Data Protection Policy
MENTZ takes the protection of your personal information very seriously, and carefully observes all valid data protection laws and regulations, in particular, the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the German Telemedia Act (TMG). Below, we provide information about personal data processing while using our website. “Personal data” is any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person (such as name, address, or email address).
Our data protection officer can be contacted through firstname.lastname@example.org or through our mailing address by including the words “Data Protection Officer”
We constantly implement technical and administrative security measures to protect your data from inadvertent or intentional manipulation, loss, damage, or access by unauthorized persons. In order to protect your data during transfer while using our website, we use state-of-the-art encryption methods.
For informational use of our website (use that does not extend beyond accessing our website – you are not attempting to contact us or initiate any sort of information transfer) we collect information from cookies, and only the usage data that your browser automatically provides to enable you to visit our website. We collect and process the following data, which is technically required to display our website and to ensure its stability and security:
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Request content (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website where the request originated
- Operating system and its interface
- Language and browser version.
Our legitimate interest in data processing is in the purposes described above. The legal basis can be found in Art. 6 (1) GDPR.
We delete the data collected in this context when storage for the purposes listed above is no longer required, but not later than six weeks after the requirement is no longer present; or we limit the processing if there are legal storage obligations.
In addition to the data mentioned above, cookies are stored on your computer, smartphone, or other device when you use our website, but only if you have previously consented to that storage.
Cookies are small text files that are stored in the memory of the device you are using and assigned to the browser you are using; through them, certain information flows to the actor who sets the cookie (in this case, to us). The cookies we use do no damage to your device and contain no viruses. They serve to make our website more effective, secure, and user-friendly. Most cookies we use are so-called session cookies. They are deleted automatically at the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies enable us to recognize your browser when you next visit us.
The data contained in the cookies is separated from other data about you that is stored; it is explicitly not associated with such data.
You can configure your browser settings according to your preferences and refuse the storage of cookies. We would like to point out that if you do this, you will not be able to use all of our website’s functions.
Consent – “Essential”
Moreover, we use essential cookies for the optimized use of our website to check whether your browser accepts cookies (“wordpress_test_cookie”) or whether you are a logged-in WordPress.org user (“wporg_logged_in” or “wporg_sec”). If, upon log-in, you opted for “Stay logged in”, these cookies are stored for 14 days; otherwise, only they are stored for the duration of each visit. We also use a cookie (“wp-wpml_current_language”) to store the language you have chosen to have our website displayed in.
Consent – “External Media”
Revoking Your Consent
To revoke your consent, you can simply delete the cookie in question. Instructions for deleting cookies can be found here:
For Google Chrome https://support.google.com/accounts/answer/32050?
Für Microsoft Edge
For Mozilla Firefox
For Microsoft Internet Explorer
For Apple Safari
If personal data are shared (like your name, telephone number, or email address) using our contact form or a contact email, we process this data only for the purposes of fulfilling your request. When using our contact form, data can be voluntarily entered in specific fields to provide additional information about you that may allow us to process your request in a more targeted way. Fields required for initial contact are explicitly marked as such. The legal basis for this is laid out in art. 6, paragraph 1 page 1 (a), (b), and (f) of the GDPR. After responding to your request, all data related to it will be automatically deleted.
If a customer login is requested, we process the data related to that login to set up a user account (plus access data) and to provide that account. The legal basis for this is Art. 6 paragraph 1, page 1 (b) of the GDPR. If your customer account is no longer required, we will delete the data within two weeks of having received notice. Otherwise, the data are deleted when a customer account has not been used for more than 12 months; we inform of automatic deletion in advance.
Your data is not regularly provided to third parties, except to service providers that we have tasked with data processing within the scope of the data protection policy, for provision of the website’s technical infrastructure, for maintenance of website content, and, if contacted, for the provision of our email system. Your data may be transferred during email communication, including to the U.S. (so-called third country). This third country may provide lower levels of data protection than that provided within the EU. To ensure sufficient levels of data protection, we have a running contract with one of our service providers based on standard data protection provisions. Moreover, the service providers in question are currently certified under the EU-US Privacy Shield. On request, we can send you a copy of the guarantees relevant to the processing of your data that are described in this paragraph.
You are afforded various rights according to the GPDR, most of which can be found in art. 15 to 18, 20, and 21:
- Right to access: You can request access to the personal data we process according to Art. 15 GDPR. In your access request, you should specify exactly what you want in order to facilitate or compilation of the necessary data. Note that, under certain conditions, your right of access may be restricted by legal regulations (especially by § 34 BDSG).
- Right to rectification: If information about you is incorrect or no longer correct, you can request rectification according to Art. 16 GDPR. If your data is incomplete, you can request completion according Art. 16 GDPR.
- Right to erasure: Under the conditions of Art. 17 GDPR, you can request the erasure of your personal data. However, your request for erasure depends on such matters as whether we still need the data concerning you to fulfill our legal obligations.
- Right to restriction of processing: Within the framework of the requirements of Art. 18 GDPR, you have the right to request restriction of processing of data concerning you.
- Right to object: According to Art. 21 GDPR, you have the right to object to the processing of data concerning you for reasons arising from your peculiar situation. We may not be able to comply with the request, however (in cases in which legal requirements demand that we process the data).
- Right to data portability: According to Art. 20 GDPR, you have the right to receive the personal data you have provided us in a structured, commonly used, and machine-readable format; further, you have the right to transfer the data to another controller without hindrance if the processing is based on your consent or on a contract between you and us, and the data processing is automated. In some cases, you also have the right to have the data transferred directly from us to another controller if doing so is technically feasible.
If you wish to assert any of the rights described above or have questions about data protection, contact our data protection officer using the contact information indicated above.
In any case, you have the right to lodge a complaint with the responsible supervisory authority. A list of supervisory authorities (for the private sector) with addresses can be found on the website of the German Federal Commissioner for Data Protection and Freedom of Information (BfDI).
We reserve the right to modify this data protection policy to address changes in legal requirements or other changes to our website.
We use “Google reCAPTCHA” (in what follows “reCAPTCHA”) on this website. Our provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to check whether data on this website (like in a contact form) is entered by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of website visitors based on various characteristics. This analysis begins automatically as soon as website visitors access the website. reCAPTCHA evaluates various information (like IP address, time spent on the website, or mouse movements) for analysis. The data collected as part of this analysis is forwarded to Google.
The reCAPTCHA analyses run entirely in the background. Website visitors are not notified that an analysis is occurring.
The storage and analysis of data is based on Art. 6, para. 1, (f) of the DSGVO. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and from SPAM.
https://policies.google.com/privacy?hl=en , https://policies.google.com/terms?hl=en and https://developers.google.com/recaptcha/