PRIVACY STATEMENT

20 December 2019

Thank you very much for your interest in our company. Data protection is important to us and accordingly we explain to you in this data protection declaration how we collect and process which personal data (in short: “personal data”, i.e. data relating to a specific or identifiable person, such as name, address, nationality, e-mail address, user behaviour on websites). This privacy statement is based on the EU General Data Protection Regulation (GDPR).


1 CONTROLLER, DATA PROTECTION OFFICER AND REPRESENTATIVE

Responsible for data protection is:
MariaMarina Foundation, Landstrasse 105, 9495 Triesen
E-Mail: mmf@mmf.li
Website: www.mmf.li


2 COLLECTION OF PERSONAL DATA AND PROCESSING PURPOSES

(1) We limit the processing of personal data to personal data which we receive in connection without relationship with you, our cooperation partners (e.g. organisations as intermediaries) or which we collect from users on our websites, apps or other applications.

(2) In particular, we collect the following personal data from you on a case-by-case basis and depending on the purpose (see below):

  • Salutation / Title
  • First name, last name
  • Address
  • Email address
  • Telephone number(s)
  • Nationality
  • Photos
  • and other information, in particular in connection with projects and events

If you use our homepage or websites, we also collect data. See chapter 4.

(3) In addition, if permitted and indicated, we obtain and process further data from publicly accessible sources (e.g. land register, commercial register, media, Internet, Worldcheck) on a case-by-case basis or receive such data from authorities and institu-tions, from your personal environment or from other third parties.

(4) We need this data in particular to fulfil the following purposes:

  • to identify you as a user of our website
  • to communicate with you
  • to process your grant application
  • to perform our due diligence obligations
  • to comply with further legal requirements
  • to prepare our annual report
  • to dispatch our annual report
  • to assess and respond to employment applications (if you apply to us)
  • for the assertion of legal claims or defence of our position in general
  • to ensure our operation in general (e.g. IT, website)
  • for the protection of further safety aspects

(5) We will only process your personal data if we are required to by law (e.g. due diligence) or based on a contract or if the data processing is necessary for the performance of a task which is in the public interest or is performed in the exercise of official authority. Beyond that we only process your personal data where we have your consent with no revocation. Or if legitimate interests on our part prevail (e.g. continuation of the delivery of newsletters to existing customers, provided that there is no revocation).
Consent can be revoked by you at any time.


3 RECIPIENTS OF PERSONAL DATA AND DATA TRANSFER ABROAD


(1) We only pass on your personal data to recipients or third parties within the scope of the purposes described above, as far as permitted and indicated in your particular context. This may include in particular:

  • Service companies such as banks, IT providers, printing companies, fiduciaries, accounting companies
  • Authorities, state institutions, courts, auditors

(2) Such data transfer is based either on a legal obligation (e.g. data transfer in the course of automatic information exchange), a fulfilment of a contract (e.g. asset manager abroad), a consent on your part, a public interest or on the basis of legitimate interests on our part, provided that the interests or fundamental rights and freedoms on your part do not predominate with regard to the protection of personal data.

(3) The recipients may be domestic or abroad. In particular, we draw your attention to the fact that we may exchange personal data within our group companies or transfer personal data to countries in which service companies are located from which we obtain services (e.g. Microsoft, etc.), if this is done within the framework of a clearly defined underlying purpose
In the case of recipients outside our company in the EU/EEA or in countries with recognised data protection adequacy (e.g. Switzerland), we ensure data protection by concluding so-called order data processing agreements – where necessary and indicated.
If we transfer personal data to third countries without adequate legal data protection status, we ensure an adequate level of protection in accordance with legal requirements, for example on the basis of EU standard contractual clauses or other instruments (e.g. Binding Corporate Rules, US Privacy Shield).


4 USE OF OUR HOMEPAGE AND WEBSITE

In addition to the above, we would like to inform you about the use of our websites for cookies, analytics/tracking or other technologies as follows:

(1) We do not collect any personal data when you simply use the website for information purposes (i.e. if you do not log in to use the website, register or otherwise provide us with information), with the exception of data transmitted by your browser to enable you to visit the website, which may in particular include the following personal data:

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Contents of the request (concrete page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request comes
  • Browser used
  • Operating system and its interface
  • Language and version of the browser software

(2) The server log files with the above data are automatically deleted after 30 days. We reserve the right to store the server log files for longer if facts exist which suggest the assumption of unauthorized access (such as an attempt at hacking or a so-called DOS attack).

(3) Our website and various online services, such as Google, use so-called cookies. These are small text files that are stored on your terminal device with the help of the browser. The cookies do no harm.
We only use them to make our offer more user-friendly. Some cookies remain stored on your terminal device until you delete them. They enable us to recognize your browser on your next visit. The data in the cookies are not linked to your other data.
If you do not wish this, you can set your browser so that it informs you about the setting of cookies and you only allow this in individual cases. However, we would like to point out that in this case you may not be able to make full use of all the functions of our website.


5 USE OF OTHER WEB SERVICES

5.1 SSL OR TLS ENCRYPTION
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site opera-tor. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.


6 DATA PROTECTION FOR EMPLOYMENT APPLICATIONS AND FOR THE APPLICATION PROCESS

We collect and process personal data of applicants for the purpose of processing the application. Processing may be carried out on paper or electronically by e-mail or by filling in a web form. If an employment contract is concluded with an applicant, the personal data received will be processed for the purpose of processing the employment relationship in compliance with regulatory obligations. Otherwise, the application documents will be deleted three months after rejection, provided that no legitimate interests on our part prevail.


7 STORAGE PERIOD

We only store your personal data for as long as it is necessary for the purposes for which it was collected in accordance with this privacy statement. However, we may be required by law to store certain information for a longer period of time. In this case, we will ensure that your personal data is treated in accordance with this privacy statement and in accordance to the GDPR for the entire period.


8 YOUR RIGHTS

(1) You have the right at any time and free of charge to request information from us about the personal data we have stored about you, as well as about its origin, recipients or categories of recipients to whom this personal data is passed on and the purpose of its storage.
(2) You also have the right to demand that we correct, delete or restrict the processing of your personal data at any time. We commit ourselves to this, unless there is a contrary legal obligation on our part.
(3) You also have the right to object to the processing of your personal data by us at any time. We commit ourselves to this, unless there is a contrary legal obligation on our part.
(4) If you have given us consent to the use of personal data, you can revoke it at any time without giving reasons.
(5) Furthermore, you have the right to complain directly to the data protection office of Liechtenstein (www.llv.li/#/1758/datenschutzstelle).
(6) If you wish to exercise the above rights, please contact the address mentioned in paragraph 1.


9 DATA SECURITY

We maintain current technical measures to ensure data security, in particular to protect your personal data from the dangers of data transmission and from third parties gaining knowledge. These measures will be adapted to the current state of the art.


10 CHANGE

As part of the technical development of our range of services and the legal framework, we will also continuously adapt our data protection declaration. For this purpose, changes to the data protection declaration will be published on our website. Please therefore regularly read the current version of this data protection declaration. Subject to applicable law, any changes to the Privacy Policy will take effect as soon as the up-dated Privacy Policy is published. If we have already collected information about you and/or are required to do so by law, we will also notify you of any material changes to our privacy policy and ask for your consent should this be required by law.