Name and address of the responsible party
The responsible party within the meaning of the General Data Protection Regulation (GDPR) is the
Marcus Malkut Foundation
T +423 237 75 85
Scope of the processing of personal data
1. Umfang der Verarbeitung personenbezogener Daten
The processing of personal data of our website users is limited to those data that are necessary to provide a functional website and our content and services. The responsible party processes user data in a proper manner and takes appropriate security measures to prevent unauthorized access and unauthorized forwarding, modification or destruction of data.
In addition to the responsible party, other persons could also operate this website internally or externally - and in the case where necessary, designated by the responsible party as processors (such as providers of technical services, delivery companies, hosting providers, IT companies or communications agencies) - and thus have access to personal data. An up-to-date list of these parties may be requested from the responsible party at any time.
Personal data of our users will only be processed for the purposes agreed with them or if there is another legal basis (in the sense of the GDPR). Only such personal data is collected that is actually required for the performance and processing of our tasks and services or that you have voluntarily provided to us.
The data will be processed at the headquarters of Marcus Malkut Foundation and at all other places where the entities involved in data processing are located. Therefore applies:
- Personal data collected for the purpose of fulfilling a contract concluded between the responsible party and the user will be stored until the complete fulfillment of this contract.
- Personal data collected for the purpose of safeguarding the legitimate interests of the responsible party will be retained for as long as necessary to fulfill those purposes. Users can obtain more detailed information about the legitimate interests of the responsible party in the relevant sections of this document or by contacting the responsible party.
In addition, the responsible party is permitted to store personal data for a longer period of time if the user has consented to such processing, as long as the consent is not revoked. Furthermore, the responsible party may be obliged to store personal data for a longer period of time if this is necessary to fulfill a legal obligation or by order of an authority.
After the storage period has expired, personal data is deleted. Therefore, the right of access, the right of deletion, the right of rectification and the right of data portability cannot be exercised after the expiry of the storage period.
2. Your rights
Users may exercise certain rights in relation to their data processed by the responsible party.
- In particular, users have the following rights:
- Revoke the consents at any time. If the user has previously consented to the processing of personal data, he may revoke his own consent at any time.
- Object to the processing of their data. The user has the right to object to the processing of their data if the processing is based on a legal basis other than consent. Further information on this is provided below.
- Receive information regarding their data. The user has the right to know whether the data is processed at all, to receive information about individual aspects of the processing and to obtain a copy of the data.
- Verification and rectification. The user has the right to verify the accuracy of his data and request its update or correction.
- Request a restriction of the processing of their data. Users have the right to restrict the processing of their data under certain circumstances. In this case, the responsible party will not process the data for any purpose other than storage.
- Request deletion or otherwise removal of the personal data. Users have the right, under certain circumstances, to request the deletion of their data from the responsible party.
- Receive their data and have it transferred to another responsible party. The user has the right to receive his or her data in a structured, common and machine-readable format and, if technically possible, to have it transferred to another controller without hindrance. This provision is applicable if the data is processed by automated means and the processing is based on the user's consent, on a contract to which the user is party, or on pre-contractual obligations.
- File a complaint. Users have the right to file a complaint with the competent supervisory authority.
3. Details on the right to object to processing
If personal data is processed in the public interest, in the exercise of a sovereign power conferred on the responsible party or for the purposes of safeguarding the responsible parties' legitimate interests, the user may object to such processing by providing a justification relating to his/her particular situation.
4. How the rights can be exercised
All requests for the exercise of user rights may be addressed to the responsible party via the contact details provided in this document. Requests can be exercised free of charge and will be processed by the person in charge as soon as possible, at the latest within one month.
Description and scope of data processing
1. Provision of the website
Each time our website is accessed, our system or the system on which the website is hosted automatically collects data and information from the computer system of the accessing computer.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources.
The legal basis for the data processing is Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be recorded.
We do not conduct our own web analyses on our website and do not use any web analysis tool.
Hosting Provider der Webseite ist die Hocus & Pocus AG, Egerta 17, 9496 Balzers, Liechtenstein. Die Datenschutzerklärung der Hocus & Pocus AG kann unter folgendem Link aufgerufen werden: https://hocus-pocus.li/datenschutz/
When you visit our website, your personal data is processed on the servers of AWS. In this process, personal data may also be transferred to the parent company of AWS in the USA. The data transfer to the USA is based on the EU standard contractual clauses. Details can be found here: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.
We would like to point out that no level of data protection comparable to the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as the data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.
The use of AWS is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the most reliable presentation of our website. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
We have concluded a contract with the above-mentioned hosting provider, which ensures that it only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Most of the cookies we use are so-called "session cookies". They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies allow us to recognize your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When deactivating cookies, the functionality of this website may be limited.
Cookies that are required to carry out the electronic communication process or to provide certain functions you have requested are stored on the basis of Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for the analysis of your surfing behavior) are stored, these are treated separately in this data protection declaration.
The legal basis for the data processed by cookies is Art. 6 para. 1 p. 1 lit. f GDPR.
3. Project application
If you fill out a project application or send us an e-mail or other electronic message, your information will only be stored for processing the request, possible related further questions, and will only be used in the context of the request. We do not pass on this data without your consent.
The legal basis for processing your request is Art. 6 para. 1 lit. b and Art. 6 para. 1 lit. f GDPR.
The data you enter in the project application will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g., after we have completed processing your inquiry).
Mandatory legal provisions - in particular retention periods - remain unaffected.
4. Social Plugins
No social plugins are used on our website.
We use appropriate technical and organizational security measures within the website visit to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
The competent data protection authority is the Liechtenstein Data Protection Authority, Städtle 38, P.O. Box 684, 9490 Vaduz, Liechtenstein.