White text on a light gray background reads UMS+ in large letters, with AN EXPLEO COMPANY in smaller text below.

Privacy policy

Privacy policy

for our website www.ums-gmbh.com

The following information is intended to provide you with an overview of how we handle the data that we collect from you in connection with the use of our services and when you visit our website www.ums-gmbh.com. We would also like to inform you about your data protection rights. Which data is processed in detail and how it is used depends on the services used in each case.

1. controller, Art. 4 No. 7 GDPR

The controller responsible for the processing of your data within the meaning of Article 4(7) of the General Data Protection Regulation (GDPR) is

UMS Consulting GmbH & Co. KG
Hanauer Landstraße 291 B
60314 Frankfurt am Main (Germany)

2 What is “personal data”?

Personal data is information about you that allows conclusions to be drawn about your identity, e.g. your name, address or telephone number. This does not include information that does not allow conclusions to be drawn about a specific or identifiable person.

3. scope of data collection, processing and use

a) On our website

aa) Visiting the website

When you visit our website for information purposes only, i.e. if you do not log in or otherwise provide us with information, we only collect the data that your browser transmits to our server. This is technically necessary in order to display our website to you and to ensure stability and security:

  • IP address of the requesting computer
  • Date and time of the request
  • Desired access method/function
  • Transmitted input values
  • Access status of the web server
  • Name of the requested file
  • Referrer URL
  • Browser type and version
  • Operating system used

bb) Making contact

You can contact us by e-mail or via our contact form. We process the data you provide in order to answer your request.

cc) Customer login

We provide a log-in for our customers. The user name and password are sent to the customer by post or e-mail. The access data is stored separately and enables anonymized use.

dd) Cookies

We use so-called session cookies, which are used for user-friendly, effective and secure use. These are automatically deleted after your visit.

You can deactivate cookies in your browser. However, you may not be able to use all the functions of the website.

b) Other processing of data

We collect personal data when you make inquiries, request quotations, place orders, register for events or when we enter into contractual relationships. This includes company data and personal data of contact persons, applicants or participants.

4. purpose of processing and legal basis

a) Fulfillment of the contract (Art. 6 para. 1 b GDPR)

We process data in order to provide our contractual services or to carry out pre-contractual measures.

b) Balancing of interests (Art. 6 para. 1 f GDPR)

We also process data to protect legitimate interests, e.g:

  • Ensuring IT security
  • Creation of anonymized access statistics
  • Assertion and defense of legal claims

c) Consent (Art. 6 para. 1 a GDPR)

Data processing based on your consent (e.g. newsletter). Consent can be revoked at any time.

5. recipient of the data

  • Website data is not transmitted to third parties.
  • Subcontractors (e.g. trainers) can receive participant lists.
  • Data is transmitted to the relevant bodies for certification purposes.
  • Legal obligations may require disclosure to authorities.

6. transfer to third countries

As a rule, data is not transferred outside the EU/EEA. Should this be necessary for the provision of services, the transfer will take place in accordance with Art. 44 et seq. GDPR.

7. duration of storage

  • Storage only takes place for as long as necessary.
  • Server log files: 3 months.
  • Session cookies: End of the visit.
  • Requests: 3 months.
  • No deletion takes place in the case of statutory retention obligations or limitation periods.

8. security of your data

We take appropriate technical and organizational measures. Employees and service providers are obliged to comply with data protection.

9. your data protection rights

As a data subject, you have the right to

  • Information (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction (Art. 18 GDPR)
  • Objection (Art. 21 GDPR)
  • Data portability (Art. 20 GDPR)

You can also lodge a complaint with the competent supervisory authority.

10. obligation to provide

There is no legal obligation to provide data. However, certain information is required for inquiries or contracts.

11. automated decision-making / profiling

No automated decision-making or profiling takes place.

12. data protection officer

If you have any questions about data protection, please contact us at: privacy@ums-gmbh.com

13. amendment of the privacy policy

We reserve the right to adapt the privacy policy. Earlier versions can be requested by e-mail.

V 1.0 – Frankfurt am Main, May 2018