Privacy policy

Our aim is to provide you with services, for which you can be sure that the personal data you provide will be processed in strict confidence and for the intended purpose, and that it is always you who decides on disclosure and transfer to third parties. You entrust us with your personal data and we reliably protect it in compliance with legal requirements.

Here, we will provide you with detailed information about what data we collect and store on which occasion, why we do it and how this data is processed.

Your personal information and personal data are collected and stored in this application with the utmost care and integrity and used only for the intended purpose.

 

Data controller and contact details

mint digital education GmbH
Buchkremerstr. 6
52062 Aachen

E-mail: info@mint-de.com
Website: https://mint-de.com

Managing director: Kai U. Müller
Company register Aachen HRB 23925

 

Contact details of the Data protection officer:

Our Data protection officer will be happy to provide you with information or receive your suggestions on data protection:


Vladyslav Prykhodko
Workconsult GmbH
Harkortstraße 5
04107 Leipzig
Deutschland
E-Mail: vp@workconsult.de

 

Purposes of data processing

The purpose of data processing is execution of the following tasks by the Controller: technical realization and support of the web application tri-win, in order to enable interactive online teaching services including virtual classrooms, as well as the social media web application tri-win Community.

 

Legal basis for data processing

The legal basis for data processing, in case the user registers voluntarily on his/her own initiative, is provided by Art. 6 p. 1 p. a GDPR as well as by Art. 9 p. 2 p. a GDPR – explicit consent of the data subject to the processing of his/her personal data for one or more specific purposes.

 

Types of personal data

Only those data are collected that are necessary for the use of the services offered in a personal user account as well as for the issuance of certificates or attestations.

It is necessary to provide a first name and last name (personal salutation incl. the form of address), an e-mail address (identifying feature, enabling support, e.g. in case of a forgotten password), information required for the form (street, house number, postal code, city, country) and a password (login to the user account).

These data will not be disclosed or transferred to third parties in any case. By registering, you agree that all data will be included in our database. 

 

Categories of data subjects

Persons affected by data processing: website visitors, teachers, students.

 

Storage of IP address

The IP address transmitted by web browsers is stored strictly for the purpose of detecting, limiting and eliminating attacks on these web pages for a maximum period of seven days. After this period, the IP addresses will be deleted or anonymised. The legal basis is Art. 6 p. 1 p. 1 p. f GDPR.

 

Usage data

Each time a file is requested from this website, access data is temporarily stored. Each data record consists of:
-    the name of the file
-    the date and time of the request
-    the amount of data transferred
-    the access status (file transferred, file not found, etc.)
-    the description of the type of browser used
-    the IP address of the requesting computer
The stored data is analysed exclusively for statistical purposes. Their transfer to third parties, even in form of extracts, does not take place.

 

Cookies

Due to technical reasons, we use temporary cookies (i.e. identifiers that a web server can send to your computer, also session cookies) to control your connection to our websites during the session. These cookies are automatically deleted when you leave the website, so no data is stored on your computer. The processing is based on Art. 6 p. 1 p. 1 p. f GDPR and is done to optimize or enable the user guidance and to customize our website. You can set your browser so that it informs you about the placement of cookies. This makes the use of cookies transparent for you. However, we would like to point out that the functionality of the service is impaired if you do not accept the session cookies.

 

Use of the collected data

We use the personal data collected for the purposes mentioned above in order to provide the particular services. We collect only the data necessary for the fulfillment of the purpose. You can be sure that the data is only used for the purpose for which it is meant to be used.

In case of data transmission for the purpose of registration for a seminar or expression of interest, the data will be processed by our partner company ADVANTAGE AUSTRIA, which also carries out the booking and invoicing on behalf of mint GmbH. ADVANTAGE AUSTRIA is obliged to comply with the data protection requirements described here to the fullest extent.

 

Duration of the personal data storage

Personal data will only be stored in a form that enables the identification of the data subjects if this is necessary for the purposes specified or agreed upon.

 

Data security

We use technical and organisational security measures to protect your data processed by us against accidental or intentional manipulation, loss, destruction, or access by unauthorised persons. Our security measures are continuously improved in line with technological developments.

We have no liability for the actual process of data transmission over the Internet. Also, no claims can be made against us for the loss of data for whatever reason.

 

Encryption

All personal data is fully encrypted on the AWS servers and only the responsible person has access to the key. The EBS (Elastic Block Storage) full encryption is applied using the KMS (Key Management Service) with CMK (Customer Master Keys). The encryption method is AES-256. The data protection standard thus ensures the same level of data protection as in the EU, despite the use of an American service provider (AWS).

 

Your rights

When processing your personal data, the GDPR grants you as a website user the following rights:

1. Right of access (Art. 15 GDPR):

You have the right to obtain confirmation as to whether or not personal data concerning you are being processed; where that is the case, you have the right to access this personal data and the information specified in Art. 15 GDPR.

2. Right to rectification and erasure (Art. 16 and 17 GDPR):

You have the right to obtain without undue delay rectification of your inaccurate personal data concerning you and, if necessary, to have incomplete personal data completed.

You also have the right to obtain the erasure of personal data concerning you without undue delay if one of the grounds listed in Art. 17 GDPR applies, e.g. if the data are no longer necessary for the purposes for which they were collected.


3. Right to restriction of processing (Art. 18 GDPR):

You have the right to obtain restriction of processing if one of the conditions listed in Art. 18 GDPR applies, e.g. if you have objected to the processing of your personal data pursuant to Art. 21 GDPR or for the duration of verification whether our legitimate interests override your interests as a data subject.

4. Right to data portability (Art. 20 GDPR):

In certain cases, which are listed in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format or to request that this data be transmitted to a third party.

5. Right to object (Art. 21 GDPR):

If data is collected based on Art. 6 p. 1 p. 1 p. f GDPR (data processing for the protection of legitimate interests) or based on Art. 6 p. 1 p. 1 p. e GDPR (data processing for the protection of public interest or in the exercise of official authority), you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you. We will then no longer process the personal data unless there are compelling reasons for processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

6. Right to lodge a complaint with a supervisory authority

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of data concerning you infringes Data Protection Regulation. The right to lodge a complaint can be asserted before a supervisory authority in the Member State of your place of residence, your place of work or the place of the alleged infringement.