White text on a light gray background reads UMS+ in large letters, with AN EXPLEO COMPANY in smaller text below.

Privacy policy

Privacy policy

for our website www.ums-gmbh.com

The following information is intended as an overview of how we process your data that we collect when you use our services and when you visit our website www.ums-gmbh.com. We also want to make you aware of your data privacy rights. The specific data collected, and how it is used, depends on your choice of services.

1. ‘Controller’, Art. 4 Item 7 EU GDPR

The controller responsible for processing your data as defined in Article 4 Item 7 of the EU General Data Protection Regulation (EU GDPR) is

UMS Consulting GmbH & Co. KG
Hanauer Landstraße 291 B
60314 Frankfurt am Main (Germany)

2. What is ‘personal data’?

‘Personal data’ means any information about you through which you can be identified, e.g., your name, address, or telephone number. Information that does not relate to a directly or indirectly identified or identifiable person is not classed as personal data.

3. Scope of data collection, processing, and use

a) On our website

aa) Visiting the website

When you visit our website purely to research information, i.e., you do not log in or transfer information to us in any way, we only collect the data that your browser sends to our servers. When you request to view our website we collect the following data, which we require for technical reasons to be able to display the website to you and to ensure its stability and security:

  • IP address of the computer making the request
  • Date and time of the request
  • Access method/function preferred by the computer making the request
  • Input values transmitted by the computer making the request
  • Web server access status (transmit file, file not found, command not executed, etc.)
  • Name of the file requested
  • URL from which the file was requested/the desired function was triggered (referrer URL)
  • Browser type and version
  • Operating system used

bb) Contacting us

You can contact us by e-mail or using our contact form. We process the data that you share with us in order to respond to your inquiry.

cc) Client login

We provide a login function for clients on our website, which we occasionally use to deliver specific information. Clients can request that we send their user name and password by post or e-mail. This access data is stored separately from the client data to ensure that any access is anonymous.

dd) Cookies

We use so-called session cookies, which are used for user-friendly, effective and secure use. These are automatically deleted after your visit.

You can deactivate cookies in your browser. However, you may not be able to use all the functions of the website.

b) Other processing of data

We collect and store personal data when you send us an inquiry, request a quote or proposal, submit an order, or register for our events, as well as in the course of substantiating and dealing with contractual relationships. Alongside information about the respective company (name, address, contact details) we also collect and store personal data shared with us by individual enterprises, registered event attendees, job applicants, and contact persons at our contract partners’ companies.

4. purpose of processing and legal basis

a) Fulfillment of the contract (Art. 6 para. 1 b GDPR)

Data is processed for the purpose of performing our contractual services or in order to take steps at your request prior to entering into a contract.

b) Balancing of interests (Art. 6 para. 1 f GDPR)

We also process data to protect legitimate interests, e.g:

  • Ensuring IT security
  • Creation of anonymized access statistics
  • Assertion and defense of legal claims

c) Consent (Art. 6 para. 1 a GDPR)

Data processing based on your consent (e.g. newsletter). Consent can be revoked at any time.

5. recipient of the data

  • Website data is not transmitted to third parties.
  • Subcontractors (e.g. trainers) can receive participant lists.
  • Data is transmitted to the relevant bodies for certification purposes.
  • Legal obligations may require disclosure to authorities.

6. transfer to third countries

As a rule, data is not transferred outside the EU/EEA. Should this be necessary for the provision of services, the transfer will take place in accordance with Art. 44 et seq. GDPR.

7. duration of storage

  • Storage only takes place for as long as necessary.
  • Server log files: 3 months.
  • Session cookies: End of the visit.
  • Requests: 3 months.
  • No deletion takes place in the case of statutory retention obligations or limitation periods.

8. security of your data

We take appropriate technical and organizational measures. Employees and service providers are obliged to comply with data protection.

9. your data protection rights

As a data subject, you have the right to

  • Information (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction (Art. 18 GDPR)
  • Objection (Art. 21 GDPR)
  • Data portability (Art. 20 GDPR)

You can also lodge a complaint with the competent supervisory authority.

10. obligation to provide

There is no legal obligation to provide data. However, certain information is required for inquiries or contracts.

11. automated decision-making / profiling

No automated decision-making or profiling takes place.

12. data protection officer

If you have any questions about data protection, please contact us at: privacy@ums-gmbh.com

13. amendment of the privacy policy

We reserve the right to adapt the privacy policy. Earlier versions can be requested by e-mail.

V 1.0 – Frankfurt am Main, May 2018