Privacy policy

General information

As management consultants in the field of implementing industry-specific tools, processes and planning algorithms, the topic of data protection and data security is a high priority in our industry and we are committed to the principle of responsible handling of personal data in addition to the statutory provisions. We want our customers and partners to feel secure in the knowledge that personal data in particular will be kept confidential and secret.

It is not always easy to comply with legal data protection requirements, as there is often a lack of clarity or uncertainty in practice due to constant technological change. We therefore want to engage in an open dialogue with those affected and assure you that we will take the time and spare no effort to protect your important right to confidentiality of personal data.

For this reason, we take extensive internal steps and measures to conscientiously ensure the implementation of legal requirements. With this information, we would like to explain as simply as possible which data is collected on the website (website visit) and in the collaboration (contractual relationship) with us and how we use it.

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is the:

MCP GmbH
Canovagasse 7/Top 13
1010 Vienna
Austria

Contact details for data protection enquiries: office@mcp-alfa.com

No data protection officer has been appointed as this is not required by law. Our internal data protection coordinator is the main contact person for your data protection matters and is available to answer your questions at any time.

We use the terminology of the General Data Protection Regulation (GDPR) in our information. To ensure that this information is easy to understand for all users, we try to avoid legal terms as far as possible. If information is not formulated clearly and simply, we would be pleased to receive feedback.

Your rights

You have the following rights

  • Right to information (request for information)
  • Right to rectification
  • Right to erasure (right to be forgotten)
  • Right to restriction of processing
  • Right to data portability
  • Right to object to the processing
  • Rights in connection with automated decision-making (including profiling)
  • Right to lodge a complaint with the data protection authority (https://www.dsb.gv.at/)

You can assert your rights at any time. To do so, please contact us by post or email at [office@mcp-alfa.com]. If you assert several rights at the same time, please inform us of the desired order so that no misunderstandings arise should we be able to fulfil your request.

We ask for your understanding that we cannot answer telephone or verbal enquiries, as we cannot ensure that the information is actually issued to the authorised person. Please help us to identify you when you contact us.

Website

When using the website and its subpages and services, MCP GmbH processes personal data for the following purposes:

  • Presentation of the website and its contents
  • Contact us (contact form)
  • Company presentation and offer presentation
  • Ensuring functionality and IT security measures
  • Marketing activities and analysis of website usage by users (remarketing, conversation measurement, click tracking)
  • Provision of our company blog and FAQs

The following data categories are recorded:

  • IP address
  • Date and time of access
  • Browser types and versions
  • Operating system used by the accessing system
  • The website or subpage from which an accessing system reaches our website (when using links)
  • Internet service provider of the accessing system
  • Collection of data generated by cookies (for more information, see the Cookies section)
  • When using the chatbot: contact data (email, telephone numbers); content data (entries in online forms); usage data (websites visited, interest in content, access times); meta/communication data (device information, IP addresses)
  • When using our free webinars: Login data and IP addresses (there is generally no recording)

Which services do we use? Who receives the data?

  • Processors, such as Microsoft, Hubspot, Emlen, Google, Linkedin, WordPress, Leadfeeder, advertising agency Stefanie Drucker, Serverprofis GmbH, clickskeks GmbH & Co KG
  • Our affiliated companies, such as Stiefsohn Consulting GmbH
  • Our cooperation partners (FuturMaster, Siemens, Optiwiser A.I. Solution GmbH, ifesca GmbH)
  • When cookies are used, data is passed on to third-party providers, which we describe in more detail in the section on the use of cookies

The server protocols (log files) are stored for up to one month. The legal basis for the processing of access data (web server log files), user analyses and the data collected by technically necessary cookies is the legitimate interest of the controller (provision of online services, data security) in accordance with Art. 6 (1) (f) GDPR.

For the use of advertising cookies, we base our processing on your consent, which can be customised at any time via our cookie banner. There you will also find a detailed description of the type of cookie and the duration of data storage.

If an application is submitted by e-mail, we will delete the application data within 7 months of the end of the application process (for the purpose of asserting claims in accordance with ยงยง 15 para. 1 and 29 GlBG with reference to the DSB decision DSB-D123.085/0003-DSB/2018), unless consent has been given for a longer retention period.

Newsletter

The newsletter contains information on (online) events organised by MCP GmbH, news and recommendations from the company and specialist articles on topics such as production planning, cycle planning, S&OP and planning algorithms.

When using the newsletter, MCP GmbH processes personal data for the following purposes:

  • Company presentation and offer presentation
  • Marketing activities
  • Analysing newsletter usage

The following data categories are recorded:

  • Name and e-mail address
  • Registration status, cancellation, blacklist
  • Time of delivery
  • Success measurement such as time of opening, duration of opening, IP address of opening, undeliverability (using so-called web beacons)
  • the e-mail programme used (mail client), which link was clicked and the time of the click
  • Language setting (DE / EN)
  • Meta/communication data (e.g. device information, IP addresses)

Which services do we use? Who receives the data?

  • Processor, HubSpot, Inc, 25 First St., 2nd floor, Cambridge, Massachusetts 02141, USA
  • Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland; parent company: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA (Data Privacy Framework certified)

Your data for receiving the newsletter will be processed as long as you have not revoked your voluntary consent for the respective purpose. If you unsubscribe, your data will be blocked so that you do not receive any further messages and will be deleted within 1 month.

Order placement and contract fulfilment

As a company, we process the personal data of our customers and partners in the course of our consultancy assignments. Here we want to inform our business customers about which data processing is carried out and which data categories are affected.

Personal data is processed for the following purposes when our services are utilised and in the case of project collaboration:

  • Contact us to arrange a potential meeting and initial consultation (via e-mail, contact form, phone call, electronic messages)
  • Processing requests for consulting services
  • Provision of services in connection with the system solution sold (installations, user training, installation of updates and patches)
  • Processing and invoicing of orders placed
  • Creating, managing and updating customer data and maintaining customer contact
  • Organisation of meetings (onsite and online, e.g. via video conferencing) and their scheduling (for more information, see the section on online meetings and video content)
  • Realisation of marketing activities
  • Project realisation for scientific collaboration and cooperation
  • Support requests

The following data categories are recorded:

  • Master data such as title, name and e-mail address, company, position and job description, company address, billing address
  • Presence in social networks (social media)
  • Preferred or purchased products, systems, details of requested documents or enquiries
  • Order processing (services received, products ordered and associated invoice data)
  • Contact data and correspondence data (such as e-mail correspondence, transmitted data)
  • When using the contact form: Name, e-mail address, company name and message

Which services do we use? Who receives the data?

  • Processors such as Microsoft, Hubspot, Emlen, Google, Linkedin, WordPress, Leadfeeder, Werbeagentur Stefanie Drucker, Serverprofis GmbH, Hypergene, Atlassian, clickskeks GmbH & Co KG
  • Our partner companies (Stiefsohn Consulting GmbH, Zug branch)
  • Tax consultants and chartered accountants
  • Banks and insurance companies
  • Service company (mobility company) for the organisation of travel activities

We process the data on the basis of your consent when you contact us to present our products and when we initiate and process business transactions, we use the legal basis of contract fulfilment to process personal data. If we collect data to fulfil legal obligations, such as billing data, the legal basis is the fulfilment of legal provisions.

Our customers’ data is generally stored for the duration of the ongoing contractual relationship. After termination of the contractual relationship, only the data that is absolutely necessary due to the applicable statutory provisions or retention obligations (UGB, ABGB, BAO, etc.) is stored for the duration of these statutory retention obligations. For example, we are subject to retention obligations under tax law or must retain personal data in contract management for liability or warranty purposes.

Furthermore, we retain data in our contractual partner database and for customer management purposes beyond the term of the contract until deletion in the event of an objection or after two years without business contact.

Note to our co-operation and business partners: Please bring this data protection declaration to the attention of the persons concerned (employees, customers) if they are subject to data processing by us.

Online meetings and video content

On our website, we offer the opportunity to watch know-how and instructional videos as well as instructions and/or to participate in our (online) events/webinars. We offer the following interaction options and process personal data for these purposes:

  • Organisation and holding of webinars
  • Event management for online events
  • Implementation of marketing activities (follow-up communication after participation)
  • Presentation of video content for the development and exchange within the expert network (think tank) and with interested parties
  • Support requests

The following data categories are recorded:

  • When registering for (online) events or training courses:
    • Master data such as title, name and e-mail address, company, job description, company address in the form of participant lists
    • Preferred or purchased products, systems, details of projects and/or desired consulting services
    • Webinar topic / event content
    • Communication data (such as chat postings)
    • Log files, log data
    • Metadata (IP address, time of participation)
    • Profile data (user name or profile picture, if you provide this yourself)
  • When using video content: data on videos clicked on, playlists created and ratings and comments submitted, IP address and browser information
  • The contact email addresses provided are recorded for support enquiries

Which services do we use? Who receives the data?

  • Processors, such as webinar service providers
    • “Youtube”, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland with extended data protection mode
    • “MS Teams”, Microsoft Ireland Operations, Ltd, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland

We process the data on the basis of your consent or to fulfil the contract and store it until you withdraw your consent or after termination of the business relationship. Recordings of the webinars will only be made with prior information and after consent has been given.

Your data in connection with the registration for (onsite/online) events will only be stored for as long as is necessary for the organisation of the event, beyond that only as long as it must be processed within the framework of statutory retention obligations or, if a business relationship arises, as long as this lasts. Data will only be stored for longer due to statutory retention periods or for defence in the event of any legal disputes.

Use of cookies

We use cookies to continuously improve our services and to better understand our target audience. Cookies are small text files that are stored on your computer or mobile device when you visit a website or on the website server when you interact with the website. They are used to store information about activities and settings on the website. This information may include, for example, login information, preferences or the way in which the website is used. You can manage or block cookies via the web browser settings.

For the technically necessary cookies, we refer to the legal basis of legitimate interest (Art 6 para 1 lit f GDPR), for those of the advertising cookies to your consent, which you have given us via the cookie banner. You can adjust or revoke this consent at any time by changing the cookie banner settings.

Change cookie banner settings

You can find details on the individual cookies in the information displayed in the cookie banner under the respective application names.

We use the following technically necessary cookies:

  • Cloudflare (website security)
  • Newsletter2Go – Sendinblue GmbH (possibility to subscribe to the newsletter)
  • Simple Membership Plugin (login status)
  • Cookie Consent Manager Clickskeks (consent management)

Our analysis / statistics cookies are:

  • Google Analytics (website use)
  • HubSpot (chat widget)
  • Indeed (job description)
  • Leadfeeder (website use)
  • SECRA booking system (lead management)
  • New Relic (website use)
  • WPML (language setting)
  • Teads (video advertising)
  • WhatConverts (number exchange)
  • Fundraisingbox (fundraising for non-profit organisations)
  • Google DoubleClick Ad (advertising service and activity reports)
  • LinkedIn Ads (advertising; conversion tracking; optimisation; remarketing)
  • YouTube video (show videos, session management)
  • LinkedIn (target group advertising)
  • Twitter plugin (visitor activities for Twitter adverts)

When cookies are used (on the basis of consent via a cookie banner) for advertising and social media purposes, data is transmitted to the following companies:

  • “Double Click Ad”, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
  • “LinkedIn Ads” and “LinkedIn”, LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a subsidiary of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085 USA
  • “Youtube”, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland with extended data protection mode
  • “X”, Twitter Inc, 795 Folsom St., Suite 600, San Francisco, CA 94107, USA

Details on the analysis tools used can be found in the cookie banner under the “Show details” option and by clicking on the “question mark” symbol. If you have any questions, please do not hesitate to contact us.

Please note: Cookies are sometimes used by us and third-party providers to process personal data. Third-party providers such as Google have branches in the USA without an adequate level of data protection. There is a risk that EU citizens’ data may be processed by US authorities without an effective legal remedy. We therefore ask you to take this into account when giving your consent. You can revoke your consent at any time (change the settings in the cookie banner). We will endeavour to use in particular those US providers that have been certified in accordance with the current EU-U.S. Data Privacy Framework.