MPR Kontakt Icon
Choose language
MPR Suche
MPR Close
Schließen
Zurück

Privacy Policy

Valid from 10.10.2023

Below you will find an overview of what data is collected during your visit to our website, how this data is used and shared, what security measures we take to protect your data and how you can obtain information about the information given to us. This privacy policy applies to the entire website, but not to pages of other providers to which the website links.

If you transmit personal or business data, such as e-mail addresses, names or addresses, to us within our Internet offer, this disclosure is preceded by your consent to the collection, use and processing of your personal data. For this reason, the data you enter on our pages is encrypted using the SSL (Secure Socket Layer) procedure and stored on specially protected servers.

Cookie settings

To open the menu where you can change your cookie settings and permissions, please click the
safety pin button at the bottom left of your screen.

Look for this button at the bottom left of your screen

Data protection information according to Art. 13,14 GDPR:

We are glad about your visit on our website

www.china-certification.com

For all questions regarding data protection you can reach us at:
info@mpr-international.com

We, MPR China Certification GmbH, Kaiserstr. 65, 60329 Frankfurt am Main (further information available in the imprint) are the operator of this website (Art. 13 para. 1 GDPR). We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection information.

General Information

Responsible Entity
The responsible party within the meaning of data protection law is:
MPR China Certification GmbH
Kaiserstr. 65, 60329 Frankfurt am Main
Tel: 069 2713769150
Entry in the Commercial Register:
   Register number: HRB 101427
   Register court: Frankfurt am Main
Responsible for data protection: Julian Busch, 069 2713769150

Processing, use and storage of personal data

When you visit or use this website or our services, various personal data are collected. Personal data is data with which you can be personally identified.

We collect, store and use the data related to your person solely for the purpose and to the extent of enabling you to use the various features of our website and the services described there.

Data collection without input of data by the website visitor

If you visit our website only to find out about the content and do not make any entries of your own, we may temporarily collect and store the data specified below, possibly also in combination with personal information that your browser transmits to our server:
– IP address
– Date and time of the request
– Execution time of the request
– Content of the request (specific page)
– Access status/HTTP status code
– Website from which the request comes
– Browser
– Operating system and its interface
– Language and version of the browser software.

This data is technically necessary to display the website to you and to ensure stability and security, in particular to be able to detect and prevent attacks or abusive calls. We delete the log files that contain this data after 30 days, unless otherwise stated in this privacy policy. The collection of this data is based on legitimate interest within the meaning of Art. 6 para. 1 lit. f. GDPR.

Data collection with data entry by the website visitor
If you visit our website and actively submit your data there, data collection and processing takes place analogously to a visit to the website without data entry. The information you provide is processed additionally.

This concerns the following data, if they were entered by the visitor:

– Contact information (name, surname, e-mail address, phone number).
– Usage data (e.g., access times, page navigation).– Meta/communication data (e.g., IP addresses).

Use of the contact/order form and chat functionality
Your data will furthermore be collected by using our contact form or our order form and/ or our chat. This data collection is based on your consent (Art. 6 para. 1 a GDPR) or with regard to the mandatory checkboxes for the pre-contractual contact or the provision of the requested information (Art. 6 para. 1 b GDPR). The collection of the combination of first and last name is based on the legitimate interest (Art. 6 para. 1 f. GDPR) in view of the fact that our offers are directed exclusively to traders.

Data that is provided voluntarily in the contact form or elsewhere will be marked as such. This data collection is then based on your consent (Art. 6 para. 1 a GDPR).

 Processing duration
Unless otherwise stated in this privacy policy, we delete the data in accordance with Art. 17 GDPR or restrict processing in accordance with Art.18 GDPR after storage is no longer necessary for the processing purpose stated in each case.
Should a deletion conflict with legal retention obligations or should we need the data to pursue or defend legal claims or to fulfill legal obligations, we will restrict the use accordingly.

Your data protection rights

According to the relevant provisions of data protection law, you are entitled to the following rights under the respective legal conditions with regard to the personal data concerning you:


– according to Art. 7 (3) GDPR, you may revoke your consent to data processing by us at any time with effect for the future, according to Art. 15 GDPR information about your personal data processed by us.

– in accordance with Art. 16 GDPR demand without undue delay the correction of incorrect or completion of your personal data stored by us

– accordant to Art. 17 GDPR to delete your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims,

– the restriction of the processing of your personal data according to Art. 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer need the data, but you want to use it for the purpose of assertion, exercise or defense of legal claims or you object to the processing in accordance with Art. 21 GDPR and

– in accordance with Art. 20 GDPR to receive your personal data that you have provided to us in a structured, common and machine-readable format, or to request the transfer to another responsible person, if the processing is carried out with the help of automated procedures and is based on a consent according to Art. 6 Para. 1 lit. a or Art. 9 Para. 2 lit. a GDPR or on a contract according to Art. 6 (1) (b) DS-GVO.

– in accordance with Art. 21 GDPR, you can – insofar as your personal data is processed by our side on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence1 lit. f GDPR – object at any time with effect for the future, provided that there are reasons for doing so that arise from your particular situation. You can send an objection to our contact details given above. Please specify what the objection is directed against.

You will not incur any costs from our side for the fulfillment of the aforementioned rights.

You also have the right to complain to a data protection supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or our company headquarters. In our case, this is the Hessian Commissioner for Data Protection and Freedom of Information Gustav-Stresemann-Ring 1, 65189 Wiesbaden, Germany.

Modification of the privacy information

Our web presence as well as our services are dynamic and we introduce new features or forms of collaboration from time to time. Therefore, new information may need to be collected. If we collect new personal information or significantly change how we use your information, we will modify this Privacy Policy accordingly, as necessary.

Cooperation with processors and other third parties

If we disclose data to other persons and/or companies, e.g. order processors or third parties, transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data pursuant to Art. 6 para. 1 b GDPR is necessary for the fulfillment of a contract), you have consented pursuant to Art. 6 para. 1 lit. a GDPR, a legal obligation provides for this pursuant to Art. 6 para. 1 lit. c GDPR or on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR (e.g. when using agents, web hosts, etc.).

If we commission third parties with the processing of data on the basis of a so-called “order processing agreement”, the transfer is made on the basis of Art. 28 GDPR.

Passing on of contact data on this website to third parties

The disclosure of contact data published on this website, such as postal addresses, telephone and fax numbers or e-mail addresses to third parties for the purpose of sending unsolicited information is prohibited. We expressly reserve the right to take legal action against the senders of so-called spam mails in the event of violations of this prohibition.

Safety notes

We have taken all necessary technical and organizational security measures to protect your personal data from loss and misuse. For example, your data is stored in a secure operating environment that is not accessible to the public. In accordance with this privacy policy, access to your information is only possible by specifically authorized persons.

Our information system is a secured area. A firewall is installed to prevent access from other networks connected to the Internet. Only employees who need the information to perform a specific task are granted access to personally identifiable information. Our employees are trained in security and privacy practices.

Your personal data is encrypted during transmission by the so-called Secure Socket Layer technology (SSL). This means that communication between your computer and servers used by us takes place using a recognized encryption method if your browser supports SSL.

We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. With regard to the transmission process, we have no means of influence, which means that the content may be viewed by third parties.
Despite our technical as well as organizational measures, we are not able to provide a guarantee that the data we collect or process will not be accessed, disclosed, altered or destroyed as a result of a breach of our security measures.

B. Detailed Description

B1: Visit our site without own input

Various data is automatically collected by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of page view). The collection of this data takes place automatically as soon as you enter our website. Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior. We do not combine this data with data related to your person. For us, the data remains technical data without personal reference.

Data when using the contact or order form

Visitors to our website who wish to contact our company or obtain our brochures or data sheets have the option of using our contact or order form. This requires the input of personal data, such as first and last name, e-mail. These entries will not be published and will only be used for communication between us and you for the purpose of contacting you or for the purpose of sending you the requested information as well as for the purpose of sending you further information about current and future services.

Strato” stores all technical data required for the correct display and loading of the website. There is an order processing contract with “Strato” according to Art. 28 GDPR.

Website host: STRATO AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Registergericht Berlin Charlottenburg, HRB 79450

MPR China Certification GmbH also uses services from the software company HubSpot.
HubSpot is a company from the USA with a branch in Ireland.
HubSpot European Headquarters
Ground Floor, Two Dockland Central
Guild Street, Dublin 1, Ireland
Phone: +353 1 5187500

We use HubSpot for our marketing activities. This is a software solution that we use to cover various aspects of our online marketing.

These include, among others:

  • E-mail marketing (newsletters and automated mailings, e.g. to provide downloads)
  • Contact management (e.g. user segmentation & CRM)

This information, as well as the content of our website, is stored on servers of our software partner HubSpot in Ireland. It can be used by us to contact visitors to our website and to determine which of our company’s services are of interest to them. This constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR.

All information collected by us is subject to this privacy policy.

In accordance with Art. 28 GDPR, we have concluded an order processing agreement with HubSpot Ireland and fully implement the resulting requirements.

HubSpot is certified under the terms of the “EU – U.S. Privacy Shield Framework” and is subject to TRUSTe ‘s Privacy Seal as well as the “U.S. – Swiss Safe Harbor” Framework.

You can find out more about HubSpot’s privacy policy here:
https://legal.hubspot.com/privacy-policy
More information from HubSpot regarding EU data protection regulations here:
https://www.hubspot.com/data-privacy/gdpr
More information about the cookies used by HubSpot can be found here & here:
https://knowledge.hubspot.com/articles/kcs_article/reports/what-cookies-does-hubspot-set-in-a-visitor-s-browser?
https://knowledge.hubspot.com/articles/kcs_article/account/hubspot-cookie-security-and-privacy?

B2: Use of the Userlike chat

MPR China Certification GmbH uses a chat software of Userlike UG (limited liability), Probsteigasse 44-46, 50670 Köln. You can use the chat like a contact form to chat almost in real time with our employees. When starting the chat, the following personal data is collected:

  • Date and time of the call
  • Browser type/version
  • IP address
  • Operating system used
  • URL of the previously visited website
  • Amount of data sent
  • If specified: First name, last name, email

Depending on the course of the conversation with our employees, further personal data may arise in the chat, which is entered by you. The nature of this data depends largely on your request or the problem you describe to us. The purpose of processing all this data is to provide you with a quick and efficient way to contact us and thus improve our customer service.

All our employees have been and will be trained on the subject of data protection and taught how to handle customer data securely and confidentially. All of our employees are obligated to maintain confidentiality and have accordingly signed an addendum in their employee contracts to commit to maintaining confidentiality and observing data protection.

When you visit our website, the chat widget is loaded in the form of a JavaScript file from AWS Cloudfront. The chat widget technically represents the source code that runs on your computer and enables the chat.

In addition, MPR China Certification GmbH stores the chat history for the duration of the legal retention periods. This serves the purpose of sparing you extensive explanations about the history of your inquiry under certain circumstances as well as for the constant quality control of our chat offer. The processing is therefore permitted pursuant to Art. 6 (1) (f) GDPR. If you do not wish this, you are welcome to inform us of this using the contact details listed below. Stored chats will then be deleted by us immediately.

The storage of chat data also serves the purpose of ensuring the security of our information technology systems. This is at the same time our legitimate interest, which is why the processing is permitted under Art. 6 (1) letter f GDPR. The legal basis for the processing of the data provided in the chat is also Art. 6 para. 1 books b and f, GDPR.

Userlike uses the Amazon and BunnyCDN cookies respectively as a content delivery network (CDN). More specifically, Amazon Web Services (AWS) and Bunny.net CDN serve to deliver content.

For more information about data protection at Userlike, please refer to the privacy policy of Userlike UG (limited liability).

B3: Protection of the data of visitors to our website

We use security protection measures such as HTTPS to protect your personal data. We regularly check our systems for possible vulnerabilities in order to ensure a level of protection that is appropriate to the risk – especially taking into account the state of the art.

Despite our measures, we are unable to provide a guarantee that data will not be accessed, disclosed, altered, or destroyed as a result of a breach of our security measures.

B4: Cookies

We use cookies on our website. These are small text files that are stored on your computer and improve the functionality of our website, for example, to automatically complete an entry you have made repeatedly in the text field. In addition, we can use cookies to evaluate the use of our website (see also sections 4. a. and 4.b.).

Most of the cookies we use are so-called “session cookies” and these are automatically deleted after the end of your visit. However, we do not assign these cookies to your personal data. Other cookies remain stored on your terminal device (whether mobile or not) until you delete the cookies. This allows us to recognize your browser on your next visit.

You can find instructions here, among other places:

https://support.microsoft.com/de-de/help/260971/description-of-cookies

https://support.google.com/chrome/answer/95647?hl=en

If you disable cookies, the functionality of our website may be limited.

Cookies that are required to carry out the electronic communication process or to provide certain functions requested by you (e.g. shopping cart function) are stored on the basis of Art. 6 para. 1 f GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behavior) are stored, these are treated separately in this privacy policy. “Third-party cookies” are cookies offered by providers other than the responsible party that operates the online offer (see 4. a). Our own cookies are called “first-party cookies”.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

B5: Cookiebot

We use the consent management service Cookiebot, of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (Cybot). This enables us to obtain and manage the consent of website users for data processing. The processing is necessary for compliance with a legal obligation (Art. 7 para. 1 GDPR) to which we are subject (Art. 6 para. 1 p. 1 lit. c GDPR). For this purpose, the following data is processed with the help of cookies:

  • Your IP address (the last three digits will be set to ‘0’).
  • Date and time of consent
  • Browser information URL from which the consent was sent
  • An anonymous, random and encrypted key
  • Your consent status as an end user, to prove consent.

The key and consent status are stored for 12 months in the browser using the cookie “CookieConsent”. This preserves your cookie preference for subsequent page requests. With the help of the key, your consent can be proven and tracked.

If you enable the Service’s “Collective Consent” feature to enable consent for multiple websites through a single end-user consent, the Service will also store a separate, random, unique ID with your consent.

If all the following criteria are met, this key will be stored in the third-party cookie “CookieConsentBulkTicket” in your browser in encrypted form:

  • You enable the collective consent feature in the service configuration.
  • You allow third-party cookies via browser settings.
  • You have disabled “Do not track” via browser settings.
  • You accept all or at least certain types of cookies when you give consent.

The functionality of the website is not guaranteed without the processing.

Cybot is a recipient of your personal data and acts as a processor for us.

The processing takes place in the European Union. For more information on how to object to and opt-out of Cybot, please visit: https://www.cookiebot.com/en/privacy-policy/

Your personal data will be deleted continuously after 12 months or immediately after the termination of the contract between us and Cybot. Please see our general explanations about deleting and disabling cookies above.

B6: Youtube Videos

We have integrated YouTube videos into our website to offer you engaging videos with information on certification topics directly on our website. The use of cookies or scripts is necessary to view these videos.

YouTube is an online video platform and subsidiary of Google Inc. The platform is operated by YouTube, LLC, located at 901 Cheny Ave. in San Bluno, CA 94066, USA. If you accept cookies on our site and call up a page on our website that contains an embedded YouTube video, your browser automatically establishes a connection to the servers of YouTube or Google, whereby (depending on the setting) various data are transmitted. Google Ireland Limited (located at Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all data processing in the European region.

To display videos on our website, we have integrated a code provided by YouTube. When you accept cookies and access a web page that contains a YouTube video, YouTube creates at least one cookie that stores information about your IP address and our URL. This type of cookie may contain various data that, according to YouTube, is used to collect video statistics, improve the user experience, and prevent inappropriate behavior, among other things.

If you have consented to the processing and storage of your data by embedded YouTube elements by accepting our cookies, this consent is deemed to be the legal basis for data processing pursuant to Art. 6 (1) (a) GDPR. In general, your data will also be processed and stored on the basis of our legitimate interest under Art. 6 (1) GDPR to enable fast and effective communication with you, other customers and business partners. However, we only use the embedded YouTube elements if you have given us your consent. YouTube sets cookies in your browser to store data and processes data at various locations, including in the USA.

Since YouTube is a subsidiary of Google, there is a common privacy policy. To learn more about how your data is handled, we recommend that you read the privacy policy at https://policies.google.com/privacy?hl=en.

B7: Web analysis by Matomo (formerly PIWIK)

We use the open source software tool Matomo (formerly PIWIK) on our website for anonymized analysis of the surfing behavior of our users. A separate cookie (first-party cookies) is set.

The processing of users’ personal data enables us to analyze the surfing behavior of our users. The evaluation of the data obtained enables us to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. These purposes are also our legitimate interest in processing the data according to Art. 6 para. 1 lit. f GDPR. By anonymizing the IP address, the interest of users in the protection of their personal data is sufficiently taken into account.


If individual pages of our website are accessed, the following data is stored:

(1) Two bytes of the IP address of the user’s calling system.

(2) The web page called up

(3) The website from which the user accessed the accessed website

     (Reference)

(4) The subpages accessed from the accessed web page.

(5) The time spent on the web page

(6) The frequency with which the web page is accessed

The software runs exclusively on the servers of our website at Strato AG (see above). A storage of the personal data of the users only takes place there. The data is not passed on to third parties.


The legal basis for the processing of the users’ personal data is Art. 6 para. 1 lit. f GDPR.

The data is deleted as soon as it is no longer required for our recording purposes, usually after 12 months.