Privacy policy

The protection of information relating to you, such as your name, address, telephone number, e-mail or IP address (so-called "personal data"), which you entrust to us, is an important concern for us. Therefore, we operate this website in accordance with the laws on data protection and data security.

The transmission of personal data in the context of the use of this website always takes place via encrypted SSL connections. These meet the requirements of the security guideline TR-02102 of the German Federal Office for Information Security (BSI).

 

Definitions

The data protection declaration is based on the terms used by the European legislator in the adoption of the EU General Data Protection Regulation (hereinafter: "GDPR"). The data protection declaration is intended to be easy to read and understand. To ensure this, the most important terms are explained below:

Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data subject is any identified or identifiable natural person whose personal data are processed by the controller.

Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person's job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

The controller or controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.

Processor means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the Controller.

A recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigation mandate under Union or Member State law shall not be considered as recipients.

Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.

Consent shall mean any freely given indication of the data subject's wishes for the specific case in an informed and unambiguous manner in the form of a statement or any other unambiguous affirmative act by which the data subject indicates that he or she consents to the processing of personal data relating to him or her.

 

General information

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data are collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We point out that data transmission over the Internet (eg communication by e-mail) security gaps. A complete protection of the data against access by third parties is not possible.

Person responsible for data handling within the framework of this website

mimatic GmbH
Westendstraße 3
D-87488 Betzigau (Germany)

Phone: +49 (831) 57444-0
E-mail: info@mimatic.de

Contact details of the data protection officer

AKWISO LTD | Data Protection and IT Security
Dieter Grohmann
E-Mail: dg@akwiso.com

Purposes of processing and respective legal basis

Provision of the website; communication with mimatic GmbH

The website offer at www.mimatic.de requires the handling of personal data, such as the IP address for the retrieval of the content displayed on the website, when you make inquiries or in our online service areas.

1. You also have the option of contacting us via our contact form. For this purpose, we collect your name, e-mail address and telephone number.
2. We use cookies for the provision of our website. You can find more information about this under "B. Special information".
3. The handling of your personal data for the provision of this website and for communication with mimatic GmbH is based on our legitimate interest. For the provision of this website it is technically necessary that we process certain personal data (e.g. the IP address). For your communication with mimatic GmbH and the fulfillment of contracts, it is necessary that we handle the personal data mentioned above.
4. Within the framework of the necessary balancing of interests, we have weighed up your interest in the respective confidentiality of your personal data and our interests in the provision of this website and in contacting you. Your interest in confidentiality takes a back seat in both cases. Otherwise, we would not be able to provide you with this website or respond to your contact request.

Online service "User account”

You can register for our user account at www.mimatic.de and then use it. We collect your name, e-mail address and telephone number for this purpose.

The handling of your personal data in the context of the online service "user account" is carried out for the initiation, implementation and processing of the corresponding user contract.

Online Shop   

You can purchase products within our online store. We collect your name, company, address, country and email address for this purpose.

The handling of your personal data is carried out for the initiation, implementation and processing of the corresponding purchase contract.

Recipients of the personal data

mimatic GmbH does not pass on personal data to third parties.

Criteria for the storage period of personal data

Your personal data sent to us will be deleted if the respective purpose of storage no longer applies and no legal regulations require storage. Statistical evaluations are only carried out in anonymized form.

Your rights as a data subject

In principle, you have the right to information about the personal data concerned as well as the right to correction or deletion or to restriction of processing. In addition, you generally have the right to object to further processing and the right to data portability. Please contact the data protection officer for this purpose.

You have a right of appeal to the data protection supervisory authority responsible for us:

The Bavarian State Commissioner for Data Protection
Wagmüllerstraße 18
D-80538 Munich (Germany)

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke an already given consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct marketing (Art. 21 GDPR)

If the data processing is based on Art. 6 (1) lit. e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims (objection pursuant to Art. 21(1) GDPR).

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR).

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do this, you can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:

• If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
• If the processing of your personal data happened/is happening unlawfully, you may request the restriction of data processing instead of erasure.
• If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to request restriction of the processing of your personal data instead of deletion.
• If you have lodged an objection pursuant to Art. 21 (1) GDPR, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data may - apart from being stored - only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.

Objection to advertising e-mails

The use of contact data published within the framework of the imprint obligation to send advertising and information materials not expressly requested is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

Newsletter and revocation of consent

You have the right to revoke your consent at any time with effect for the future.

Children

Children should not
transmit any personal data to
mimatic GmbH without the consent of their parents or guardians.
We recommend that all parents and guardians instruct their children in the safe and responsible handling of personal data on the Internet.

mimatic GmbH will not, knowingly, collect, process or use personal data from children.

 

Special information

Security

mimatic GmbH uses appropriate technical and organizational security measures to protect the data we have under our control against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. We also continuously improve the security measures used in line with technological developments.

Information collected automatically by analysis software

This website does not use any analysis software.

IP anonymization

We have activated the IP anonymization function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

Browser plugin

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, deletion

The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which we are subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need to continue storing the data for the conclusion or performance of a contract.

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction, blocking or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.

 

Data collection on our website

Cookies

This website uses so-called cookies. Below you will find a list of cookies with a description of which are used.
Cookies are small text files that, as soon as you visit a website, are sent from a web server to your browser and stored locally on your end device (PC, notebook, tablet, smartphone, etc.) and are stored on your computer and provide the user (i.e. us) with certain information. Cookies are used to make the website more customer-friendly and secure, and in particular to collect usage-related information, such as frequency of use and number of users of the pages and behavioral patterns of page use. Cookies do not harm the computer and do not contain viruses. This cookie contains a characteristic character string (so-called cookie ID), which enables
the browser to be uniquely identified when the website
is called up again.
 

Cookies used:

Cookie name	Runtime
dnn_IsMobile	0 months
language	0 months
.ASPXANONYMOUS	2 months
RequestVerificationToken	0 months

 

Cookies remain stored even if the browser session is terminated and can be accessed again when you visit the site again. However, cookies are stored on your computer and transmitted from it to our site. Therefore, you also have full control over the use of cookies. If you do not wish data to be collected via cookies, you can set your browser via the menu under "Settings" so that you are informed about the setting of cookies or generally exclude the setting of cookies or also delete cookies individually. It should be noted, however, that the functionality of this website may be limited if cookies are deactivated. As far as session cookies are concerned, they will be deleted automatically after leaving the website anyway.

Server log files

In the case of purely informational use of the website, i.e. if you do not register or otherwise transmit information to us, we automatically collect the following data and information from the computer system of the calling computer each time the website is called up:

• Browser type and version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address

The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.

The legal basis for the temporary storage of the log files is Art. 6 para. 1 p. lit. f) GDPR.

The temporary storage of the IP address by the system is necessary in order to

1. to enable delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.
2. to optimize the content of our website and the advertising for it
3. to ensure the functionality of our information technology systems and the technology of our website
4. Provide law enforcement authorities with the information necessary to prosecute in the event of a cyberattack

The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes also constitute our legitimate interest in data processing according to Art. 6 para. 1 p. 1 lit. f) GDPR.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected - in this case, at the end of the usage process.

In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses are deleted or anonymized, so that an assignment of the calling client is no longer possible.

The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website, which is why there is no possibility to object.

Contact form and e-mail contact

Our website contains a contact form that can be used for electronic contact. If you take advantage of this option, the data entered in the input mask will be transmitted to us and stored. These data are:

• E-mail
• Name
• Company if applicable
• Address if applicable
• Phone if applicable
• Country if applicable
• Communication

At the time of sending the message, the following data is also stored:

• IP address of the user
• Date and time of registration

For the processing of data, your consent is obtained during the submission process and reference is made to this privacy policy. Alternatively, it is possible to contact us via the e-mail address provided. In this case, the personal data transmitted with the e-mail will be stored. Insofar as this involves information on communication channels (for example, e-mail address, telephone number), you also consent to us contacting you via this communication channel, if necessary, in order to respond to your request. In this context, the data will not be passed on to third parties. The data will be used exclusively for processing the conversation.

The legal basis for the processing of the data is Art. 6 para. 1 p. lit. a) GDPR if the user has given his consent. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 p. 1 lit. f) GDPR. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1S. 1 lit. b) GDPR.

The processing of personal data from the input mask serves us solely to process the contact. Of course, we will use the data from your e-mail inquiries exclusively for the purpose for which you provide them to us when contacting us. In the case of contact by e-mail, the necessary legitimate interest in the processing of the data also lies in its reply. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.  The additional personal data collected during the sending process will be deleted at the latest after expiry of the legally prescribed period.

Inquiry by e-mail or telephone
If you contact us by e-mail or telephone, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 (1) (a) GDPR) and/or on our legitimate interests (Art. 6 (1) (f) GDPR), as we have a legitimate interest in the effective processing of requests addressed to us.

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular legal retention periods - remain unaffected.

Processing of data (customer and contract data)

We collect, process and use personal data only to the extent that they are necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. We collect, process and use personal data about the use of our websites (usage data) only to the extent necessary to enable the user to use the service or to bill the user.

The collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.

Data transfer upon conclusion of a contract for services and digital content

We transmit personal data to third parties only if this is necessary for the processing of the contract, for example, to the credit institution entrusted with the processing of payments.

A further transmission of the data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.

The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

Links to external websites

This website contains links to external sites. We are responsible for our own content. We have no influence on the contents of external links and are therefore not responsible for them, in particular we do not adopt their contents as our own. If you are directed to an external site, the data protection declaration provided there applies. If you notice illegal activities or content on this site, you are welcome to inform us. In this case we will check the content and react accordingly (notice and take down procedure).

 

Newsletter

Newsletter data

If you purchase goods or services from us and provide us with your e-mail address, we may subsequently use it to send you a newsletter. In such a case, only direct advertising for our own similar goods or services will be sent via the newsletter. The legal basis for sending the newsletter is Article 7 (3) UWG.

To avoid abusive or incorrect mail entries, we use the so-called double-opt-in procedure. This means that we send you an e-mail to the specified e-mail address in which we ask you to confirm that the mail address is correct. If you do not confirm your details, your information will be blocked and automatically deleted in compliance with the legally prescribed period. In addition, we store your respective IP addresses used and times of registration and confirmation.

The collection of the user's e-mail address serves to deliver the newsletter. The collection of other personal data in the context of the confirmation process according to para. 2 serves to prevent misuse of the services or the e-mail address used.

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. Accordingly, the user's e-mail address will be stored as long as you do not revoke the receipt of the newsletter.

You can unsubscribe from receiving our emails at any time by clicking on the "unsubscribe" box in our newsletter unsubscribe or by sending us a text message (email/letter) to the contact details provided in the imprint stating that you no longer wish to receive our promotional emails.

 

Plugins and tools

Google reCAPTCHA

We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our websites. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). The purpose of reCAPTCHA is to verify whether data entry on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not notified that an analysis is taking place. The data processing is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM. For more information on Google reCAPTCHA and Google's privacy policy, please see the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

Leadinfo

We use the lead generation service provided by Leadinfo B.V., Rotterdam, The Netherlands, which recognizes
visits of companies to our website based on IP-addresses and shows us related publicly available information,
such as company names or addresses. In addition, Leadinfo places two first-party cookies for providing
transparency on how our visitors use our website and the tool processes domains from provided form inputs
(e.g. “leadinfo.com”) to correlate IP addresses with companies and to enhance its services. For additional
information, please visit www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out
option. In the event of an opt-out, your data will no longer be used by Leadinfo”.

YouTube

Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. For more information on the handling of user data, please refer to YouTube's privacy policy at: https://www.google.de/intl/de/policies/privacy.

 

Data processing through social networks

We maintain publicly accessible profiles on social networks. The social networks used by us in detail can be found below.

Social networks such as Facebook can generally analyze your user behavior extensively when you visit their website or a website with integrated social media content (e.g. Like buttons or advertising banners). Visiting our social media presences triggers numerous processing operations relevant to data protection. In detail:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are or were logged in.

Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

Our social media presences are intended to ensure the most comprehensive presence possible on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which are to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) lit. a GDPR).

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. against Facebook).

Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

The data collected directly by us via the social media presence is deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal provisions - in particular retention periods - remain unaffected. We have no influence on the storage period of your data, which is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

Facebook fan page

We operate an online presence on Facebook, a so-called Facebook Fanpage. The following additional information on data processing applies to visits to our fan page. Information on data protection at Facebook in general can be found at https://www.facebook.com/about/privacy/.

We are jointly responsible with Facebook for the operation of our Facebook fan page in accordance with Art. 26 GDPR. For this purpose, we have defined in an agreement with Facebook who fulfills which obligations with regard to data protection. This agreement can be accessed here. Accordingly, Facebook is primarily responsible for providing the data subject with information about the joint processing and enabling him or her to exercise his or her data protection rights. Irrespective of this, we hereby inform you about your visit to our Fanpage.

Our contact details are:

mimatic GmbH
Westendstraße 3
D-87488 Betzigau (Germany)
Phone: +49 (831) 57444-0

E-mail: info@mimatic.de

You can reach Facebook at:

Meta Platforms Ireland Ltd.
4 Grand Canal Square,
Grand Canal Harbour,
Dublin 2, IrelandOnline you can reach Facebook at https://www.facebook.com/help/contact/2061665240770586.

You can reach Facebook's data protection officer at
https://www.facebook.com/help/contact/540977946302970.

If you are a Facebook user, Facebook collects the data described in the Facebook Data Policy (https://www.facebook.com/about/privacy/update) under "What types of information do we collect? If you are not a Facebook user, cookies with identifiers, small text files, may still be stored in your browser, which enable so-called tracking of your user behavior.

As a rule, the user data during a visit to Facebook is also processed by Facebook for market research and advertising purposes. Based on user behavior (also when visiting our fan page), complex user profiles are created, which Facebook can use to play personalized advertisements to the visitor within and outside of Facebook. More information on this can also be found in the Facebook data policy (https://www.facebook.com/about/privacy/update).

If you do not agree to this, you can object at https://www.facebook.com/index.php?next=https%3A%2F%2Fwww.facebook.com%2Fsettings%3Ftab%3Dads (opt-out).

Facebook provides us with statistics and usage data that we can use to analyze the use of our fan page (so-called "page insights"). This enables us to continuously improve our offer on Facebook. We, as the operator, do not make any decisions regarding the processing of Insights data and any other information resulting from Art. 13 of the GDPR, such as the storage duration of cookies on user devices. The primary responsibility under the GDPR for the processing of Insights Data lies with Facebook and Facebook complies with all obligations under the GDPR with respect to the processing of Insights Data.

We as the site administrator have no other way, not even via user tracking, to evaluate user behavior on our Fanpage. It is also fundamentally not possible for us to identify the visitor to the Fanpage on the basis of the Page Insights. In particular, we have no right under the agreement to require Facebook to disclose individual visitor data. Identification is only possible for us if we are able to assign individual profile pictures to "Like" page views; however, this is only possible insofar as our Fanpage has been marked with "Like" by the corresponding visitor and the "Like" is set to "public".

You can find out what information Facebook uses to create Page Insights at: https://www.facebook.com/legal/terms/information_about_page_insights_data.

The operation of the Facebook fan page and the use of page insights serves our legitimate interest in effective external presentation and efficient communication with our customers and interested parties. This interest justifies the operation of the page both to the legitimate interests of Facebook users and to visitors to our fan page who do not have a Facebook account. Accordingly, the legal basis is Art. 6 para. 1 p. 1 lit. f) GDPR.

Data collected by Facebook is shared and processed throughout the Facebook group. The Facebook Group also includes, for example, Instagram, WhatsApp and Oculus. For example, information collected through Facebook is used to display personalized ads to the user on Instagram, or information from WhatsApp is used to take action against accounts that send spam through WhatsApp on Facebook. This information can be found in the Facebook Data Policy (https://www.facebook.com/about/privacy/update) under "How do Facebook companies work together?".

When Facebook processes data, user data may be transferred outside the European Economic Area (EEA), in particular to the USA. Facebook has therefore submitted to the EU-US Privacy Shield:

(https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=A...).

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without specifying a particular situation. If you wish to exercise your right of revocation or objection, it is sufficient to send an e-mail to e-mail.

You have the right to revoke your consent to us at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future. Furthermore, you have the right to information according to Art. 15 GDPR, the right to correction according to Art. 16 GDPR, the right to deletion according to Art. 17 GDPR, the right to restriction of processing according to Art. 18 GDPR, as well as the right from data portability from Art. 21 GDPR. Furthermore, there is a right of appeal to a competent data protection supervisory authority (Art. 77 GDPR in conjunction with § 19 BDSG).

In principle, you can assert your data protection rights both against Facebook and against us. Since only Facebook has direct access to your user data, you can most effectively assert your data subject rights against Facebook.

 

Data protection information on e-mail contact

We hereby inform you in accordance with Art. 13, 14 GDPR (General Data Protection Regulation) about what data we collect and process from you and for what purpose in the context of email communication. When contacting us by email, the user's personal data that is transmitted along with the email will be stored. If this includes information about communication channels (e.g. email address, telephone number), you also agree that we may contact you via this communication channel in order to respond to your request. This data will not be disclosed to third parties in this context. The data is used exclusively for processing the conversation. The legal basis for processing the data transmitted in the course of sending an email is Art. 6 para. 1 p.1 lit. f) GDPR. If you send us an email with the intention of entering into a contract with us, this creates an additional legal basis for its processing per Art. 6 para. 1p. 1 lit. b) GDPR. The data from your email inquiries will of course only be used for the purpose for which you made them available to us when contacting us. The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For the personal data that was sent by email, this is the case when the respective conversation with the user has been completed. The conversation will have ended when it is evident from the circumstances that the matter at hand has been conclusively resolved. If the email contact is aimed at the execution of a contract, the data will be deleted after expiry of the statutory (commercial or tax) storage periods required for this. You have the right to request information from us at any time about your personal data being stored by us (Art. 15 GDPR). This also affects the recipient or category of recipients to whom this data is shared and the purpose of the storage. In addition, you have the right to request corrections under the conditions of Article 16 GDPR and/or, under the conditions of Article 17 GDPR, the cancellation and/or, under the conditions of Article 18 GDPR, the restriction of processing. Furthermore, you can request data transmission at any time under the conditions of Art. 20 GDPR. In the case of processing of personal data to safeguard legitimate interests (Art. 6 para. 1 p. 1 lit. f GDPR), you may object to the processing of your personal data at any time with effect for the future. In the event of an objection, we shall refrain from any further processing of your data for the aforementioned purposes, unless there are compelling, legitimate reasons for processing which outweigh your interests, rights and freedoms, or the processing is necessary to assert, exercise or defend legal claims. All information requests, inquiries, revocations or objections to data processing should be addressed by email or mail to the person responsible, Armin Ledermann, mimatic GmbH, Westendstraße 3, D-87488 Betzigau (Germany), Phone: +49 (831) 57444-0, E-Mail: info@mimatic.de. For further information, please refer to the full text of the GDPR. Furthermore, you have the possibility of complaining to the responsible supervisory authority about data protection issues. The authority responsible for us is the Bavarian Data Protection Authority, Promenade 27, D-91522 Ansbach (Germany).

 

Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

1. Right to information,
2. Right to rectification
3. Right to restriction of processing,
4. Right to deletion
5. Right to information
6. Right to data portability.
7. Right to object to processing
8. Right to revoke consent under data protection law
9. Right not to apply an automated decision
10. Right to complain to a supervisory authority

Right to information

1. You may request confirmation from the controller as to whether personal data concerning you are being processed by us. If such processing is taking place, you may at any time request from the controller free of charge information about the personal data stored about you and about the following information:

1. the purposes for which the personal data are processed;
2. the categories of personal data which are processed;
3. the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
4. the planned duration of the storage of the personal data concerning you or, if concrete information on this is not possible, criteria for determining the storage duration;
5. the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
6. the existence of a right of appeal to a supervisory authority;
7. any available information on the origin of the data, if the personal data are not collected from the data subject;
8. the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

2. You have the right to request information about whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

Right to rectification

You have the right to obtain from the controller the rectification and/or completion without undue delay of any personal data processed concerning you which is inaccurate or incomplete.

Right to restriction of processing

1. Under the following conditions, you may request the controller to immediately restrict the processing of personal data concerning you:

1. if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
2. the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of the personal data;
3. the controller no longer needs the personal data for the purposes of processing, but you need them for the assertion, exercise or defense of legal claims, or
4. if you have objected to the processing pursuant to Art. 21 (1) GDPR and it is not yet clear whether the legitimate grounds of the controller outweigh your grounds.

2. If the processing of personal data relating to you has been restricted, such data may - apart from being stored - only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State. If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

Right to deletion

1. You may request the controller to delete the personal data concerning you without undue delay if one of the following reasons applies:

1. The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
2. You revoke your consent on which the processing was based pursuant to Art. 6 (1) a or Art. 9 (2) a GDPR and there is no other legal basis for the processing.
3. You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
4. The personal data concerning you has been processed unlawfully.
5. The deletion of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
6. The personal data concerning you was collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.

2. If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) of the GDPR, it shall take reasonable measures, including technical measures, having regard to the available technology and the cost of implementation, to inform data controllers which process the personal data that you, as the data subject, have requested that they erase all links to or copies or replications of such personal data.
3. The right to erasure does not exist insofar as the processing is necessary to

1. to exercise the right to freedom of expression and information;
2. for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
3. for reasons of public interest in the area of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) GDPR;
4. for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes pursuant to Article 89(1) of the GDPR, insofar as the right referred to in Section a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing, or
5. for the assertion, exercise or defense of legal claims.

Right to information

If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this rectification/erasure/restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right against the controller to be informed about these recipients.

Right to data portability

1. You have the right to receive the personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format. You also have the right to transfer this data to another controller without hindrance from the controller to whom the personal data was provided, provided that

1. the processing is based on consent pursuant to Art. 6 (1) a GDPR or Art. 9 (2) a GDPR or on a contract pursuant to Art. 6 (1) b GDPR and
2. the processing is carried out with the help of automated procedures.

2. In exercising this right, you also have the right to have the personal data concerning you transferred directly from one controller to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.
3. The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
4. In order to assert the right to data portability, the data subject may at any time contact the controller.

Right of objection

1. You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6 (1) (e) or (f) GDPR; this also applies to profiling based on these provisions.
2. The controller shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.
3. If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to processing of the personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing. If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
4. You have the possibility, in connection with the use of information society services - notwithstanding Directive 2002/58/EC - to exercise your right to object by means of automated procedures using technical specifications.
5. In order to exercise the right to object, the data subject may directly contact the controller.

Right to revoke the declaration of consent under data protection law

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. You can contact the responsible person for this purpose.

Automated decision in individual cases including profiling

1. You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

1. is necessary for the conclusion or fulfillment of a contract between you and the responsible party,
2. is permitted by legislation of the Union or the Member States to which the controller is subject and that legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests, or
3. is done with your express consent.

2. However, these decisions may not be based on special categories of personal data pursuant to Article 9(1) of the GDPR, unless Article 9(2)(a) or (g) of the GDPR applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests.
3. With regard to the cases referred to in (1) and (3), the controller shall take reasonable steps to safeguard the rights and freedoms of, and the legitimate interests of, the data subject, which shall include, at least, the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision.
4. If the data subject wishes to exercise the rights concerning automated decisions, he or she may, at any time, contact the controller.

Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.

Changes to the privacy policy

We reserve the right to modify our privacy practices and this policy to conform to changes in relevant laws or regulations or to better meet your needs. Possible changes to our privacy practices will be posted here accordingly. Please note the current version date of the Privacy Policy.

Betzigau, 29.10.2021