymous so that it can no longer be collated to the client that used it to access the site.

5. Objection and removal options

Information must be collected in order to provide the website and information must be stored in log files in order to operate the Internet site. As a result, the user does not have the option to object in this case.

IV. E-mail / Contact form

1. Description and scope of the data collection

Our Internet site offers a contact form that can be used to contact us electronically. When a user takes advantage of this option, the information they enter on the input screen is transferred to us and stored. That data is:

  • Name (required field)
  • Your e-mail address (required field)
  • Telephone (required field)
  • Your message (required field)

The following information is also stored when you submit your message:

  • The user’s IP address
  • Date and time of registration

In order to process the information, we obtain your consent when you submit the information and reference this data privacy statement.

Alternatively, we can also be contacted using the e-mail address provided:

msg.Check-In@msg.group

In that case, the personal information the user includes in the e-mail is stored.

The information obtained in this context is not transferred to third parties.

The information is only used to process the request and to begin a conversation with you regarding the msg.Check-In app.

2. Legal basis for the data processing

Art. 6 (1(a)) of the General Data Protection Regulation (GDPR) forms the legal basis for any consent we obtain from relevant persons for the operations involved in processing personal data.

3. Purpose of the data processing

The personal information provided on the input screen is used for the sole purpose of handling the contact request. In case of contact by e-mail, the information is processed as a necessary legitimate interest.

Any other personal information processed during the transmission is processed to prevent misuse of the contact form and to ensure the safety of our IT systems.

4. Retention period

Data is deleted as soon as it is no longer required for the purpose it was collected, in this case, initiating a possible collaboration with you.

5. Objection and removal options

The user can revoke their consent to having their personal information processed at any time. It will not be possible to continue a conversation in such cases.

Please contact us by e-mail if you would like to revoke your consent/the storage of your information at msg.Check-In@msg.group

Any personal information stored as part of the contact request will be deleted.

V. Use of cookies

1. Description and scope of the data collection

Our website uses cookies. Cookies are text files that are stored in or by an Internet browser on the user’s computer system. A cookie can be stored to the user’s operating system anytime they access a website. Cookies contain a distinctive character string that enables the unique identification of the browser when the same website is accessed again. Cookies cannot execute programs or transfer viruses to your computer.

We use cookies to make our website more user-friendly. A few elements on our Internet site also require that our system be able to identify the browser that accessed our site to be identifiable again even after a user has switched to a different site.

2. Legal basis for the data processing

Art. 6 (1(f)) of the General Data Protection Regulation (GDPR) forms the legal basis for any processing necessary to ensure a legitimate interest of our company or a third party, as long as such do not outweigh the interests, fundamental rights and fundamental freedoms of the person in question.

3. Purpose of the data processing

Cookies that are necessary for technical reasons are used to make the website easier for users to use. A few functions on our Internet site cannot be offered without using cookies. In those cases, our system must be able to recognize the browser again even after a user has switched to a different site.

The user data collected by cookies required for technical reasons is not used to create user profiles.

These purposes form our legitimate interest in processing personal information as set forth in art. 6 (1(f)) of the General Data Protection Regulation (GDPR).

4. Retention period

Cookies are stored on the user’s computer and communicated from said computer to our site. Thus, the user has full control over the use of cookies. You can disable or limit the transmission of cookies by changing the settings in your Internet browser.

5. Objection and removal options

Cookies that have already been stored can be deleted at any time. This can be done automatically as well. However, disabling the cookies used by our website may mean you will not have full access to all of the functions of our website.

VI. Use of Google Analytics

1. Description and scope of the data collection

Use of Google Analytics, Google remarketing, AdWords conversion tracking and Google Tag Manager, as well as functions used by partner networks (DoubleClick)

This website uses the functions of the following web services: Google Analytics, Google remarketing, AdWords conversion tracking and Google Tag Manager. Provider of such is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043 USA.

Google Analytics uses so-called “Cookies”. Cookies are text files that are stored on your computer, enabling the analysis of your website usage. The information generated by the cookie on your use of this website (including your IP address) is sent to a Google server located in the USA and stored there.

Should the IP anonymization function be activated on this website, Google will shorten your IP address prior to storing it; this shall be done for all member states of the European Union or in other states where the agreement pertaining to the European Economic Area applies. Only in cases of exception will the full IP address be sent to a Google server in the USA and shortened there. The IP address determined by Google Analytics based on your browser will not be added to any other data collected by Google.

2. Legal basis for the data processing

We use Google Analytics to analyze the website and to make regular improvements. The statistics we obtain allows us to improve our offer and make it more interest to you as the user. The statistics we obtain allows us to improve our offer and make it more interest to you as the user. Google has agreed to comply with the Dataprocessing Terms https://privacy.google.com/intl/en/businesses/

3. Purpose of the data processing

On behalf of the operator of this website, Google will use said information to analyze your use of this website, to create reports on website activities and to provide other services affiliated with the website usage and Internet usage for the operator of the website.

4. Retention period

Sessions and campaigns are terminated after a specified amount of time. By default, sessions are terminated after 30 minutes of activities and campaigns after six months. The time limit for campaigns is limited to a maximum of two years.

More information on the terms and conditions of use and data privacy can be found at https://www.google.com/analytics/terms/de.html and at https://policies.google.com/?hl=de

You can prevent the storage of cookies by activating the corresponding setting in your browser software. However, we would like to remind you that you may not be able to use all of the functions available on this website should you choose to do so.

5. Objection and removal options

You can prevent Google Analytics from collecting your information by clicking the following link. This sets an opt-out cookie that prevents your data from being collected during any future visits to the website: Disable Google Analytics

You may also prevent Google from collecting the data generated by the cookie and data related to your use of the website (including your IP address), as well as the processing of said data by Google, by downloading and installing the Browser Add-On.

VII. Social plugins (Facebook, LinkedIn, Instagram)

So-called “social plugins” are used on our website. These currently include plugins for Facebook, LinkedIn and Instagram services. Information, including personal information, may be sent to service providers when using these plugins, including providers in the USA, and may be used by them.

1. Data privacy statement for use of Facebook plugins

Plugins for the social media network Facebook (provider: Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA) are integrated into our sites. The Facebook plugins on our site can be identified by their Facebook logo or the “Like” button. An overview of the various Facebook plugins can be found at: http://developers.facebook.com/docs/plugins/.

When you visit our sites, the plugin is used to establish a direct connection between your browser and the Facebook server. That informs Facebook that you visited our site from your IP address. Clicking the Facebook “Like” button on our sites while still logged onto your Facebook account allows you to link content from our sites to your Facebook profile. This permits Facebook to assign your visit to our sites to your user account. We would like to point out that as a provider of the sites, we do not receive any information on the content of the transmitted data or how it is used by Facebook. More information can be found in Facebook’s data privacy statement at:
http://de-de.facebook.com/policy.php.

You will need to log out of your Facebook account if you do not want Facebook to assign your visit to our sites to you Facebook account.

2. Data privacy statement for use of the Instagram plugin

The functions of the Instagram service are integrated on our website. These features are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.

If you are logged in to your Instagram account, you can link the content of our pages to your Instagram profile by clicking the Instagram button. This allows Instagram to assign your visit to our website to your user account. We would like to emphasize that, as a page provider, we have no knowledge about the content of the transmitted data or about its use by Instagram.

More information can be found in the Instagram privacy policy statement at: https://instagram.com/about/legal/privacy/.

3. Data privacy statement for use of the LinkedIn plugin

Our website uses the functions of the LinkedIn network. Provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

A connection to the LinkedIn servers is established anytime our sites that contain LinkedIn functions are accessed. LinkedIn is informed that you visited our Internet sites from your IP address. Clicking the “Recommend” button by LinkedIn while you are stilled logged onto your LinkedIn account allows LinkedIn to assign your visit to our Internet site to you and your user account. We would like to point out that as a provider of the sites, we do not receive any information on the content of the transmitted data or how it is used by LinkedIn.

More information can be found in LinkedIn’s data privacy statement at: https://www.linkedin.com/legal/privacy-policy

VIII. Where is my information processed?

Your information is processed in Romania. Data is also processed in European and non-European foreign countries within the legally permissible limits. There are no plans for transmission to third countries.

IX. How safe is my information?

msg systems Romania has taken extensive technical and operational safety precautions in accordance with applicable European law to protect your information from unauthorized access and misuse.

X. Will my information be shared with third parties?

The information provided by you in the contact form will not be shared with third parties.

XI. Rights held by the affected person

Anytime your personal information is processed you are considered an affected person pursuant to the GDPR and you have the following rights in connection with the responsible party:

1. Right to disclosure

You have the right to request information on the scope, origin and recipient of stored information, as well as the purpose of the storage, at no charge to you.

2. Right to correction

You have the right to demand a correction and/or completion from the responsible party should the processed personal information related to you be incorrect or incomplete. The responsible party must make the corrections without delay.

3. Right to deletion

You have the right to request that the responsible party immediately delete any personal information related to you and the responsible party is required to delete said data without delay should any of the following reasons apply:

(1) The personal information related to you is no longer required for the purpose it was collected or processed in any other manner.

(2) You revoke the consent on which the processing was based pursuant to art. 6 (1(a)) or art. 9 (2(a)) of the General Data Protection Regulation (GDPR) and there is no other legal basis for the processing.

(3) You submit an objection to the processing pursuant to art. 21 (1) of the General Data Protection Regulation (GDPR) and no legitimate reasons for the processing that have precedence over your objection exist, or you submit an objection to the processing pursuant to art. 21 (2) of the General Data Protection Regulation (GDPR).

(4) The personal information related to you was processed unlawfully.

(5) The deletion of the personal information related to you is necessary in order to meet a legal obligation under Union law or the law of the member states to which the responsible party is subject.

(6) The personal information related to you was collected in relation to services offered by the information company pursuant to art. 8 (1) of the General Data Protection Regulation (GDPR).

4. Right to data portability

You have the right to obtain the personal information related to you and which you shared with the responsible party in a structured, commonly used and machine-readable format.

5. Right of objection

You have the right, for reasons arising from your particular situation, to object to the processing of personal information related to you, which was being processed pursuant to art. 6 (1(e)) or 6 (1(f)) of the General Data Protection Regulation (GDPR), at any time; this includes any profiling based on these policies.

The responsible party will cease processing any personal information related to you unless they can provide proof urgent, protection-worthy reasons for the processing that outweigh your interests, rights and freedoms or unless the processing serves the enforcement, exercising or defense of legitimate claims.

You have the right to revoke your privacy consent statement at any time. Revoking your consent shall not affect the legitimacy of the processing that was performed with your consent up to the time your consent was revoked.

6. Right to submit complaint to supervisory body

Notwithstanding other administrative or legal remedy, you will generally have the right to submit a complaint to a supervisory body, specifically in the member state of your place of residence, your place of employment or the location of the alleged breach, if you are of the opinion that the processing of the personal information related to you violates the GDPR.

The supervisory body to which the complaint is submitted shall inform the complainant of the status and results of the complaint, including the option of legal remedy pursuant to art. 78 of the GDPR.

Version: 06/07/2021