Privacy Policy

 

Welcome to the privacy policy of our website. As the operator of the homepage https://www.miomio.com/  we take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the applicable statutory data protection regulations, your selection in the cookie banner and this privacy policy. 

 

Name and address of the data controller 

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is the: 

MIO MIO GmbH 

Tel.:  +49 (0) 5961 / 502 – 4 

Fax: +49 (0) 5961 / 502-378 

E-Mail: info@miomio.com 

 

If you have any questions about data protection, please contact our external data protection officer at Prico GmbH. 

Please send your request by e-mail to Mr. Sebastian Feldmann, datenschutz@berentzen.de  

 

General information on data processing 

Scope of the processing of personal data 

We only process our users’ personal data to the extent necessary to provide a functional website and the content and services. As a rule, personal data is only processed with the user’s consent. An exception applies in cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law. 

Legal basis for the processing of personal data 

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. 

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures. 

Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c) GDPR serves as the legal basis. 

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d) GDPR serves as the legal basis. 

If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f) GDPR serves as the legal basis for the processing. 

Data erasure and storage duration 

Your personal data will be deleted or blocked as soon as the purpose of storage no longer applies and there are no legal retention periods or other requirements to the contrary. 

 

Provision of the website and creation of log files 

Description and scope of data processing 

Each time our website is accessed, data and information are automatically collected by the computer system of the accessing computer. The following data is collected: Each time our website is accessed, data and information are automatically collected by the computer system of the accessing computer. The following data is collected: 

  • IP address of the requesting computer (host name) 
  • Date and time of access 
  • Name and URL of the retrieved file 
  • Website from which the access was made (referrer URL) 
  • Browser used and, if applicable, the operating system of your computer 
  • Name of your access provider. 

 

The data is also stored in the log files of our system. This data is not stored together with other personal data of the user. 

Legal basis for data processing 

The legal basis for the temporary storage of data and log files is Article 6(1)(f) GDPR. 

Purpose of data processing  

Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. 

The data is stored in log files to ensure the functionality of the website. We also use the data to optimize the website and to ensure the security of our information technology systems. The data is not analyzed for marketing purposes in this context. 

These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f) GDPR. 

Duration of storage 

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. 

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or anonymized so that it is no longer possible to identify the accessing client. 

Possibility of objection and removal 

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option to object. 

 

Contact form and e-mail contact 

Description and scope of data processing 

There is a contact form on our website that can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored. These data are: 

  • Subject 
  • First and last name of the user 
  • Your e-mail address 
  • Your telephone number 
  • Additional personal data provided by you as part of your message 

 

Legal basis for data processing 

The legal basis for the processing of the data is Art. 6 para. 1 lit. a) GDPR if the user has given consent. 

The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 (1) (f) GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR. The legal basis for the processing of the data is Art. 6 para. 1 lit. a) GDPR if the user has given consent. 

The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 (1) (f) GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR. 

Purpose of data processing   

The processing of the personal data from the input mask serves us solely to process the contact. In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data. 

The other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems. 

Duration of storage  

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input screen of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified. 

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest. 

 

Possibility of objection and removal  

The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. 

The user can object to the processing of their data by e-mail or by post. All personal data stored in the course of contacting us will be deleted in this case. 

 

Data transfer to third countries 

Among other things, tools from companies based in so-called third countries (i.e. outside the European Union (EU), the European Economic Area (EEA)) may be integrated on our website. If these tools are active, your personal data may be forwarded to the servers of the respective companies. We have no influence on this data processing. 

If we process data in a third country or if the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this will only take place in accordance with the following legal requirements pursuant to Art. 44 et seq. GDPR: 

  • Basis of an adequacy decision 
  • Internal data protection rules 
  • Approved rules of conduct 
  • Standard data protection clauses  
  • Approved certification mechanism pursuant to Art. 46 para. 2 lit. a) – f) GDPR 

 

Use of cookies 

Description and scope of data processing 

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on your computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. These cookies contain a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. 

We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser can be identified even after a page change. 

We also use cookies on our website that enable us to analyze the surfing behavior of users. The user data collected in this way is anonymized by technical precautions. It is therefore no longer possible to assign the data to the accessing user. The data is not stored together with other personal user data 

Legal basis for data processing 

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f) GDPR. Insofar as cookies are set to analyze user behavior, this is done on the basis of consent in accordance with Art. 6 para. 1 lit. a) GDPR. 

Purpose of data processing  

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognized even after a page change. As the website operator, we have a legitimate interest in the storage of cookies for the technically error-free and optimized provision of our services. The user data collected by technically necessary cookies is not used to create user profiles. Analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus constantly optimize our offer. 

Duration of storage, Possibility of objection and removal 

Cookies are stored on the user’s device and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent. 

 

Cookie-Consent 

Our website uses the cookie consent technology “Cookiebot” from Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, to obtain your consent to the storage of certain cookies in your browser and to document this in accordance with data protection regulations. 

When you visit our website, you will be shown a banner in which you can actively select various cookies and thus give your consent to their use. So that the cookie consent tool can assign your visit to you as a user and individually record, log and store the consent settings you have made for a session duration, certain user information (including the IP address) is collected and stored by the cookie consent tool when you visit our website. 

The data collected will be stored until you ask us to delete it or the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected.  

Cookie consent technology is used to obtain the legally required consent for the use of technically unnecessary cookies. The legal basis for this is Art. 6 para. 1 lit. c) GDPR. 

 

Cookies used, services and other functions of the website 

Matomo 

Description and purpose 

This website uses Matomo (formerly Piwik), an open source software for the statistical analysis of visitor access. The provider of Matomo is InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. 

Matomo uses cookies that are stored on your computer, which enable an anonymized analysis of your website usage. It is generally not possible to draw conclusions about a specific person, as your IP address is anonymized immediately after processing and before storage. 

We use Matomo to improve the quality of our website and its content. By learning how our website is used, we can continuously optimize our website offering. 

The following data is stored when the individual pages of our website are accessed: 

  1. two bytes of the IP address of the user’s accessing system 
  2. the website accessed 
  3. the website from which the user came to the accessed website (referrer url) 
  4. subpages that are accessed from the accessed website 
  5. time spent on the website 
  6. frequency with which the website is accessed. 

 

The software runs exclusively on the servers of our website or our website support, and the user’s personal data is only stored there. The user’s IP address is not stored in full but only shortened by masking only 2 bytes of the IP address. It is then not possible to assign the IP address shortened in this way to the user’s end device. 

The processing of users’ personal data enables us to analyze usage behavior on our website. 

 

Legal basis 

The legal basis for this processing of your personal data is Art. 6 para. 1 lit. f) GDPR.  

 

Data recipients, data transfer and data transfer to third countries 

The recipient of your anonymized data is the website operator and website support. Data will not be transferred to a third country. The data will also not be passed on to third parties in any other way.  

 

Duration and scope of data storage 

The data will be deleted as soon as it is no longer required for the purpose for which it was collected and processed. The data will also be deleted if you assert your right to data deletion in accordance with Art. 17 para. 1 GDPR. 

For further data subject rights, see below in this privacy policy. 

There is no contractual or legal obligation to provide the data. 

 

Further information on the processing of your personal data by Matomo can be found here: https://matomo.org/privacy-policy/ 

 

Social media presence 

Facebook 

Joint Controllership 

In accordance with the jurisdiction of the European Court of Justice, we are jointly responsible with Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (Facebook) for the processing of personal data collected when you visit our Facebook page. 

Data collection and processing 

When you visit our Facebook page, Facebook automatically collects personal data from you, such as IP address, device information and interaction behavior. You can find further information on this in the Privacy Policy of Meta. 

Use of cookies 

Facebook uses cookies to store and process the data. If you have a Facebook profile and are logged in, the data is also stored and analyzed across devices. You can find information on the use of cookies by Facebook here. 

Possibilities of objection 

You can object to the use of cookies on the following pages: 

Page insights and usage analysis 

Facebook provides us with anonymized statistics about the use of our site. This includes data such as page views, “Like” information and post interactions. We use this data to optimize our site and content in accordance with Art. 6 para. 1 lit. f) GDPR. 

Further information about the joint controllership 

The duties of joint responsibility are regulated in the “Page Insights Addendum”: Page-Insights-Addendum. 

 

Instagram 

Joint Controllership 

We are jointly responsible for data processing on our Instagram page with Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. 

Data collection and processing 

When you visit our Instagram page, Instagram collects personal data such as IP address, user behavior and interactions with our page. You can find more information on this in Instagram’s privacy policy. 

Use of cookies 

Instagram uses cookies to analyze user behavior. For logged-in users, the analysis can be carried out across devices. Further information on the use of cookies can be found.here. 

Possibilities of objection 

You can object to the processing of your data by Instagram in your Instagram settings or under Your Online Choices. 

Page insights and usage analysis 

Instagram provides us with anonymized usage statistics that we use to improve our site. This is done on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR. 

Further information about the joint controllership 

Further details on joint responsibility can be found in the Instagram joint controllership agreement. 

 

TikTok 

Joint Controllership 

Under the jurisdiction of the European Court of Justice, we are jointly responsible with TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, for the processing of personal data collected when you visit our TikTok site. 

Data collection and processing 

When you visit our TikTok page, TikTok automatically collects personal data, including IP address, device information and interaction behavior. TikTok may use this information to compile usage statistics and improve the platform. Further information on data collection can be found in TikTok’s privacy policy. 

Use of cookies 

TikTok uses cookies to analyze user behavior on our site and to store usage data. For registered TikTok users, the analysis also takes place across devices. Further information on the use of cookies by TikTok can be found here. 

Possibilities of objection 

You can object to the processing of your data by TikTok by adjusting the cookie settings in your TikTok account. You can find further objection options under Your Online Choices. 

Page insights and usage analysis 

TikTok provides us with anonymized statistics about the use of our site in order to evaluate and optimize the interaction with our site. This data processing is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR. 

Further information about the joint controllership 

The responsibilities within the framework of joint responsibility are regulated in TikTok’s privacy policy. TikTok assumes primary responsibility for the processing of Insights data and the fulfillment of obligations under the GDPR. Further information can be found in the TikTok Privacy Policy. 

 

YouTube 

Joint Controllership 

We are jointly responsible for data processing in connection with our YouTube page with Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. 

Data collection and processing 

When you visit our YouTube page, YouTube automatically collects personal data, including IP address, information about the device used and interaction behavior. This data can be processed for usage statistics and used to improve the platform. Further details on this can be found in the Privacy policy of YouTube. 

Use of cookies 

YouTube uses cookies to store and analyze user behavior. If you have a Google account and are logged in, the data can also be analyzed across devices. Information on the use of cookies by YouTube can be found in the YouTube cookie policy. 

Possibilities of objection 

You can object to the processing of your data by YouTube by adjusting the cookie settings in your Google account. Further options for deactivating personalized advertising can be found under Google Ads settings and under Your Online Choices. 

Page insights and usage analysis 

YouTube provides us with anonymized data and statistics on the use of our site. We use this information to improve our content on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR. 

Further information about the joint controllership 

The responsibilities in the joint responsibility are set out in the “YouTube Joint Responsibility Agreement”. Google assumes primary responsibility for the processing and fulfillment of data protection obligations under the GDPR. Further information can be found in the YouTube Privacy Policy. 

 

Flockler 

We use the Flockler social media plugin on our website to make its use as personal as possible. 

When you visit our website, your browser establishes a direct connection with the Flockler servers. The content of the plugin is sent by Flockler directly to your browser, which integrates it into the website. However, Flockler does not store any of your personal data. However, Flockler cookies are set (see section 4 above). 

By integrating the plugins, however, Flockler is informed that your browser has accessed our website, even if you do not have a Flockler account or are not currently logged in to Flockler. 

If you are logged in to Flockler, Flockler can assign the visit to our website to your Flockler account and this information is transmitted directly to a Flockler server in the USA and stored there. 

If you do not want Flockler to assign the data collected via our website to your Flockler account, you must log out of your Flockler account before visiting our website. 

You can find more information about Flockler at: https://flockler.com. You can find Flockler’s privacy policy here: https://flockler.com/privacy-policy. 

 

Applicant data protection 

If you apply to us electronically, i.e. by e-mail or via our web form, we will collect and process your personal data for the purpose of handling the application process and implementing pre-contractual measures. We use a specialized software provider to handle the application process. The applicant portal is operated by softgarden e-recruiting GmbH, Tauentzienstraße 14, 10789 Berlin, with whom we have concluded an order processing contract. 

By submitting an application, you express your interest in taking up employment with us. In this context, you provide us with personal data that we use and store exclusively for the purpose of your job search/application. In particular, the following data will be collected: First and last name, e-mail address, telephone number, XING profile if applicable. 

You also have the option of uploading or sending documents such as a cover letter, your CV and references. These may contain further personal data such as date of birth, address, etc. 

The legal basis for the processing of your applicant data is Art. 6 para. 1 lit. b) GDPR and Art. 9 para. 2 lit. b) GDPR. Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR are voluntarily communicated as part of the application process, their processing is also carried out in accordance with Art. 9 para. 2 lit. b) GDPR (e.g. health data, such as severely disabled status). 

Only authorized employees from the HR department or persons involved in the application process have access to your data. 

Personal data is stored exclusively for the purpose of filling the vacant position for which you have applied. 

Your data will be stored for a period of 6 months after the end of the application process. This is usually done to fulfill legal obligations or to defend against any claims arising from legal regulations. You have the option of giving us your consent to include you in the applicant pool in order to consider you for future vacancies. Your data will then be deleted immediately after your consent has expired or if you withdraw your consent. We are then obliged to delete or anonymize your data. In this case, the data will only be available to us as so-called metadata without direct personal reference for statistical evaluations. 

 

Integration of additional services and content from third parties 

Third-party content, such as videos, fonts or graphics originating from other websites, may be integrated into this online offering. In order for this content to be displayed, it is necessary for the respective providers of this content (hereinafter referred to as “third-party providers”) to collect the IP address of the user. Without the IP address, it would not be possible to transmit the content to the user’s browser, as this is necessary for the display. We endeavor to only integrate content whose providers use the IP address exclusively to provide the content. Nevertheless, we have no influence on whether third-party providers store the IP address for statistical purposes, for example. If we are aware of this, we will inform users accordingly. We would like to provide and optimize our online offering through these integrations. 

The legal basis for the integration of further third-party services and content is Art. 6 para. 1 lit. f) GDPR. Our overriding legitimate interest lies in the best possible presentation of our online presence and in the user-friendly and economically efficient provision of our services. Please check the respective data protection conditions before you transmit personal data to these websites. 

 

Other data recipients 

If the legal requirements are met (e.g. your consent has been obtained), we may share your personal data with other recipients who provide services for us. Taking into account the principle of data minimization, we limit the disclosure of your personal data to what is necessary. The service providers used receive your personal data as processors (data processing agreement pursuant to Art. 28 GDPR) or as independent data processors. The following categories of service providers or data recipients may receive your data: 

  • Server operators & hosting providers 
  • Marketing agencies & website support 
  • External legal & tax advice 
  • Service providers in the area of recruiting 
  • Service providers for postal and delivery services 
  • Other services and tools 

 

Access to your data is only granted under strict conditions (confidentiality requirements). 

 

Data security 

Unfortunately, the transmission of information via the Internet is not completely secure, which is why we cannot guarantee the security of data transmitted to and via our website via the Internet. However, we take the best possible technical and organizational measures to protect our website and other systems against loss, destruction, access, modification or dissemination of your data by unauthorized persons. 

We take precautions to ensure the security of your personal data. Your data is conscientiously protected against loss, destruction, falsification, manipulation and unauthorized access or unauthorized disclosure. 

 

Rights of the data subject 

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following “data subject rights” vis-à-vis the controller: 

Right to information pursuant to Art. 15 GDPR 

You can request confirmation from the controller as to whether personal data concerning you is being processed by us. If such processing is taking place, you can request the following information from the controller: 

  1. the purposes for which the personal data are processed 
  2. the categories of personal data that are processed 
  3. the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed 
  4. the envisaged period for which the personal data concerning you will be stored, or, if specific information on this is not possible, the criteria used to determine that period 
  5. the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing 
  6. (the existence of a right to lodge a complaint with a supervisory authority 
  7. (all available information about the origin of the data if the personal data is not collected from the data subject; 

 

You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer. 

 

Right to rectification pursuant to Art. 16 GDPR 

You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is incorrect or incomplete. The controller must make the correction without delay. 

 

Right to restriction of processing pursuant to Art. 18 GDPR 

You may request the restriction of the processing of your personal data under the following conditions: 

  1. wenn if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data; 
  2. the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; 
  3. the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims, or 
  4. if you have objected to the processing pursuant to Art. 21 (1) GDPR and it has not yet been established whether the legitimate reasons of the controller override your reasons. 

 

If the processing of personal data concerning you has been restricted, such data may only be processed – apart from being stored – with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. 

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted. 

 

Right to erasure pursuant to Art. 17 GDPR 

a) Obligation to delete 

You may request us to delete the personal data concerning you immediately and we are obliged to delete this data immediately if one of the following reasons applies: 

  1. The personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed. 
  2. You revoke your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a) or Art. 9 para. 2 lit. a) GDPR and there is no other legal basis for the processing. 
  3. You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR. 
  4. The personal data concerning you has been processed unlawfully 
  5. The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject. 
  6. The personal data concerning you were collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR. 

 

b) Information to third parties  

If we have made the personal data concerning you public and we are obliged to delete it in accordance with Art. 17 para. 1 GDPR, we will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data controllers who process the personal data that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data. 

c) Exceptions 

The right to erasure does not exist if the processing is necessary 

  1. The right to erasure does not exist if the processing is necessary; 
  2. for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; 
  3. for reasons of public interest in the area of public health in accordance with Art. 9 para. 2 lit. h) and i) and Art. 9 para. 3 GDPR; 
  4. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or,  
  5. for the assertion, exercise or defense of legal claims. 

 

Right to information pursuant to Art. 19 GDPR 

If you have asserted the right to rectification, erasure or restriction of processing, we are obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. 

You have the right vis-à-vis the controller to be informed about these recipients. 

 

Right to data portability pursuant to Art. 20 GDPR 

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, where 

  1. the processing is based on consent pursuant to Art. 6 para. 1 lit. a) GDPR or Art. 9 para. 2 lit. a) GDPR or on a contract pursuant to Art. 6 para. 1 lit. b) GDPR and 
  2. the processing is carried out by automated means. 

 

In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. The freedoms and rights of other persons must not be affected by this. 

The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. 

 

Widerspruchsrecht nach Art. 21 GDPR 

Sie haben das Recht, aus Gründen, die sich aus Ihrer besonderen Situation ergeben, jederzeit gegen die Verarbeitung Sie betreffender personenbezogener Daten, die aufgrund von Artikel 6 Absatz 1 Buchstabe e oder f der DSGVO erfolgt, Widerspruch einzulegen. 

Wir werden die Sie betreffenden personenbezogenen Daten nicht mehr verarbeiten, es sei denn, wir können zwingende schutzwürdige Gründe für die Verarbeitung nachweisen, die Ihre Interessen, Rechte und Freiheiten überwiegen, oder die Verarbeitung dient der Geltendmachung, Ausübung oder Verteidigung von Rechtsansprüchen. 

Werden Ihre personenbezogenen Daten zum Zwecke der Direktwerbung verarbeitet, so haben Sie das Recht, jederzeit Widerspruch gegen die Verarbeitung Ihrer personenbezogenen Daten zum Zwecke derartiger Werbung einzulegen. 

Wenn Sie der Verarbeitung zu Zwecken des Direktmarketings widersprechen, werden die Sie betreffenden personenbezogenen Daten nicht mehr für diese Zwecke verarbeitet. 

Im Zusammenhang mit der Nutzung von Diensten der Informationsgesellschaft und ungeachtet der Richtlinie 2002/58/EG können Sie Ihr Widerspruchsrecht mit Hilfe automatisierter Verfahren unter Verwendung technischer Spezifikationen ausüben. 

 

Right to revoke the declaration of consent under data protection law pursuant to Art. 7 para. 3 GDPR 

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. To withdraw your consent or to object, simply send us an e-mail. 

 

Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR 

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR. 

The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR. 

 

Automated decision in individual cases including profiling 

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision 

  1. is necessary for the conclusion or performance of a contract between you and the controller, 
  2. is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or 
  3. with your express consent.

 

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a) or g) applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests. 

Changes to the data protection provisions 

We reserve the right to amend this privacy policy at any time with effect for the future so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services.