Privacy Policy | Morning Sun®

We are pleased about your interest in our web-based services. The protection and security of your data is our highest priority. We provide information below regarding the processing of your personal data and your rights when using www. morning-sun.company / blog.morning-sun.company and our social media sites. Changes in the law or changes to our internal company processes may result in adjustment to this data protection statement. We therefore ask you to read this data protection statement regularly.

1. Data Controller and Data Protection Officer; Contacts
The data controller in the sense of the Data Protection Act is:

RFC Ralf Frank Consulting GmbH
Lindenring 4
60431 Frankfurt am Main
Tel.: +49 172 5661618
E-Mail: mail@morning-sun.company

Please contact us if you have any questions or suggestions regarding data protection

2. Object of Data Protection: Personal information
Data protection covers the protection of personal information. Such data are defined as all information relating to an identified or identifiable natural person (‘data subject’). This includes information such as name, address, telephone number or email address; as well as information that may necessarily be gathered during the use of our internet services.

3. Purpose, nature, scope and legal basis of data processing
In the following section, we offer you an overview of the purpose, nature and scope of the processing of your personal information; as well as the legal basis justifying our processing of your data.

3.1 Accessing and using the www.morning-sun.company website
For technical reasons, as occurs everywhere in the Internet, when you access and use our website, traces of this use remain on our servers. In this process, the following data are transmitted by your Internet browser to our server and collected in ‘log files’:

Date and time of access
Client’s IP address
Port number
Method of issuing commands
URI star schema and URI query
Protocol status
Win32 status
Elapsed time
Browser type/version
Operating system used

We process this information to enable you to use our website and to ensure technical stability and security as well as to diagnose errors and resolve breakdowns. We also process this information in an anonymized way for statistical purposes (quantity of users and web hits) and to ensure quality.
Our processing of these data is justified under Art. 6 Par. 1 lett. f) GDPR. The data processing is required to further our justified interest in allowing our clients and interested parties to utilize our website and to ensure its technical functionality.
When you access our website, this information is automatically processed. If this information cannot be made available, it will not be possible for you to use our services. We generally delete data after 4 weeks unless we need to retain it in exceptional cases for a longer period for the purposes outlined above. In such a case, we delete the information promptly once there is no longer a reason for retaining it.

3.2 Cookies
Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains characteristic character strings that enable the browser to be clearly identified when the website is called up again. We use cookies to make our website more user-friendly. Some elements of our website require that the called browser can be identified even after a page change.

The following data is stored in the cookies:

borlabs-cookie
The preferences of the visitors selected in the cookie box of borlabs-cookie
Storage period: 1 year

pll_language
Language preferences
Storage period: 1 year

rs6_overview_pagination
Downtime and other browser-related issues
storage period: 2 years

wordpress_test_cookie
Browser acceptance on cookies
Storage period: During the session

In addition, we use cookies on our website, which allows an analysis of the browsing behavior of users. This results in the transmission of the following data:

_ga
Registration of a unique ID that is used to generate statistical data on how the visitor uses the websiteSee also below under : “Google Analytics”.
Storage period: 2 years

The data processed by cookies is necessary for the above-mentioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 Par. 1 lett. f) GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer and a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website. When calling up our website, the user is informed about the use of cookies and his consent to the processing of personal data used in this context is obtained. In this context, a reference to this privacy policy is also made.

3.3 Google Analytics
This website uses functions provided by the web analysis service Google Analytics. This service is offered by Google Inc.,1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. Google Analytics uses cookies. These are text files stored on your computer that make possible an analysis of your usage of the website. The information generated by the cookie regarding your use of this website is usually transmitted to a Google server in the United States and stored there. Storage of Google Analytics cookies is based on Art. 6 Par. 1 lett. f) GDPR. The website operator has a justified interest in analyzing user behavior to optimize both its web offering and its promotions. The Google Corporation is certified for the U.S.-European ‘Privacy Shield’ data protection agreement. The purpose of this data protection agreement is to maintain the level of data protection applicable within the EU.
The placement of cookies allows the following personal information to be collected:

Date and time of access
Duration of the session
Terminal type
Operating system used
The functions you use
Quantity of data sent
Type of event
IP address
Domain name
Location (country and city) of the terminal used
Language
Operating system
Terminal resolution
Browser used
Source of visitors
Advertisements clicked during the Google search
Individual on-line shop pages visited

IP anonymization
We have activated the IP anonymizer function on this website. This displays your IP address only in abbreviated format within the European Union member states or in other signatory states of the Agreement on the European Economic Area prior to the transmission of the data to the U.S. In exceptional cases only, the complete IP address is transmitted to a Google server in the U.S. and abbreviated there. On behalf of this website’s operator, Google uses this information to evaluate your usage of the website, to compile reports on website activities and to provide the website operator with other services linked to usage of the website and the Internet. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.

Browser Plug-in
You can prevent the placement of cookies by changing the corresponding setting of your browser software; we point out, however, that doing so could result in your not being able to make full use of all functions of this website. You can also block Google from collecting the personal information generated by the cookie related to your usage of the website (including your IP address) as well as its processing of this information by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

Objection to data collection
You can prevent the collection of your data by Google Analytics by blocking statistics cookies when you visit our web pages. You can make the corresponding setting adjustments here.

Third party information:
Terms of use: https://marketingplatform.google.com/about/analytics/terms/us/

Data protection overview: https://support.google.com/analytics/answer/6004245?hl=en

3.4 Integration of Vimeo Videos
To integrate and display video contents, our website utilizes plug-ins from the Vimeo video portal. The provider of this video portal is Vimeo Inc., 555 West 18th Street, New York, New York 10011, United States.

When a page containing an integrated Vimeo plug-in is accessed, a link is produced between your browser and the Vimeo servers. In this way, Vimeo detects which of our pages you have accessed. Vimeo detects your IP address even if you are not logged into the video portal and even if you do not have a Vimeo account. The information captured by Vimeo is transmitted to the video portal’s server in the United States. Vimeo can directly associate your web-surfing history with your personal profile. You can block this by logging out beforehand. Utilization of Vimeo occurs in the interests of featuring an attractive display at our website. This represents a justified interest in the sense of Art. 6 Par. 1 lett. f) GDPR. Details on management of user data can be found at the Vimeo page on safeguarding data: https://vimeo.com/privacy.

3.5 Integration of podcasts
For the integration and reproduction of podcasts, our website uses the podcast player of the provider Podigee GmbH, Schlesische Straße 20, 10997 Berlin. When you access a page with an integrated podcast player, a connection is established between your browser and the servers of Podigee. Podigee then determines which of our pages you have accessed. Podigee receives your IP address, even if you are not logged into Podigee or do not have an account there. The use of Podigee is in the interest of an appealing presentation of our website. This constitutes a legitimate interest within the meaning of Art. 6 Par. 1 lett. f) GDPR. Details on the handling of user data can be found in Podigee’s privacy policy at: https://www.podigee.com/en/about/privacy/.

3.6 Google Web Fonts
On rare occasions, our website uses Google Web Fonts. This service is offered by Google Inc.,1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. Utilization of these web fonts allows us to display our website to you in our preferred format regardless of the fonts available to you locally. This occurs when a Google server in the U.S. is used to access Google Web Fonts and the related transfer of your data to Google takes place. This involves your IP address and the information regarding which of our pages you visited. Use of Google Web Fonts is justified under Art. 6 Par. 1 lett. f) GDPR. As the operator of this website, we have a justified interest in the optimal presentation and transmission of our web presence. The Google Corporation is certified for the U.S.-European ‘Privacy Shield’ data protection agreement. The purpose of this data protection agreement is to maintain the level of data protection applicable within the EU. You can find details regarding Google Web Fonts at: https://www.google.com/fonts#AboutPlace:about and further information contained in the Google data protection statements: https://policies.google.com/privacy/partners?hl=en

4. Services shared with third-party providers
Social Media – Company Profile of Morning Sun® or RFC Ralf Frank Consulting GmbH

In some cases, we are sharing responsibility with a third party provider. This may be the case both for the integration of their services on our website and for our presence in the third party’s service. For detailed information on the kind, scope, purposes, legal basis and assertion of your data subject rights in connection with these services, please refer to the following explanation. Information on the data handling of the respective third party provider can be found in their data protection notices.

4.1 Instagram company profile
We use the “Instagram” service of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ( contact the data protection officer We use the following Instagram services: Instagram Direct, Instagram Ads, Instagram Statistics. You can access the privacy notice of Facebook Ireland Limited under the link Data Policy . You can find more information about us in this Privacy Policy, in particular under Data Controller and Data Protection Officer, Contact.

Otherwise, we process your personal data on our Instagram company profile as follows:

Data categories

Profile name and picture
Type and content of interaction (e.g. direct messages, comments)
Date and time of interaction
Type of terminal device
Operating system used, if applicable

The legal basis for the data processing is Article 6, Par. 1 lett. b) and f) GDPR. Our legitimate interests in data processing correspond to the above-mentioned processing purposes.

Recipients of personal data
Information on our recipients of your personal data can be found under point 5. “Recipients of personal data”.

Regarding the recipients of Facebook Ireland Limited, we refer to their privacy notices. You can find these at: https://help.instagram.com/519522125107875

Transfer of your data to a third country
We do not transfer your data to a third country. Regarding third country transfers of Facebook Ireland Limited, we refer to their privacy notices.

Storage period
Unless there is a legal obligation to store data, we delete your personal data as follows: After termination of the user relationship, after complete response to the direct communication, after removal of the post to be commented on, furthermore, if applicable, deletion of illegal content. Regarding the storage by Facebook Ireland Limited, we refer to their privacy policy.

4.2 Xing company profile
We use the „Xing“ service of XING SE, Dammtorstraße 30, 20354 Hamburg (contact the data protection officer) and we operate our Xing company profile on it. You can access the privacy notice of XING SE under the link Data Policy . You can find more information about us in this Privacy Policy, in particular under Data Controller and Data Protection Officer, Contact.

Otherwise, we process your personal data on our Instagram company profile as follows:

Data categories

Profile name and picture
Type and content of interaction (e.g. direct messages, comments)
Date and time of interaction
Type of terminal device
Operating system used, if applicable

The legal basis for the data processing is Article 6, Par. 1 lett. b) and f) GDPR. Our legitimate interests in data processing correspond to the above-mentioned processing purposes.

Recipients of personal data
Information on our recipients of your personal data can be found under point 5. “Recipients of personal data”.

Regarding the recipients of XING SE, we refer to their privacy notices. You can find these at: https://privacy.xing.com/en/privacy-policy

Transfer of your data to a third country
We do not transfer your data to a third country. Regarding third country transfers of XING SE, we refer to their privacy notices.

4.3 Twitter company profile
We use the „Twitter“ service of Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland (contact the data protection officer) and we operate our Twitter company profile on it. You can access the privacy notice of Twitter International Company under the link Data Policy . You can find more information about us in this Privacy Policy, in particular under Data Controller and Data Protection Officer, Contact. Otherwise, we process your personal data on our Twitter company profile as follows:

Data categories

Profile name and picture
Type and content of interaction (e.g. direct messages, comments)
Date and time of interaction
Type of terminal device
Operating system used, if applicable
statistical information e.g. about origin (country, region)
language
interests
Gender ratio of our visitors

The legal basis for the data processing is Article 6, Par. 1 lett. b) and f) GDPR. Our legitimate interests in data processing correspond to the above-mentioned processing purposes.

Recipients of personal data
Information on our recipients of your personal data can be found under point 5. “Recipients of personal data”.

Regarding the recipients of Twitter International Company, we refer to their privacy notices. You can find these at: https://twitter.com/en/privacy

Transfer of your data to a third country
We do not transfer your data to a third country. Regarding third country transfers of Twitter International Company, we refer to their privacy notices.

Storage period
Unless there is a legal obligation to store data, we delete your personal data as follows: After termination of the user relationship, after complete response to the direct communication, after removal of the post to be commented on, furthermore, if applicable, deletion of illegal content. Regarding the storage by Twitter International Company, we refer to their privacy policy.

4.4 Facebook Fanpage
We provide functionalities of our Facebook Fanpage as a jointly responsible party with Facebook Ireland Limited, 4 Grand Canal Square Dublin 2, Ireland ( contact the data protection officer). With the jointly responsible service page insights, we are only provided with statistical data about usage. Regarding this service, we have concluded a contract with Facebook Ireland Limited, which you can view here.
You can access the privacy notice of Facebook Ireland Limited under the link Data Policy
The privacy notices of Facebook Ireland Limited, which is jointly responsible for the Facebook Fanpage with us, in particular also with regard to data processing in connection with the Page Insights service, can be accessed under the links Data Policy (Facebook Ireland) and Data Policy (Facebook Inc.). You can find more information about us in this Privacy Policy, in particular under Data Controller and Data Protection Officer, Contact.
Otherwise, we process your personal data on our Instagram company profile as follows

Data categories

Profile name and picture
Type and content of interaction (e.g. direct messages, comments)
Date and time of interaction
Type of terminal device
Operating system used, if applicable
statistical information e.g. about origin (country, region)
language
Age and gender ratio of our visitors

Purposes and legal basis of processing
Data processing is carried out for the following purposes: Interacting with users, improving the user experience, receiving and processing requests, complaints or other feedback. The legal basis for the data processing is Article 6, Par. 1 lett. b) and f) GDPR. Our legitimate interests in data processing correspond to the above-mentioned processing purposes.

Recipients of personal data
Information on our recipients of your personal data can be found under point 5. “Recipients of personal data”.

Regarding the recipients of Facebook Ireland Limited, we refer to their privacy notices. You can find these at: https://www.facebook.com/policy.php

Transfer of your data to a third country
We do not transfer your data to a third country. Regarding third country transfers of Facebook Ireland Limited, we refer to their privacy notices.

4.5 LinkedIn company profile
We provide functionalities of our LinkedIn company profile as a jointly responsible party with LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ( contact the data protection officer). With the jointly responsible service page insights, we are only provided with statistical data about usage. Regarding this service, we have concluded a contract with LinkedIn Ireland Unlimited Company, which you can view here. You can access the privacy notice of LinkedIn Ireland Unlimited Company, which is jointly responsible with us for our LinkedIn company profile, under the link Privacy Policy

You can find more information about us in this Privacy Policy, in particular under Data Controller and Data Protection Officer, Contact. You can assert your rights as a affected party both against us and directly against the respective service provider. The service provider will usually be able to react more quickly concerning the processes for which he is responsible, which is why we recommend direct contact with him. Otherwise, we process your personal data on our Instagram company profile as follows:

Data categories

Profile name and picture
Type and content of interaction (e.g. likes, direct messages, comments)
Date and time of interaction
Type of terminal device
Operating system used, if applicable
statistical information e.g. about origin (country, region)
language
Employment status/occupation and career level of our visitors as well as industry and company size of their employers

Recipients of personal data
Information on our recipients of your personal data can be found under point 5. “Recipients of personal data”.

Regarding the recipients of LinkedIn Ireland Unlimited Company, we refer to their privacy notices. You can find these at: https://www.linkedin.com/legal/privacy-policy?_l=en_EN

Transfer of your data to a third country
We do not transfer your data to a third country. Regarding third country transfers of LinkedIn Ireland Unlimited Company, we refer to their privacy notices.

Storage period
Unless there is a legal obligation to store data, we delete your personal data as follows: After termination of the user relationship, after complete response to the direct communication, after removal of the post to be commented on, furthermore, if applicable, deletion of illegal content. Regarding the storage by LinkedIn Ireland Unlimited Company, we refer to their privacy policy.

5. Recipients of personal information
Within RFC Ralf Frank Consulting GmbH, only those staff who require this information for the purposes designated in this data protection statement may have access to it. We then disclose your personal information to external receivers outside RFC Ralf Frank Consulting GmbH only where this information is required for the processing or handling of your request, we have your consent to do this, or other legal authorization exists for such action. External receivers can be:

5.1 order processors
External service providers contracted by us for the provision of services, such as those in the technical infrastructure and maintenance areas in support of the von Morning Sun^® and/or RFC Ralf Frank Consulting GmbH services or in the preparation of contractually relevant contents. We take great care in selecting these order processors, and conduct periodic reviews to ensure the safeguarding of your privacy. Service providers must use the information exclusively for the purposes specified by us.

5.2 public bodies
Authorities and governmental institutions – such as prosecutors’ offices, courts or tax authorities – to which we have an obligation under the law to disclose personal information.

5.3 private bodies
Cooperative partners or aides to whom the data is transmitted based on consent or a legal framework.

6. Transmission of your data to a third country
To the extent that we transmit or disclose your information to service providers in a third country – i.e., outside the European Union (EU) or the European Economic Area (EEA) – such action only occurs based on your consent, a legal obligation or a legal or contractual authorization. Subject to legal or contractual authorization, the service providers process your data in a third country only when the special requirements of Art. 44 ff GDPR are met – i.e., the processing takes place based on special guarantees such as an officially recognized determination of a data protection level corresponding to the EU or through the application of standard data protection provisions established by the EU Commission.

7. Retention period
For information on the retention period of personal information, please consult the chapter on data processing. In general, the following also applies: We retain your personal information for only as long as required for the fulfillment of our purposes or – where consent has been given – until you revoke that consent. If you declare your opposition to this retention, we delete your personal information unless its continued processing is permitted under relevant legal provisions. We also delete your personal information when we are legally required to do this.

8. Rights of data subjects
With respect to the processing of your personal information, you are entitled as a data subject to assert your rights against us. We outline below the rights granted to you as a data subject:
Right of information (Art. 15 GDPR): You can demand the correction and complementation of incorrect or incomplete personal information concerning you.
Right of correction (Art. 16 GDPR): Sie können die Berichtigung und Vervollständigung Sie betreffender unrichtiger bzw. unvollständiger personenbezogener Daten verlangen.
Right of deletion (Art. 17 GDPR): Where legal preconditions are met, you have the right to demand deletion of your personal information.
Restriction of processing (Art. 18 GDPR): Where legal preconditions have been met, you can demand that the processing of your personal information be restricted.
Data portability (Art. 20 GDPR): Where legal preconditions have been met, you have the right to receive the personal information you made available to us in a structured, standard and machine-readable format, and to transmit this information to another responsible party without hindrance, or to have us transmit it to another responsible party.
Opposition to cookies Cookies: You may oppose the use of cookies at any time.
Revocation of consent (Art. 7 Abs. 3 GDPR): If you have consented to our processing of your data, you may revoke this consent at any time for future effect. Any processing of your personal information prior to your revocation of consent remains lawful.
Right to appeal to supervisory authority (Art. 77 GDPR): If you believe that the processing of your personal information is in violation of data protection law, you can file an appeal with the responsible supervisory authority. You should contact the supervisory authority of your place of residence, yourworkplace, or the place of the suspected violation.

Opposition to data processing: Where data processing is based on ‘justified interest’ in accordance with Art. 6 Par. 3 lett. f) GDPR, you can raise an objection (according to Art. 21 GDPR) to the processing of your personal information at any time based on your own particular situation. Where your data are processed for the purposes of direct advertising, you can object to this at any time without the need to provide a reason.

How to contact us: You can contact us free of charge with questions regarding the processing of your personal information and your rights as a data subject. To claim your rights identified above, please send an email to mail@morning-sun.company or write us at the address provided under #1 above. Please ensure that we will be clearly able to identify you. If you wish to exercise your right of revocation or objection, simply send an e-mail to mail@morning-sun.company

10. Exercise of rights
To exercise your rights, you can contact the responsible person (see above). We will process your requests promptly as well as in accordance with the legal requirements and inform you of the measures we have taken.

11. Data security
This site uses SSL encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. This privacy policy is currently valid and has the status June 2020. The current privacy policy can be accessed and printed out by you at any time on the website at https://blog.morning-sun.company/privacy-policy/ .