Data Protection at MLP

The controller for the processing of your data when visiting this website and using the services offered is MLP SE, Alte Heerstr. 40, 69168 Wiesloch, Germany.

You can contact the MLP data protection officer at datenschutzbeauftragter@mlp.de or by post at
MLP SE
Alte Heerstraße 40
69168 Wiesloch, Germany

E-Mail: investorrelations@mlp.de

You have the right to information regarding your data stored at MLP at any time and, in cases that the statutory prerequisites are met, a right to rectification, blocking or erasure of your data, as well as a right to transferability of data provided by you in digital form.

If data processing is based on consent in accordance with Art. 6 (1a) GDPR, you can withdraw this consent with regard to MLP at any time with legal effect for the future.

If data processing by MLP is based on a legitimate interest in accordance with Art. 6 (1f) GDPR, you can object to this processing for reasons resulting from your own specific situation. MLP shall then only continue to process the data if there are verifiable and compelling legitimate grounds overriding your interests, rights and freedoms or if such processing is required to assert, exercise or defend legal claims.

You can assert your rights to MLP by e-mail to datenschutz@mlp.de or in writing by mail to MLP SE, Alte Heerstrasse 40, 69168 Wiesloch, Germany.

In addition, you can lodge a complaint with MLP at any time regarding the processing of your data using the contact data provided.

You also have a right to lodge a complaint with one of the data protection supervisory authorities. You can find a list of the supervisory authorities (for the non-public sector) including addresses at:

https://www.bfdi.bund.de/de/infothek/anschriften_links/anschriften_links-node.html

Each time a web page is called up, server log files (IP address, name of the file called up, date and time of access, data volume transmitted, status of the access (successful/unsuccessful), browser type and operating system of the terminal as well as the URL of the page previously called up (so-called “referrer URL”) are processed. This processing is mandatory to ensure that the connection is established correctly and our web pages can be used smoothly. It is performed on the basis of Art. 6 (1b) GDPR. This information is stored for a maximum period of seven days and then erased. Collection of the data to make the website available and storage of the data in log files is mandatory for operation of the website. Users do not have any possibilities of objection (opt-out) in this respect.

The data is also processed for system security and stability analyses, as well as for clarification of any legal infringements when there is a specific reason for this (e.g. to clarify acts of abuse or fraud) based on an overriding legitimate interest in improving the stability and functionality, as well as clarification in accordance with Art. 6 (1f) GDPR. Data which must continue to be stored for evidentiary purposes remains stored until final clarification of the respective incident.

We use various analytics services and marketing tools which process data to different extents and for various purposes. In addition, we also integrate third party services in our web pages. Insofar as your consent is required for individual processing operations, you can grant this the first time you visit the website using the displayed cookie bar. We use the Usercentrics Consent Management Platform to manage your consents and objections.

You can find detailed information on the Cookie Bar employed, as well as the tools used for analysis and marketing purposes in the Cookie Settings. You can also check your selections at any time and change them for the future.

We use the consent management tool from Usercentrics (Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany) to obtain effective user consent for services requiring consent. The tool used also allows you to exercise your right to withdraw consent you have already given.

By integrating a corresponding JavaScript code, a banner is displayed to users when they access the page, in which the user can give or revoke consent for certain processing by ticking a box. The tool blocks the setting of all cookies and applications requiring consent until you expressly give your consent as described.

When using the consent management tool, the following personal data is transferred to Usercentrics and processed on our behalf:

• • Opt-in and opt-out data
  • User Agent
  • Consent ID
  • Consent type
  • Banner language
  • Referer URL
  • User settings
  • Time of consent
  • Template version

In addition, Usercentrics stores a cookie in your browser in order to be able to assign the consents you have given or revoke them. The consent data is stored for three years and then deleted. The consent management tool is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6 para. 1 c) GDPR.

Various services and interactions are offered via the website. However, data is generally only processed when you are using the respective service. The scope and purposes for which data is processed in such cases is described separately for each service in the following.

If you commission MLP to broker or conclude an insurance contract (online or offline) or if you conclude a brokerage contract with MLP, your data will be processed by MLP Finanzberatung SE. If you purchase a financial product such as a current account or a credit card, your data will be processed by MLP Banking AG.

Depending on the product and contract, different personal data will be required and processed. The details on data processing for the various services and products offered by MLP are explained in the client information on data protection in German.