Minds + Machines Group Limited (“MMX”) is committed to the privacy of its customers and users of the mmx.kespa.net website (the “Site”) and any services that may be offered by MMX on the Site. Access to the Site is free of charge to all users. The Site is owned by MMX, and operated on its behalf by Minds + Machines Limited, 32 Nassau Street, Dublin 2, Ireland, Co. No. 516026. We take our responsibilities under the Data Protection Acts, 1988 and 2003, seriously, and we are committed to protecting your privacy when you are using our online and other services.
Please also note our separate privacy policies for our registry operations as published on https://mmx.kespa.net/policies/.
Controller, contact, data protection officer
Controller pursuant to Art. 4 (7) EU General Data Protection Regulation (“GDPR”) is
Minds + Machines Limited
32 Nassau Street
Republic of Ireland
Data protection officer
c/o Minds + Machines Limited
32 Nassau Street
Republic of Ireland
How MMX Uses Personal Data
MMX may use information provided by you:
- To process your request to become a registrar.
- To ensure that content from our site is presented in the most effective manner for you and for your computer.
- To provide you with information, products, or services that you request from us or which we believe may interest you, where you have consented to be contacted for such purposes.
- To carry out our obligations arising from any services we are contracted to provide you.
- Additionally, MMX may also use personal data to improve the level and type of services offered to customers, such as processing personal data for the purposes of sales analysis and customer usage statistics; to improve the content, design, and layout of the mmx.kespa.net website; to facilitate knowledge management; and to understand the interests and buying behavior of our registered users.
- We may monitor and record our communications with you, including emails and telephone conversations. Information collected may then be used for training purposes, quality assurance, to record details about products/services in which you are interested, and in order to meet our legal obligations in general. Please note the information below regarding the use of third-party cookies.
If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please contact us as provided for below.
Legal bases for processing of your data
Unless specifically stated, the following legal bases apply to the processes listed below:
- Insofar as we obtain the data subject’s consent for processing, Art. 6 (1) Clause 1 lit. a) GDPR is the legal basis.
- In case of processing of personal data necessary for the fulfillment of a contract, the legal basis is Art. 6 (1) Clause 1 lit. b) GDPR.
- Insofar as processing of personal data is necessary for the fulfillment of a legal obligation, the legal basis is Art. 6 (1) Clause 1 lit. c) GDPR.
- In the event that vital interests of the data subject or of another natural person require a processing of personal data, the legal basis is Art. 6 (1) Clause 1 lit. d) GDPR.
- If processing is necessary to safeguard legitimate interests of our company or of a third party and if the interests, basic rights, and basic freedoms of the data subject do not outweigh these legitimate interests, the legal basis for processing is Art. 6 (1) Clause 1 lit. f) GDPR.
Processors, Third Party Service Providers
In some cases, we use external service providers to process your data, which are bound to our instructions. They were selected and commissioned by us with care and they are monitored regularly. The orders are based on data processing agreements pursuant to Art. 28 GDPR. The processor does not independently process data for its own purposes. Further, they must process the personal information in accordance with this privacy notice and as permitted by applicable data protection laws.
MMX will also actively investigate and cooperate with law enforcement agencies regarding any allegations of abuse or violation of system or network security or other laws.
Cookies and integrated third-party offers
The following types of cookies can be set on your device:
- Strictly necessary cookies: These cookies enable services you have specifically asked for, e.g. identifying you as being signed in with the Site user ID and password, and keeping you logged in throughout your visit. These cookies do not contain any personally-identifiable information and are typically set by MMX.
- Performance cookies: These cookies are used to collect statistical information about visitors to the Site and the pages they view. These cookies do not collect information that identifies a visitor, and all information is aggregated and used anonymously. MMX use these cookies to understand what content is popular. For more information on how to manage cookies, including opt-out of performance cookies please visit: http://www.aboutcookies.org/Default.aspx?page=1
- Functional cookies: These cookies allow the Site to remember choices you make and provide enhanced and more personal features. MMX occasionally uses this type of cookie. Note that if you disable these cookies the Site may not work properly. For more information on how to manage cookies, including opting-out of functional cookies please visit http://www.aboutcookies.org/Default.aspx?page=1
- Targeting and advertising cookies: These cookies are used to deliver advertising that is more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. For more information on how to manage cookies, including opting out of targeting and advertising cookies, please visit http://www.aboutcookies.org/Default.aspx
- Other third party cookies: Some cookies that have been set on our Site are not related to MMX. When you visit a page with content embedded from, for example, YouTube or a social network site, these service providers may set their own cookies on your web browser. We do not control the use of these cookies and cannot access them due to the way that cookies work. Cookies can only be accessed by the party that originally set them. You should check the third party websites for more information about these cookies.
- Other companies which advertise or offer their products or services on our website may also place cookies on your device. The types of cookies such other companies use and how they use the information generated by them will be governed by their respective privacy policies and not ours.
We use various third-party services and plug-ins. All non-EU-providers are subject to the EU-US Privacy Shield, unless specified otherwise, https://www.privacyshield.gov/EU-US-Framework.
Social media plug-ins
We use various social media plug-ins and services. All providers are subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
a) Facebook pixel et al
Our web page utilizes social plug-ins (“plug-ins”) by Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA (“Facebook”) . For an overview of the plug-ins and their appearance, please visit: http://developers.facebook.com/plugins.
When visiting our website containing such a plug-in, your browser will establish a direct link with the servers operated by Facebook. If you visit our website while signed into your Facebook account, information concerning your visit will be transferred to Facebook. Facebook can combinate your visit to our website to your user account. Each interaction with the Facebook plug-ins (e.g. clicking the Facebook button or by leaving a comment) will be directly transferred to and stored by Facebook. To prevent this you can log out of your Facebook account before visiting our website.
When using our web page, we place a visitor action pixel of the social network Facebook Inc., on your computer. This allows us to track your behavior when you click on a Facebook advertisement and are then redirected to our web page. This service helps to analyze and evaluate the effectiveness of Facebook advertisements in order to optimize our future advertising. This data is completely anonymous to us and cannot be traced back to the respective person. However, Facebook will store and process the data and thus establish a connection between the data and the user’s Facebook profile.
For more information about Facebook’s data processing, please visit: https://www.facebook.com/about/privacy/
Settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads
or via the US page http://www.aboutads.info/choices/
or the EU page http://www.youronlinechoices.com/.
b) Twitter plug-in
You can change your Twitter privacy settings in your account settings at https://twitter.com/account/settings.
c) Google +1 button
The implemented Google +1 button is operated by the social network “Google +”, a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When visiting our website containing such a plug-in, your browser will establish a direct link with the servers operated by Google +. The content of the plug-in will be transferred to your browser and embedded in the website being shown. The fact that you have visited our website will be transferred to Google. In the case where you visit our website while you are signed into your Google + account, Google + can assign your visit to our website to your user account. Information arising from interaction with the Google + plug-ins (such as by clicking the “+1” button or by leaving a comment) will be directly transferred to and stored by Google+.
For more information, please visit https://developers.google.com/+/web/buttons-policy
d) YouTube, DoubleClick
Our web page incorporates YouTube videos. This feature is operated by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. The YouTube videos are stored on http://www.youtube.com and can be played directly from our web page. When you play these videos, YouTube cookies and advertising cookies from “DoubleClick” (a unit of Google Inc., Amphitheater Parkway, Mountain View, CA 94043, USA) are stored on your computer.
DoubleClick helps to analyze and evaluate the effectiveness of advertisements in order to optimize our future advertising. As a member the Double Click network allows us to place ads on the Google Advertising Network (e.g., in search results, in videos, on websites, etc.). Double Click is characterized by displaying ads in real time based on users’ suspected interests. This allows us to display ads for and within our online offer more specifically in order to present users only ads that potentially correspond to their interests. For example, if a user is shown ads for products in which he is interested in other online offers, this is referred to as “remarketing”. For these purposes, when our and other websites on which the Google Advertising Network is active are accessed, Google directly executes a code from Google and (re)marketing tags (invisible graphics or code, also known as “web beacons”) are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user’s device (comparable technologies can also be used instead of cookies). In this file it is noted which websites the user visits, which contents he is interested in and which offers the user has clicked on, technical information on the browser and operating system, referring websites, visiting time and further information on the use of the online offer.
Your IP address is also recorded, whereby it is reduced within member states of the European Union or in other signatory states to the Agreement on the EEA and only in exceptional cases completely transferred to a Google server in the USA and shortened there. The above information may also be linked by Google to such information from other sources. If the user subsequently visits other websites, ads tailored to his presumed interests can be displayed to him on the basis of his user profile.
User data is processed pseudonymously within the Google advertising network. This means that Google does not store and process, for example, the names or e-mail addresses of users, but processes the relevant data cookie-related within pseudonymous user profiles. This means from Google’s point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly permitted Google to process the data without this pseudonymization. The information collected by Google marketing services about users is transmitted to Google and stored on Google’s servers in the USA.
Further information on data use by Google, possible settings and objections can be found in Google’s data protection declaration (https://policies.google.com/technologies/ads) and in the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).
For more detailed information, please visit https://www.google.de/intl/de/policies/privacy/
For the informational use of the Site it is generally not required that you actively disclose your personal data. In this case we instead collect and use only the data automatically transmitted to us by your Internet browser. This includes:
- date and time of your retrieval of one of our websites;
- your browser type;
- your browser settings;
- utilized operating system;
- your most recently visited site;
- the transferred data volume and access status (file transferred, file not found, etc.);
- your IP address.
The data is stored on our servers. This data is not stored together with other personal data except those stated above. The temporary storage of the IP address by the system is necessary to allow delivery of the website to the user’s computer. For this purpose, the IP address of the user must be stored for the duration of the session. We create so-called log files from this data. The created log files are stored to safeguard the security of our IT systems. A personal evaluation of the data, in particular for marketing purposes, does not take place.
Processing of the above data is required for technical reasons to offer a website pursuant to Art. 6 (1) Clause 1 lit. b), lit. c), lit. f) GDPR in order to correctly display our website to you and to safeguard stability and security. In particular, log files are created to verify attacks on our systems. We erase server log data from our systems regularly, at the latest every six months.
With your consent, you can subscribe to our newsletter in which we inform you of our current interesting offers.
We use the so-called double opt-in process for registration to our newsletter. This means that after your registration, an email is sent to the disclosed email address, in which we ask you to confirm your request to receive the newsletter. We furthermore retain your utilized IP addresses and the time of registration and confirmation. The purpose of this process is to verify your registration and clarify a possible abuse of your personal data, if necessary. Only the disclosure of your email address is required to receive the newsletter. All other disclosed information is voluntary and will be used to allow us to address you personally. After your confirmation, we store your email address for sending you the newsletter. The legal basis for this is Art. 6 (1) Clause 1 lit. a) GDPR.
To unsubscribe from the newsletter, you can click on the link provided in every newsletter email or send an email to firstname.lastname@example.org.
The newsletters contain “web beacons”. These are pixel-sized files that are retrieved from a Sendgrid server when the newsletter is opened. Within this retrieval, technical information, such as data on the browser and your system, as well as your IP address and time of retrieval are initially processed.
This data is used to technically improve the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or access times. The statistics also includes determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our intention, nor that of Sendgrid, to observe individual users. Therefore, statistical data will be anonymized as soon as possible. The evaluations serve us much more to recognize the reading habits of our users and to adapt our contents to them or to send different contents according to the interests of our users.
You can object to the analysis at any time by clicking on the separate link provided in each e-mail or by informing us of another contact method. The information is stored for as long as you have subscribed to the newsletter. After your opt-out we store the data purely statistically and anonymously.
In case of contact by email or telephone, your data is processed, depending on the content of the request: for purely informational inquiries based on your (assumed) consent pursuant to Art. 6 (1) Clause 1 lit. a) GDPR; or pursuant to Art. 6 (1) Clause 1 lit. b) GDPR, insofar as contacting is connected to contractual performance obligations. In case of contacting through our online ticket submission system, we require only your email address in order to reply to you. Additionally, you can voluntarily disclose your name to allow us to address you personally. Your information may be stored in a customer relationship management system (“CRM system”).
We delete your contact requests immediately after they are processed unless statutory retention periods require longer retention.
On rare occasions it may be necessary to send out a strictly service-related announcement if, for instance, a service is temporarily suspended for maintenance. Generally, users may not opt-out of these communications. However, these communications are not promotional in nature. Legal basis for processing is Art. 6 (1) lit. b) GDPR.
Though every effort is made to preserve your privacy, MMX may need to disclose personal information when required to by law, rule and/or regulation. MMX will comply with all such lawful requests should a court order, legal process, or similar be served on it.
You are responsible for the security of your user ID(s) and password(s). Make sure you keep them in a safe place and do not share them with others.
Always remember to log out after your session ends, to ensure that others cannot access your private personal information. You should take this precaution even if you are not using a public computer, such as at a library or internet café, but also when using your private computer in your home.
Pursuant to statutory provisions, you can assert the following rights vis-à-vis the data processing controller free of charge:
- Right to access by the data subject (Art. 15 GDPR);
- Right to rectification and erasure (Art. 16 and Art. 17 GDPR);
- Right to restriction of processing (Art. 18 GDPR);
- Right to data portability (Art. 20 GDPR);
- Right to object (Art. 21 GDPR).
You also have the right to complain to a data protection supervisory authority concerning the controller’s processing of your personal data.
Social media presences
We maintain presences in social media in order to communicate with customers and prospective customers there and to keep them informed. When utilizing the relevant social media network, the terms and conditions of the respective social media network operators apply.
MMX takes the security and protection of your personal data very seriously. MMX utilizes appropriate internal security procedures that restrict access to and disclosure of personal data within MMX. We also apply technical and organizational security measures to protect personal data that is collected, in particular against accidental or intentional manipulation, loss, destruction or against the attack of unauthorized persons. Our security measures are continuously improved in line with industry standard technological developments.
Children: The Site is not intended for children and we ask that no-one under the age of 18 submit personal information to us or use the site without supervision of a parent or guardian.