With the following information, we would like to give you, the "data subject", an overview of how Minitüb GmbH processes personal data and your rights under the General Data Protection Regulation (GDPR). In principle, our website can be used without entering personal data. However, if you would like to use our company's special services via our website, processing of certain personal data may be necessary.
The processing of personal data takes place in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations. With this data protection declaration, we would like to inform you about how we process personal data.
As the responsible party, we have implemented numerous technical and organizational measures to ensure the most complete protection possible for the personal data processed via this website. Nevertheless, internet-based data transmissions can fundamentally have security gaps, so that absolute protection cannot be guaranteed. For this reason, we also offer you the option to transmit personal data to us in alternative ways, for example by telephone or by post.
Responsible within the meaning of the GDPR is:
Phone: (+49) 8709 9229 0
III. Data protection officer
You can contact the data protection officer as follows:
Datenschutz hoch 4 GmbH
Phone: (+49) 941 569 550 20
If you have any questions, suggestions, etc. regarding data protection, please feel free to contact our data protection officer directly.
This data protection declaration is based on the terms of the GDPR. To simplify understanding, we would like to explain some of the important terms in this context:
- Personal data: Personal data is all information that relates to an identified or identifiable natural person. A natural person is considered to be identifiable if, directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics, the expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person can be identified.
- Data subject: Data subject is any identified or identifiable natural person whose personal data are processed by the responsible (our company).
- Processing: Processing is any process or series of processes carried out with or without the help of automated processes in connection with personal data such as the collection, organization, storage, adaptation or modification, reading, querying, use, disclosure by transmission, distribution or any other form of provision, comparison or linking, restriction, deletion or destruction.
- Recipient: Recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, regardless of whether it is a third party or not. However, authorities that may receive personal data as part of a specific investigation mandate under Union or Member State law are not considered recipients.
- Third party: A third party is a natural or legal person, public authority, agency or other body apart from the data subject, the responsible, the processor and the persons who are authorized under the direct responsibility of the responsible or processor to provide the personal data to process.
- Consent: Consent is any declaration of intent made by the data subject voluntarily for the specific case in an informed manner and unequivocally in the form of a declaration or another clear confirming action by which the data subject indicates its consent to the processing of its personal data.
V. Legal basis for processing
- Art. 6 para. 1 lit. a GDPR serves our company as the legal basis for processing operations where we obtain consent for a specific processing purpose.
- If the processing of personal data is necessary to fulfill a contract to which you are a party, the processing is based on Art. 6 Para. 1 lit. b GDPR. The same applies to such processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our products or services.
- If our company is subject to a legal obligation that requires the processing of personal data, such as to fulfill tax obligations, the processing is based on Art. 6 Para. 1 lit. c GDPR.
- Ultimately, processing operations can be based on Art. 6 Para. 1 lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company, provided that the interests, fundamental rights and freedoms of the data subject do not outweigh them.
VI. Transmission of data to third parties
Your personal data will not be passed on to third parties for purposes other than those listed below. We only pass on your personal data to third parties if:
- You have given your consent pursuant to Art. 6 Para. 1 S. 1 lit. a GDPR,
- the disclosure according to Art. 6 Para. 1 S. 1 lit. f GDPR is permitted to protect our legitimate interests and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
- in the event that the transfer according to Art. 6 para. 1 sentence 1 lit. c GDPR is a legal obligation, as well
- this is legally permissible and according to Art. 6 Para. 1 S. 1 lit. b GDPR required for the processing of contractual relationships with you.
1. SSL / TLS encryption
This site uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content. You can recognize an encrypted connection by the fact that "https://" appears in the address line of the browser instead of "http://" and by the lock symbol in your browser line. We use this technology to protect your transmitted data.
2. Data collection when visiting the website
If you only use our website for information purposes, i.e. if you do not provide us with any other information, we only collect data that your browser transmits to our server (in so-called "server log files"). Every time you or an automated system calls up a page, our website collects a series of general data and information. This general data and information are stored in the server's log files. The following information can be recorded:
- browser types and versions used,
- the operating system used by the accessing system,
- the website from which an accessing system reaches our website (so-called referrer),
- the sub-websites that are accessed via an accessing system on our website,
- the date and time of access to the website,
- an internet protocol address (IP address),
- the internet service provider of the accessing system.
When using this general data and information, we do not draw any conclusions about you personally. Rather, this information is needed to
- deliver the content of our website correctly,
- to guarantee the permanent functionality of our IT systems and the technology of our website and
- to provide law enforcement agencies with the information necessary for law enforcement in the event of a cyber-attack.
This collected data and information is evaluated statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The data of the server log files are stored separately from all personal data provided by a data subject. In principle, deletion of the log files takes place after seven days at the latest.
The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. f GDPR. Our legitimate interest results from the data collection purposes listed above.
1. General information about cookies
Information is stored in the cookie, which results from the specific device used. However, this does not mean that we are immediately aware of your identity.
In addition, we also use temporary cookies, which are stored on your device for a specific period of time, to optimize user-friendliness. If you visit our site again to use our services, it is automatically recognized that you have already visited us and which entries and settings you have made so that you do not have to enter them again.
The data processed by cookies, which are required for the proper functioning of the website, are required to protect our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.
For all other cookies, you can use our opt-in cookie banner to give your consent within the meaning of Art. 6 Para. 1 lit. a GDPR by placing a cross.
We have integrated the Matomo component from the provider InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, on this website (Commission adequacy decision). Matomo is a software tool for web analysis, i.e. for collecting and evaluating data on the behavior of visitors to websites. The following data are recorded:
- the website from which a data subject came to our website (so-called referrer),
- the subpages that were accessed
- frequency and duration a subpage was viewed
- access time and location
- frequency of visits to our website
- IP-address (two bytes)
These data are used for web analysis, i.e. to optimize the website and for cost-benefit analysis of internet advertising. The software is operated on the server of the responsible party, the log files, which are subject to data protection law, are saved exclusively on this server.
For this purpose, Matomo places a cookie on your IT system. By setting the cookie, we are able to analyze the use of our website. Every time one of the individual pages of this website is called up, the internet browser on your IT system is automatically prompted by the Matomo component to transmit data to our server for the purpose of online analysis. As part of this technical process, we receive knowledge of personal data, such as the IP address of the relevant person’s computer, which among other things helps us to trace the origin of visitors and clicks.
We store this personal data which, in principle is deleted after 90 days.
You must first grant your consent allowing us to set cookies. This is done via our cookie banner. Furthermore, a cookie already set by Matomo can be deleted at any time via an internet browser or other software programs.
These processing operations take place only when express consent is given in accordance with Art. 6 Para. 1 lit. a GDPR. You can withdraw your consent at any time. Any processing of your data up to that point remains lawful.
Further information and a recital of Matomo's applicable data protection regulations can be found at https://matomo.org/privacy/.
IX. Contents of our website
1. Establishing contact / contact form
When contacting us (e.g. via contact form or e-mail), personal data is collected.
The following data is collected in the contact form:
- First name
- Telephone number
- E-mail address
- Country (used to assign the correct contact person.)
- Street (optional)
- ZIP code (optional)
- City (optional)
- State / region (optional)
- Customer number (optional)
- VAT ID no. (optional)
- Company (optional)
- Message text
This data is stored and used for the purpose of assigning and answering your request or for contacting you and the associated technical administration. The legal basis for processing the data is your consent in accordance with Art. 6 Para. 1 lit. a GDPR.
If the purpose of your contact is to conclude a contract or if your request contains an order, the legal basis in processing your data is Art. 6 Para. 1 lit. b GDPR. Furthermore, a legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR exists on the processing of your data. Your data will generally be deleted after your request has been processed, unless they are necessary for the performance of the contractual relationship. This is the case if it can be inferred from the circumstances that the matter concerned has been finally clarified and provided that there are no statutory archiving requirements. Longer storage in accordance with the statutory deadlines (e.g. HGB, AO) is required if you place an order using our contact form.
We use “Google reCAPTCHA” (“reCAPTCHA”) for the contact form. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
With reCAPTCHA we check whether the data entry in our contact form is done by a human or by an automated program. For this purpose, reCAPTCHA automatically analyzes your usage behavior based on various features as soon as you enter our website. ReCAPTCHA evaluates various information (e.g. your IP address, your time on the website or your mouse movements). The data collected in this process is forwarded to Google. The analyses by reCAPTCHA run completely in the background. You are not advised that an analysis is taking place. For this data processing, Art. 6 Para. 1 lit. f GDPR provides the necessary legal basis. Our legitimate interest is that we have to protect our online offerings against abusive automated spying and against SPAM.
When using the contact form, we also store the IP address assigned by your internet service provider (ISP) of the IT system you were using at the time of dispatch, as well as the date and time of dispatch. The collection of this data is necessary to protect us from the misuse of our contact form. The legal basis for this is our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR.
Because some of our products are very specific and there may be a need for advice on how to use them, or if there are any questions resulting from your message, we may also contact you by phone.
2. Job applications
We process the personal data of applicants for the purpose of handling the application process. Processing can also be done electronically. This is particularly the case if an applicant sends us the relevant application documents electronically, for example by e-mail.
If there is employment, we will include your documents from the application in the personnel file. The storage takes place according to the relevant legal regulations.
If there is no employment, the application documents are generally deleted after 6 months. For admission to our applicant pool, we will separately ask for your consent, in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR.
In this respect, data processing is based on our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR and in accordance with Art. 6 Para. 1 S. 1. lit. b) GDPR in conjunction with Section 26 BDSG.
X. Newsletter dispatch
1. Newsletter dispatch to existing customers
If you have provided us with your e-mail address when purchasing goods or services, we reserve the right to send you regular offers from our range of goods or services similar to those already purchased from you by e-mail. We do not have to obtain any separate consent from you for this in accordance with Section 7 (3) UWG. In this respect, data processing takes place solely on the basis of our legitimate interest in personalized direct advertising in accordance with Art. 6 Para. 1 lit. f GDPR. You can unsubscribe from the newsletter at any time. After receipt of your objection, the use of your e-mail address for advertising purposes will be stopped immediately.
In this context, we use the provider Sendinblue and monitor evaluations (opening rates, clicks, etc.) to measure the success of our newsletter in order to constantly improve. (See 2. advertising newsletter)
2. Advertising newsletter
Our website gives you the opportunity to subscribe to our company's newsletter. We process your e-mail address and the area of interest you have specified.
For legal reasons, a confirmation e-mail will be sent to the e-mail address you entered in a double opt-in procedure. This confirmation e-mail is used to check whether you, as the owner of the e-mail address, have authorized the receipt of the newsletter.
When registering for the newsletter, we also save the IP address assigned by your internet service provider (ISP) of the IT system you used at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to be able to understand the (possible) misuse of your e-mail address at a later point in time and therefore serves our legal protection. The legal basis for this is our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR.
In order to continuously improve, we evaluate how our newsletter is perceived. This is done using a tracking mechanism that shows us opening rates, clicks, etc. This enables us to see which content is well received by you and where we can make improvements. We use the sending and analysis support from Sendinblue GmbH, Köpenickerstraße 126, 10179 Berlin. You can find more information at: https://de.sendinblue.com/informationen-newsletter-empfaenger/.
The legal basis for data processing for the purpose of sending newsletters and evaluating them is Art. 6 Para. 1 lit. a GDPR, your consent.
XI. Our activities in social networks
So that we can also communicate with you on social networks and provide information about our services, we are represented there with our own pages. If you visit one of our social media pages, we are jointly responsible with the provider of the respective social media platform in terms of the processing operations triggered thereby, which relate to personal data, within the meaning of Art. 26 GDPR.
We are not the original provider of these pages, but only use them within the scope of the options offered by the respective provider.
As a precaution, we would like to point out that your data may also be processed outside the European Union or the European Economic Area. Use can therefore pose data protection risks for you, as protecting your rights e.g. for information, deletion, objection, etc. can be difficult and the processing in social networks is often carried out directly for advertising purposes or for analysis of user behavior by the provider, without this being influenced by us. If usage profiles are created by the provider, cookies are often used or the usage behavior is assigned directly to your own member profile of the social networks (if you are logged in).
The processing of personal data described is carried out in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest and the legitimate interest of the respective provider in order to communicate with you in a contemporary manner or to be able to inform you about our services. If you have to give the respective providers consent to data processing as a user, the legal basis relates to Art. 6 Para. 1 lit. a GDPR.
Since we have no access to the providers' data, we would like to point out that your rights (e.g. information, correction, deletion, etc.) are best applied directly to the respective provider. Here we have listed further information regarding the processing of your data by the social networks we use and describe the option to exercise your right of objection or revocation (so-called opt-out) at these respective providers:
We link to our social media presence at LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. Together with us, they are responsible for the processing of your data.
Our website contains solely a link and not a social media plug-in. Therefore, simply visiting our website does not result in the social media platform being informed of your visit. Once you click on their link, however, your data will be processed by the social media platform.
Opt-out and advertising settings:
LinkedIn joins the EU-U.S. Privacy Shield Agreement:
We run our own channel on YouTube to present our company and our products. YouTube is operated by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. With them we are jointly responsible. In this context, data may also be transmitted to Google LLC in the USA, which are subject to the EU-US Privacy Shield.
Opt-out and advertising settings:
Google joins the EU-U.S. Privacy Shield Agreement:
XII. Contact via another communication channel
Since we do not operate a web shop, we receive inquiries about our products and orders via various communication channels, such as e-mail, telephone, fax or contact form.
In this context, we process the data you provide us on the basis of Art. 6 Para. 1 S. 1 lit. b) GDPR in the pre-contractual phase and to process your order.
If your information gives us a need for advice, e.g. due to the complexity of the products, we will contact you.
XIII. Your rights as a ‘data subject’
1. Right to confirmation
You have the right to request confirmation from us as to whether your personal data is being processed.
2. Right to information Art. 15 GDPR
You have the right to receive free information from us at any time about the personal data stored about you and a copy of this data in accordance with the statutory provisions.
3. Right to rectification Art. 16 GDPR
You have the right to request the correction of incorrect personal data concerning you. You also have the right to request the completion of incomplete personal data, taking into account the purposes of the processing.
4. Deletion Art. 17 GDPR
You have the right to ask us to delete your personal data immediately if one of the reasons stipulated by law applies and if the processing or storage is not legally necessary.
5. Restriction of processing Art. 18 GDPR
You have the right to request that we restrict processing if one of the legal requirements is met.
6. Data portability Art. 20 GDPR
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, common and machine-readable format. You also have the right to transfer this data to another responsible party without hindrance from us, to whom the personal data has been forwarded, provided that the processing is based on consent in accordance with Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR or on a contract in accordance with Art. 6 Para. 1 lit. b GDPR and the processing is carried out using automated processes, unless the processing is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been transferred to us.
Furthermore, when exercising your right to data portability in accordance with Art. 20 Para. 1 GDPR, you have the right to have the personal data transferred directly from one responsible party to another responsible party, insofar as this is technically feasible and if the rights and freedoms of others are not compromised.
7. Objection Art. 21 GDPR
You have the right, for reasons that arise from your particular situation, to object at any time against the processing of your personal data, based on Art. 6 Para. 1 lit. e (data processing in the public interest) or f (data processing based on a balance of interests) GDPR.
This also applies to profiling based on these provisions within the meaning of Art. 4 No. 4 GDPR.
If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
In individual cases, we process personal data in order to operate direct mail. You can object to the processing of personal data for the purpose of such advertising at any time. This also applies to profiling insofar as it is connected to such direct advertising. If you object to processing for direct marketing purposes, we will no longer process the personal data for these purposes.
In addition, you have the right, for reasons that arise from your particular situation, to object to the processing of personal data relating to you, which we do for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 Para. 1 GDPR unless such processing is necessary to perform a task in the public interest.
You are free to exercise your right to object in connection with the use of information society services, regardless of Directive 2002/58 / EC, using automated procedures that use technical specifications.
8. Revocation of consent under data protection law
You have the right to revoke your consent to the processing of personal data at any time with future effect. Processing up to this point remains lawful.
9. Complaint to a supervisory authority
You have the right to complain to a data protection supervisory authority about our processing of personal data. The Bavarian State Office for Data Protection Supervision is responsible for us: Bayerisches Landesamt für Datenschutzaufsicht, Promenade 18, 91522 Ansbach, Phone: (+49) 981 180 093 0, firstname.lastname@example.org.
XIV. Routine storage, deletion and blocking of personal data
We process and store your personal data only for the period of time necessary to achieve the storage purpose or if this was provided for by the legal regulations to which our company is subject. If the storage purpose no longer applies or a prescribed storage period expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions..
XV. Duration of personal data storage
The criterion for the duration of the storage of personal data is the respective legal retention period. After the period has expired, the corresponding data will be routinely deleted, provided that it is no longer required to fulfill or initiate a contract.
XVI. Timeliness and update of the data protection declaration
This data protection declaration is currently valid and has the status: April 2020.
Due to the further development of our websites and offers or due to changes in legal or official requirements, it may become necessary to update this data protection declaration. You can access and print out the current data protection declaration at any time on the website at "https://www.minitube.com/data-protection-declaration”.