DATA PROTECTION

GENERAL DATA PRIVACY STATEMENT (DATA PROTECTION POLICY) REGARDING THE COLLECTION, PROCESSING AND USE OF PERSONAL DATA FROM INTERESTED PARTIES, CUSTOMERS AND PLATFORM PARTICIPANTS PURSUANT TO ART. 13 AND 14 EU GENERAL DATA PROTECTION REGULATION (GDPR), GERMAN FEDERAL DATA PROTECTION ACT AND §13 TELEMEDIENGESETZ.

 

The following Data Protection Policy provides a framework for data collection, processing and use of personal data, i e. individual details about personal or factual circumstances of a certain or identifiable natural person through the MomentaryX AG („MomentaryX“) according to the requirements of EU General Data Protection Regulation (GDPR) and other applicable German laws.

 

1. Contact details of the Data Protection Officer

2. Which data categories are we using and where does the data come from?

3. Legal basis and purpose of data processing

4. Data access

5. Rights of affected persons there of

5.6 Right to object

6. Recording of your data

7. Data transfer

8. Right to change this data protection policy

9. Declaration of consent

 

 

 

1. CONTACT DETAILS OF THE DATA PROTECTIONS OFFICER:

Inquiries regarding the processing of your personal data by MomentaryX AG can be sent to Data Protection Officer:

privacy@momentaryx.com

MomentaryX AG

Datenschutzbeauftragter

Axel-Springer-Platz 3

20355 Hamburg

 

2. WHICH DATA CATEGORIES ARE WE USING AND WHERE DOES THE DATA COME FROM?

The categories of processed data comprise in particular:

 

  • Your name (first name, last name, title and name suffixes)
  • Your contact details (your private and/or business address, email address, (mobile-) phone numbers)
  • If applicable, special categories can include health data (e. g. allergies) or psychometric data if you provide the data e.g. in connection with registration for a training event, coaching agreement or as part of your platform profile.
  • Occupational qualifications, professional career, and other education, and project assignments, if you provide the data e.g. in connection with registration for a training event, coaching agreement or as part of your platform profile.
  • Language skills and other occupational capabilities
  • Date of birth
  • Gender
  • Citizenship, immigration status, Visa and work permits
  • Information on current or aspired income if you provide this information
  • Endorsements and references, CV, professional and private interests and preferences for content if you provide this information

 

In case of legally required circumstances and with your explicit consent:

  • Impairments and other health related information

 

Furthermore, the following data can be collected and processed:

  • Username and password if you register on one of our websites, portals or apps
  • Payment information
  • User generated content that you upload by using our services or that you retrieve from others through our services (e.g. messages, photos, videos, documents, spreadsheets or comments)
  • Your Apps, browsers and devices that you use to access our services alongside the telemetry and diagnostic data including unique identifier, type information and settings of browsers, devices, and apps, cell phone providers and crash reports of apps, browsers and devices.
  • Information that you share with us about friends and other third parties, if applicable in line with your mandate to contact them (in this case you assure the data protection officer that you have obtained prior consent from those friends and third parties to share data with us.)
  • Other information that you share with us e.g. in general surveys, opinion and engagement surveys or polls etc.
  • Furthermore, we might receive data from third parties (e. g. registration recommendation from your employer via one of our portals, registration for training, etc.)
  • Other data that you provide us by using our services, if this data is needed to provide or improve our services (you’re your location data incl. GPS, IP-address, possibly sensor data of your device and objects close to your device like bluetooth devices, WIFI-acess points or radio masts)

 

Should we retrieve personal data in individual cases not directly from you we will inform you in advance.

Processing of your data happens normally electronically, especially if you provide the information via an electronic channel like email or a web or app form.

In addition to that, a website, portal or app that you visit or use, may retrieve or store information from your browser or cache, mostly as a cookie. This can include information about your settings or device.

Usually, this information is being used to enable the expected behavior and functionality of the website, portal or app. This kind of information does usually not identify you directly. It might, however, provide a personalized web- or app experience. You can decide to not permit certain types of cookies.

During your first visit of one of our websites, portals or in case your browser cache has been cleared or, alternative in the settings of an app, you can learn more about cookies and their categories and you can change the standard settings. Blocking certain types of cookies might negatively impact your experience of our websites, portals and apps.

Unless otherwise stated we work on our websites only with cookies that are required for website functionality. These types of cookies cannot be deactivated in our systems. Usually these cookies are only set based on your cookies and service requests like your data protection settings, registration or login, or the completion of web forms. You can apply your browser settings in a way that your browser blocks these cookies or informs you about the cookies. In that case, parts of the website might, however, appear to not work properly.

 

3. LEGAL BASIS AND PURPOSE OF DATA PROCESSING

The Data Protection Officer collects, processes and uses data for the following purposes (where permitted by Germany law):

3.1 To provide you with platform services, described separately, that you register for, with consulting services that you order, and for training services that you or your employer registers you,

3.2. to offer or provide you with additional services like needs assessments for professional education and development initiatives, income or business opportunities or networking options,

3.3. to assess your fit with particular personal or business networking opportunities or employment or collaboration opportunities,

3.4. for data-based research of e.g. (i) individual preferences, (ii) global reach, (iii) influencer potential. and (iv) industry specific networking practices.

3.5. where permitted by law and in accordance with the cookie and advertising declaration of the data protection officer, to show or send you personalized recommendations, alerts and notifications regarding your own content choices and fields of interest

3.6. where permitted by law to communicate, inform and administer special events, actions, programs, offerings, surveys, and contests and tournaments, and market research,

3.7. to respond to your individual inquiries,

3.8. to operate, assess and improve our services (including content and technical development, administration, and communication, conducting analyses, bookkeeping, auditing and control, and other internal business activities)

3.9 to protect ourselves from fraud and other illegal activities, for dunning purposes and other asset recovery activities;

3.10. to ensure adherence and enforcement of applicable laws and regulations, relevant sector standards and contractual obligations, was well as our policies;

3.11. in anonymized form for our own research and development.

 

We process data in adherence to current laws and regulations, in particular to the EU General Data Processing Regulation and the Germany Data Protection Act.

First and foremost, data collection and processing serve the provision of our services, in particular the design and orchestration of platforms and networks, the research and development of marketing technologies as well as consulting, coaching and training of decision-makers in consumer related sectors. The dominant legal base is Art. 6 sect. 1 b) GDPR in conjunction with § 26 sect. 1 Federal Data Protection Law. If required we process data additional based on Art. 6 Sect. 1 f) GDPR, to protect legitimate interest of ourselves or third parties (e.g. public authorities). This applies in particular in case of detection and investigation of criminal offences (Legal Basis § 26 Sect. 1 S. 2 Federal Data Protection Law) or for our own group control, internal communication and other administrative purposes.

In addition, we might be obliged due to the EU anti-terror regulations 2580/2001 and 881/2002 to match your data against the so called „EU-terror lists“, to ensure that no money or other economic resources are made available for terroristic purposes.

In case we plan to process your data for any other purpose not listed above, we will inform you prior to doing so. When processing your data we ensure that your rights are respected and taken into account.

You have the right to veto such a processing. Any veto needs to be send to:

privacy@momentaryx.com or in written form by post to

MomentaryX AG

Datenschutzbeauftragter

Axel-Springer-Platz 3

20355 Hamburg

 

4. DATA ACCESS

We do not grant access to your data in any other way or circumstances than outlined in this policy or other explicitly stated data protection notices.

We share personal data with providers who work on our account to operate our services according to our direction. We allow these service providers the use and disclosure of data only to that extent that is required to provide the services on our behalf or to comply with current laws and regulations.

In addition, we can transmit data also in the following way:

4.1 to subsidiaries and affiliated companies;

4.2. in case you are network member or platform participant via one of our portals or apps to other network members or platform participants in accordance with your current settings and stated preferences; and

4.3. to other persons like named partners of our consulting network and subcontractors we work with if this is required to operate and provide the consulting-, coaching-, and training services.

Furthermore, we can disclose your personal data,

4.4. if we are legally and lawfully required to do so;

4.5. to prosecution authorities or other governmental institutions based on a lawful request for disclosure; and

4.6. if we have come to the conclusion that a disclosure is necessary and appropriate to prevent physical harm or financial losses or in connection with suspected or actual fraudulent or illegal activity.

We reserve the right in connection with a merger or acquisition of our business, or partial or complete sale of assets to sell or transfer your information to any of our affiliates, successor entities, or new owners (also in case of restructuring of liquidation of our business).

We collaborate with different external service providers to fulfill our contractual and legal obligations. A list of contractors and service providers   with which we collaborate not only temporarily, can be retrieved on inquiry.

 

5. RIGHTS OF DATA SUBJECTS

If you are an affected person (data subject) you can assert the following rights according to Art. 15 – Art. 22 GDPR:

5.1 Right to request information: Affected persons have the right to request information about their own processed data to assess if their data is being lawfully handled.

5.2. Right to rectification: Affected persons have the right to obtain rectification of inaccurately or incompletely stored data concerning him or her to protect the accuracy and completeness of their data.

5.3. Right to erasure: Affected persons have the right to obtain the erasure of personal data concerning him or her and to and to end processing of their data.

5.4. Right to restriction of processing: Affected persons have the right to obtain restriction of processing.

5.5. Right to data portability: Affected persons have the right to receive the personal data concerning him or her, which he or she has provided to us, in a structured, commonly used format or that affected person can apply for transmission of that data to another data controller.

 

5.6. Right to object: Affected persons who have provided personal data to a data controller, have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her for a variety of reasons outlined in the EU General Data Protection Regulation, without justification.

 

5.7. Right to object to a decision based solely on automated processing and profiling: Affected persons have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

 

5.8. Right to raise complaints with the responsible data protection supervisory authority: Affected persons have the right to raise complaints at the responsible public data protection supervisory authority, especially in the EU member state of the residence or habitual residence. their work location or at the place of the suspected infringement of their data protection rights if the affected person considers the processing of their personal data to be non-compliant with the EU GDPR.

 

The data protection supervisory authority responsible for MomentaryX AG is:

Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Ludwig-Erhard-Str 22, 7. OG
20459 Hamburg
E-Mail: mailbox@datenschutz.hamburg.de
Website: https://datenschutz-hamburg.de/pages/kontakt/

 

Ist he processing of personal data based on consent according to Art. 7 GDPR, affected persons can withdraw their consent at any time by writing to: privacy@momentaryx.com

Please use the above contact details if you need more information about your personal data or if you want to assert your rights.

 

6. STORAGE OF YOUR DATA

We store personal data in our systems in a way that data of affected persons is not stored longer than the purposes, for which the data has been collected or for which the data has been processed can be identified.

We determine this specific period in consideration of:

  • Requirements to continue to store personal data of the user for other agreed services;
  • Legitimate interests of the data protection officer according to the described purposes;
  • Any existing legal obligations that require processing and accordingly storage for a certain period (e.g. commercial record-keeping duties).

 

7. DATA TRANSMISSION

We can transmit personal data concerning you transmit also into other countries than the country of origin of your data. In such countries other data protection laws may apply. Whe we transmit your data into other countries, we protect your data as described in this policy and transmissions are subject to applicable law.

Countries into which we may transmit your collected, personal data may be:

  • Countries within the European Union
  • Countries outside of the European Union

As German corporation we are not subject to the US “Cloud Act“, unlike especially other, US-based social media providers.

When we transmit personal data from within the European Union to countries or international organizations outside the European Union, the transmission is based on:

7.1. Adequacy decision of the European Commission

7.2. Other legitimate reasons in absence of a adequacy decision

7.2.1. legally binding and enforceable instrument between public authorities or agencies

7.2.2. binding internal corporate policies

7.2.3. standard data protection clauses that are accepted by the commission

 

8. RIGHT TO CHANGE THIS DATA PROTECTION POLICY

We reserve our right to make forward changes to this data protection policy at any time. The current version is always accessible on our website. Please visit our website frequently to keep you informed regarding our data protection policy.

 

9. DECLARATION OF CONSENT TO USE AND STORE PERSONAL DATA FROM INTERESTED PARTIES, CLIENTS AND PLATFORM PARTICIPANTS OF THE MOMENTARYX AG

By actively clicking respectively checking boxes on our website, portal or app or by signing a written letter of consent, the user (m/f/d) declares according to the EU-General Data Protection Regulation 2016/679 („GDPR“) that the user has read, understood  and acknowledged the content of this declaration of consent.

The user agrees with the processing of his personal data (including sensitive personal data) by MomentaryX AG, their subsidiaries and affiliated companies, according to the following statements and in line with the EU-GDPR, this data protection policy and all other applicable laws and regulations (especially German Federal Data Protection Act.

Included declarations of consent:

9.1. Data processing, storage and transmission

I agree to the processing, storage and transmission of my personal data I have provided including any special categories of personal data according Art. 9 GDPR (e.g. information regarding my marital status or health data), through MomentaryX AG, their subsidiaries, affiliated and contracted companies for the under number 3. of this data protection policy listed purposes including automated processing.

I agree to the processing of my personal data for these purposes. I have understood that I can withdraw my consent without justification with effect for the future at any time. A withdrawal of consent does not affect the rightfulness of processing to date. I understand that I can find more information on the momentaryx.com homepage.

 9.2. Storage of personal data

The MomentaryX AG pursues as platform business and „Business Ecosystem as a Service“ provider holistic solutions in order to provide interested parties, clients and platform participants, who have been interested party, client and/or platform participant before or have consumed services of the MomentaryX AG or got listed as interested party, based on complete information including their previously provided information.

I therefore agree that the responsible office may re-use and storepreviously provided personal data (e.g. in an app- or platform profile, letter, email, CV, certificate or reference, questionnaire or survey, Interview, etc.), beyond the period of a single order or service or platform participation. I agree that the MomentaryX AG uses this data to consider it in later advice or participation in the same or other networks and platforms should I resume service consumption of MomentaryX AG or their subsidiaries or affiliated companies. This consent is voluntary and has no impact on conditions or service levels.

I understand that I refuse to agree and that I can withdraw this consent without justifiaction at any time without fearingh any disadvantages. in case of withdrawal my data will be deleted immediately after termination of services and platform participation or any legal retention period. This agreement is valid until further notice.

 9.3. Use of personal data for personalized advertising

In case I have given an explicit sign of consent, e. g. by opting in / clicking the relevant checks in a website, portal or app or through a written agreement I agree to receive newsletter or advertising and content suggestions based on my stated interests and preferences. I agree to the processing and use of my personal data for that purpose. (especially name, first name, e-mail address). I can withdraw my consent at any time from MomentaryX AG.