mwbFairtrade Logo

Data protection

1. General privacy policy

We know that the careful handling of your personal information is important to you. We therefore appreciate your trust that mwb fairtrade Wertpapierhandelsbank AG will handle this information conscientiously. With this declaration you give us your consent that we may collect, process and use your personal data listed below in accordance with the General Data Protection Regulation (GDPR) for the purposes stated here. This consent can be revoked at any time with effect for the future.

Please note that the website of mwb fairtrade Wertpapierhandelsbank AG contains links to websites of other providers that are not covered by this privacy policy.

The websites of mwb fairtrade Wertpapierhandelsbank AG do not use cookies. The collection and processing of personal data that we receive from you helps us to customize and continuously improve our service. When you visit our website, mwb fairtrade Wertpapierhandelsbank AG collects data and information using an automated system. This data is stored in the server log files. 

The following data may be collected:


(1) Information about the browser type and version used
(2) The user's operating system
(3) The user's Internet service provider
(4) The user's IP address
(5) The date and time of access
(6) Websites from which the user's system accesses our website (referrer)
(7) Websites that are accessed by the user's system via our website

The processing of the data serves to deliver the content of our website, to ensure the functionality of our information technology systems and to optimize our website. The log file data is always stored separately from other personal user data. 

Use and disclosure of personal data 

All data, whether automatically stored or provided by you, will be treated confidentially by us and, in the case of automatic data and your e-mail address details, will only be passed on to our provider for the purpose of storing and distributing e-mails. They will not be passed on or sold to third parties. We use your personal data exclusively to answer your inquiries. 

The transfer of personal data to state institutions and authorities does not take place automatically, but only within the framework of the applicable financial laws (Stock Exchange Act, Securities Trading Act). The internal and external employees of mwb fairtrade Wertpapierhandelsbank AG as well as those of the provider are bound to data secrecy.

2. Name and address of the data controller

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is

mwb fairtrade Wertpapierhandelsbank AG

Rottenbucher Straße 28
82166 Gräfelfing
Germany
Phone: +49 89 85852-0
E-mail: info(at)mwbfairtrade(dot)com
Website: www.mwbfairtrade.com

3. Name and address of the data protection officer

The data protection officer of the controller is

DZ Compliance Partner GmbH

Wilhelm-Haas-Platz
63263 Neu-Isenburg/Zeppelinheim-Ost
Germany
Phone: +49 69 580024-277
Email: datenschutz(at)mwbfairtrade(dot)com

4. Legal bases, purposes of processing and origin of personal data

We process personal data in accordance with the EU General Data Protection Regulation (GDPR) permissible legal bases and purposes.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Article 6 (1) (f) GDPR serves as the legal basis for the processing. The legitimate interest of our company lies in the performance of our business activities.

5. Recipients of personal data

Internal recipients
Our technical and organizational measures ensure that only those employees have access to your data who need it to fulfill their tasks and our legal and contractual obligations.


External recipients
The transfer of personal data to external recipients only takes place if it is necessary for the fulfillment of legal or contractual obligations. Examples of transmission to external recipients may include
    ▪ External service providers whose services we use and who receive or become aware of personal data for this purpose. In such a case, a special order processing contract is concluded with each service provider in accordance with the requirements of the General Data Protection Regulation and the BDSG. All data security-related obligations are regulated and regularly monitored in this contract. In this context, it is important to emphasize the obligation to maintain banking and data secrecy for the processors. Examples of this include system maintenance tasks by external specialists (system updates or troubleshooting measures).
 
    ▪ Public bodies, offices or authorities to which a reporting obligation exists.


6. Transfer to third countries/international organizations

We do not transfer personal data to countries outside the EU, the EEA or to countries for which there is no EU adequacy decision or to international organizations. If processors are used in such countries, they are obliged to provide a level of data protection comparable to that in the EU via EU standard contractual clauses.
 
7. Duration of the storage of personal data

Personal data is stored for the duration of the respective statutory retention period. After this period has expired, the data is routinely deleted, unless there is a need to initiate or fulfill a contract.

8. Rights of the data subject

Every data subject has the right 
    ▪ to information (Article 15 GDPR) from the controller about the personal data concerned and
 
    ▪ to rectification (Article 16 GDPR) or erasure (Article 17 GDPR) or to restriction of processing (Article 18 GDPR)
 
    ▪ to data portability (Article 20 GDPR)
 
    ▪ to object to the processing (Article 21 GDPR)
 
    ▪ (if applicable) to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal (Article 7 GDPR)
 
    ▪ to lodge a complaint with a supervisory authority (Article 77 GDPR) For Baader Bank AG, the Bavarian State Office for Data Protection Supervision is the competent supervisory authority

The complaint can be made in writing, verbally or online using the following contact details: Bavarian State Office for Data Protection Supervision (BayLDA), Promenade 27, 91522 Ansbach, T +49 981 53 1300, F +49 981 53 98 1300, poststelle@lda.bayern.de, www.lda.bayern.de

9. Necessity to provide the data and consequences of non-provision

You are not obliged to provide us with your personal data. However, a desired contractual business relationship cannot and may not be entered into without the provision of this data. As a matter of principle, we only collect data that is necessary for the fulfillment of contractual or legal obligations and thus fulfill a data economy requirement of the BDSG. 

10. No automated decision-making including profiling

We do not use scoring or profiling systems for automated decision-making and the data is only used for the purpose for which it was collected.

11. Data protection notice for applicants

Data and documents provided to us in connection with your application (e.g. letter of application, CV, certificates) are collected, stored and used by our HR department exclusively for the purpose of the application process. We only store your personal data for as long as is necessary to fulfill the purpose for which it was collected or as long as we are required by law to retain it. If we do not accept your application, we will delete your data after six months from the date on which the position was awarded. A longer storage of your data is only possible if we have your express consent. We do not pass on the collected data to third parties; in particular, this data is not sold or rented out.