Privacy Policy

Status: July 2018 This Privacy Policy contains information about how we process your personal data in the context of the website https://mvpfactory.co/ (the “Website”) and the applications accessible from mobile devices and from the websites https://elite.mvpfactory.co/ and https://app.mvpfactory.co (the “App”; Website and App together the “Services”).

1.          General

Controller for the purposes of the General Data Protection Regulation (“GDPR”) regarding the processing of personal data in the context of the Services is MVPF Technologies GmbH, An den Treptowers 1, 12435 Berlin, Germany („MVP Factory“, “we”, “us” or “our”). By means of this Policy, we would like to explain to you which data we collect in the context of our Services, for which purposes and how we use (“Use”) those data, and which rights you have. Please note that our Services may contain links to other providers’ websites whose content we do not control, and which are not subject to this Privacy Policy.

2.          Data we collect, process and use

We process your personal data only if it is necessary for providing a functional website, our contents, and our services.

2.1       Visiting our Website and App

The use of our Services is possible without providing your personal data to us. Regarding the Website: As is the case with most websites, our systems, however, do automatically register every access to or visit of our Website and temporarily store this information in a “log file.” Among the data saved in this context are in particular:
  • IP-address of the accessing computer
  • Name and URL of the accessed file
  • Date and time of the access
  • Access status/HTTP status code
  • Amount of data transferred for each transmission
  • Browser identification data.
Regarding the App: Certain data is transmitted by your mobile device, namely your IP address, the periods of time in which you use the App and the type of device you use (e.g. iPhone, IPad, Samsung Galaxy) in order to give us the possibility to continuously improve the App. These data do not allow us to draw any conclusions about the data subject. We also do not create personal user profiles (however, please note the below information on “analytics tools”). The above-mentioned data are processed for the purpose of enabling visitors to use our Services (to establish a connection) and for internal system-related purposes (technical administration, system security). Log files are stored in order to ensure functionality of our Services. Additionally, these data allow us to optimize the Services and to ensure that our systems are secure. As far as personal data is concerned, data processing related to accessing our Services is based on Article 6(1) sentence 1(f) GDPR (legitimate interests). The legitimate interest is based on the above-mentioned purposes.

2.2       Contact

Our Services offer the possibility to get in touch with us via e-mail, telephone, and via an online live-chat tool. If you contact us via e-mail or send us an enquiry, we store the personal data you transmitted via e-mail. It is not mandatory for you to provide information; we only receive and store personal data that you send us. These data are used for processing your respective request only. The legal basis for the processing of the aforementioned personal data is: Article 6 (1) sentence 1 (f) GDPR (legitimate interests). Our legitimate interest is based on the fact that we can only perform the action the user asked for (e.g. answering an enquiry) if we process his/her personal data. If you contact us with the aim of potentially entering a business relationship with us, processing your personal data is also done under the following legal basis: Article 6 (1) sentence 1 (b) GDPR (performance of a contract and steps necessary prior to entering a contract).

2.3       Register process for Applications

If you register for the MVP Factory’s Elites, you will need to provide some or all of the following data, as the induvial case might be:
  • Personal data (name, date of birth, address)
  • Communication data (telephone number, mobile telephone number, fax number, e-mail address)
  • Information provided by third parties (e.g. credit agencies or from public registers)
  • Data relating to the evaluation and assessment in the application process
  • Data relating to your education (school, vocational training, military/civilian service, degree, doctorate)
  • Data relating to your previous employment history, training course certificates, skills and job references
  • Data relating to other qualifications (e.g. language skills, computer skills, voluntary work)
  • Information on desired salary
  • Job application history
We will use the personal data you have transferred only for processing your registration and it will we stored securely and not be shared with third parties. The legal basis for the processing of the data described above is Article 6 (1) sentence 1 lit. a GDPR (consent). If the contact is aimed at the possibility of concluding an employment contract, Article 6 para. 1 lit. b DSGVO (contract fulfillment and pre-contractual measures) is additionally the legal basis for the processing.

2.4       Register process for Projects

Our Services offer the possibility to get in touch with us to start a project. If you contact us via our “Start a Project” contact form, we store the personal data you transmitted, in particular, your name, E-mail address, company name (optional), phone number (optional) and the information how you found us. The information you provide will never be shared with third parties. The legal basis for the processing of the aforementioned personal data is: Article 6 (1) sentence 1 (f) GDPR (legitimate interests). Our legitimate interest is based on the fact that we can only perform the action the user asked for (e.g. getting in touch to start a project) if we process his/her personal data. If you contact us with the aim of potentially entering a business relationship with us, processing your personal data is also done under the following legal basis: Article 6 (1) sentence 1 (b) GDPR (performance of a contract and steps necessary prior to entering a contract).

2.5       Cookies

Our Services use cookies. Cookies are small text files that are stored in your Internet browser for the purpose of technical session control. They make navigating our Website easier for you and allow us to analyze anonymous user behavior which helps optimize our Website design. Cookie data cannot be associated with a specific individual. The Services uses cookies to the following extent: Transient / Session cookies, Persistent / Setting cookies, and Analysis cookies. Transient cookies are automatically deleted when you close your browser. This includes, in particular, the session cookies. These store a so-called session ID, which identify user session in the browser. Session cookies are deleted when you log out or close your browser. Persistent cookies help the Services remember your information and settings when you visit them in the future. They are automatically deleted after a specified period, which may differ depending on the cookie. We also use cookies on our Services which enable an analysis of the user's surfing behavior. We use language cookies in order to recognize if a user wants to view the English or German language version of our Website. These language cookies are automatically deleted once you leave our Website. Most browsers automatically accept cookies. You can, however, change your browser settings to not set any cookies or to always show a notice before setting a new cookie. However, if you chose to deactivate the setting of cookies altogether, not all functions of our Website may be (entirely) usable. The legal basis for the processing personal data related to cookies is: Article 6(1) sentence 1 (f) (legitimate interest). Our legitimate interest is based in the above-mentioned purposes, to optimize Services use and to improve your user experience. You can access the Services cookie consent management by clicking this link.

2.6       Analytic Tools

2.6.1 Google Analytics
The Services use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help analyze how you use the Services. The information generated by the cookie about your use of the Services will normally be transmitted to and stored by Google on servers in the United States. In case IP-anonymization is activated on the Services, your IP address will be truncated within the area of member states of the European Union or within other contracting states to the Agreement on the European Economic Area. Only in exceptional cases the whole IP address will be first transferred to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of the Website for the purpose of evaluating your use of the Website, compiling reports on Website activity and providing other services for the website operator relating to website activity and internet usage. The IP address that your browser transfers within the scope of Google Analytics will not be associated with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use all functions of the Services. You can also opt-out from the storage by Google of the data that is created by the cookie and is related to the use of the Services (including your IP address) and the processing of such data by Google by downloading and installing the Google Analytics opt-out Browser add-on available under https://tools.google.com/dlpage/gaoptout?hl=en. As an alternative to the browser add-on or within browsers on mobile devices, you can click this link in order to opt-out from being tracked by Google Analytics within this Website in the future (this opt-out option applies only for the browser in which you set it and with regard to the Website). In this case, an opt-out cookie is put on your device. In case you delete your cookies, you will have to use the aforementioned link again. For further information on Google Analytics please refer to: http://www.google.com/analytics/terms/de.html, http://www.google.com/intl/de/analytics/learn/privacy.html, http://www.google.de/intl/de/policies/privacy/ The legal basis for the processing of the data described in this section 2.6 (to the extent such data is to be considered personal data) is Article 6 (1) sentence 1 lit. f GDPR (legitimate interests). The legitimate interests to Use such data is that we use and analyze the respective data to improve our Services, such as by gaining a better understanding of your interests and requirements regarding our Services and to help personalize your user experience. Google is committed (to the best of our knowledge) to the EU-US Privacy Shield Agreement published by the US Department of Commerce on the collection, use, and retention of personal data from EU member states. Google has declared through certification that it will comply with the relevant privacy shield principles. The European Commission expects the US to provide adequate legal protection for personal data transferred from the EU to self-certified organisations in the US under the Privacy Shield. Further information can be found at: https://www.privacyshield.gov/EU-US-Framework.
2.6.2 Hotjar
We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users' experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device's IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link. You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link.
2.6.3 Intercom
We use third-party analytics services to help understand your usage of our services. In particular, we provide a limited amount of your information (such as sign-up date and some personal information like your email address) to Intercom, Inc. (“Intercom”) and utilize Intercom to collect data for analytics purposes when you visit our Website or use our product. As a data processor acting on our behalf, Intercom analyzes your use of our Website and/or product and tracks our relationship by way of cookies and similar technologies so that we can improve our service to you. For more information on Intercom's use of cookies, please visit https://www.intercom.com/terms-and-policies#cookie-policy. We may also use Intercom as a medium for communications, either through email or through messages within our product(s). As part of our service agreements, Intercom collects publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience. For more information on the privacy practices of Intercom, please visit https://www.intercom.com/terms-and-policies#privacy. Intercom’s services are governed by Intercom’s terms of use which can be found at https://www.intercom.com/terms-and-policies#terms. If you would like to opt out of having this information collected by or submitted to Intercom, please contact us.
2.6.4 Legal Basis
The legal basis for the processing of the data described in this section 2.6 (to the extent such data is to be considered personal data) is Article 6 (1) sentence 1 lit. f GDPR (legitimate interests). The legitimate interests to Use such data is that we use and analyze the respective data to improve our Services, such as by gaining a better understanding of your interests and requirements regarding our Services and to help personalize your user experience.

3.          Third Parties; Technical implementation by subcontractors

Personal data collected in the context of using our Services will not be transmitted to third parties or otherwise without your consent, except in cases explicitly described in this Privacy Policy. Transmission to government institutions and authorities will be made only pursuant to compulsory legal regulations. The legal basis for such processing of personal data is: Article 6(1) sentence 1 (c) GDPR (fulfilling legal obligations). We may use external service providers for website operation and for the services offered there (hosting, registration form) who process your personal data for us. These service providers process your data only according to our instructions. The legal bases for such processing of personal data are: Article 6 (1) sentence 1 (b) GDPR (performance of a contract and steps necessary prior to entering a contract) and Article 28 GDPR (data processing).

4.          How long do we store your Personal Data

As far as the other stipulations of this Policy do not prescribe a certain amount of time that we need to retain your personal data, we only store personal data generated in the context of using our Services for as long as is necessary to process your requests or enquiries, and after that only to the extent of and if required by statutory storage obligations. If we no longer need your personal data for the above-mentioned purposes, it will only be stored for the legal retention period and they will not be processed for other purposes.

5.          Your rights

You have the right to request information from us at any time about your personal data stored by us. If the legal requirements are met, you also have rights vis-à-vis us to request from us access to and rectification or erasure or restriction of processing concerning your personal data or to object the processing of your personal data. If you have given your consent to the use of personal data, you can revoke such consent at any time (for the future). If you believe that the processing of your personal data by us is in breach of the applicable data protection laws, you can issue a complaint with the competent supervisory authority for data protection.

6.          Contact

For all data privacy questions (incl. assertion of your rights as per Section 5 of this Privacy Policy), you can contact us at the address mentioned in Section 1 as well as at privacy@mvpfactory.co. You can manage your consent and the data we process also by sending us a GDPR request via this form.

7.          Data Security

We maintain current technical measures to ensure data security protection, especially to protect your personal data against risks during transmission and against third-party access. These measures will be updated according to the latest technical developments.

8.          Changes

Our Privacy Policy may change from time to time, for example, due to further developments of our Services or legal changes. We, therefore, reserve the right to change this Privacy Policy at any time with effect for the future. We, therefore, recommend that you read this data protection declaration again at regular intervals.   ***