MENTZ takes the protection of personal information very seriously. We strictly adhere to all applicable laws and regulations on data protection, in particular the General Data Protection Regulation (GDPR), the Federal Data Protection Act (German: Bundesdatenschutzgesetz) and the Telemedia Act (German: Telemediengesetz). In what follows, we detail our data policy concerning the processing of personal data when using our website. “Personal Data” are any and all information that refer to an identified or identifiable natural person; an identifiable natural person is someone who can be identified, directly or indirectly, using a reference like a name, an ID, location data, an online name or to one or more characteristics specific to that person’s physical, physiological, genetic, emotional, economic, cultural, or social identity (like name, address, email address).
Responsibility for adhering to the General Data Protection Regulation (GDPR) lies with MENTZ GmbH, Grillparzerstraße 18, 81675 Munich (firstname.lastname@example.org). Inquiries can be sent to our data protection officer at email@example.com or to our postal address with the words “Data Protection Officer.”
We use technical and organizational precautions to protect the data we process to prevent accidental or intentional manipulation, loss, or destruction, and to protect against unauthorized access. We also employ state-of-the-art encryption to ensure data privacy while using our website.
In cases when our website is used for information only, meaning that the website was merely accessed or a user did not transmit any information through a contact page, we only collect – in addition to information from cookies – usage data that your internet browser automatically transmits to enable a visit to the website. We do collect and process the following data, which is technically required to display the website and ensure its stability and security:
- IP address
- Time and date of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Request content (concrete page)
- Access status/HTTP status code
- Amount of data transferred
- Website from which the request came
- Operating system and its interface
- Language and version of the browser software.
Our interest in data processing is in the purposes described above. The legal basis is for this can be found in Art. 6 Paragraph 1 of the GDPR.
We delete data that accrue in this context after their storage is no longer required for the above purposes, but no later than six weeks after they are no longer required, or when they restrict processing, if legal storage requirements apply.
In addition to the data mentioned above, cookies are stored on your computer, smartphone, or other device when you use our website, but only if previous consent was given.
Cookies are small text files that are stored in the memory of the device you are using. Cookies are assigned to your browser and are set by an entity (in this case, us) to enable specific information to be received. The cookies we use do not cause any damage to your device and do not contain viruses. They help make our website more user-friendly, effective, and secure. Most of the cookies we use are so-called “session cookies,” which are automatically deleted after the end of a visit. Other cookies may remain stored on your device until you actively delete them. These cookies allow us to quickly recognize your browser on your next visit.
Cookie data are stored separately from other existing data about you and are not linked to personal data.
Your browser settings can be configured according to specific preferences. You can also refuse cookie storage, but this may affect functionality on our website.
Consent – “Essential”
In addition, we use essential cookies for optimized use of our website to check if your browser accepts cookies (“wordpress_test_cookie”) or if you are a logged in WordPress.org-user (“wporg_logged_in” or “wporg_sec”). If “stay logged in” was selected when logging in, it is active for 14 days. Otherwise, log in only lasts for the duration of the respective session. We also store the language for display of our website using a cookie (“wp-wpml_current_language”).
Consent – “External Media”
In order to revoke consent, simply clear the relevant cookies. Find out how to clear cookies using the following links:
For Google Chrome
For Microsoft Edge
For Mozilla Firefox
For Microsoft Internet Explorer
For Apple Safari
If specific personal data (like your name, telephone number, or email address) are provided via our contact form or by e-mail, we use this data solely for the purpose of processing your inquiry. When using our contact form, specific fields can be utilized to voluntarily provide additional information which allows your request to be processed in a more targeted manner. Fields required for contact are explicitly marked. The legal basis for the above is Art. 6 Paragraph 1 of the GDPR. After a request has been processed, all data relating to the request is automatically deleted.
If a customer login is requested, we process your data to create and provide a user account (including access data). The legal basis for this is Art. 6 Paragraph 1 of the GDPR. If informed that a customer account is no longer required, we delete the data for this purpose within two weeks of having received notification. Otherwise, we delete the data if a customer account has not been used for more than 12 months. We provide advanced notice of automatic deletion of customer accounts.
In most cases, your data is not passed on to third parties. However, this policy does not apply to service providers that have been employed to process data within the scope of this data policy, in particular to provide the website’s technical infrastructure, to maintain the website’s content, and to provide an e-mail system if contact was made. Your data may also be transferred to the USA (a so-called “third country”) in connection with e-mail communication. In this or any other third country, a lower level of data privacy may exist than in the EU. To ensure a sufficient level of data privacy, we have a contract with one of our service providers which is based on standard data privacy clauses. In addition, our service providers are currently certified under the EU-US Privacy Shield. Upon request, we can provide you with a copy of the guarantees that apply to the processing of your data as described in this section.
According to the GDPR, you are afforded rights that arise from Art. 15 to 18, 20, 21:
- Right to Access: You can request information in accordance with Art. 15 of the GDPR about your personal data. In your request, please be very specific to best enable us to compile the necessary data. Please also note that your right to access information may be restricted under certain circumstances in accordance with legal requirements (in particular Section 34 FDPA).
- Right to Rectification: If personal data is not (or no longer) accurate, you can request a correction in accordance with Art. 16 of the GDPR. If your data is incomplete, you may request completion in accordance with Art. 16 of the GDPR.
- Right to Erasure: You can request the erasure of your personal data under the conditions of Art. 17 of the GDPR. However, your right to erasure depends on whether your personal data is still required to fulfill our legal obligations.
- Right to Restriction of Processing: You have the right to request a restriction of the processing of your personal data within the scope of specifications contained in Art. 18 of the GDPR.
- Right to Object: According to Art. 21 of the GDPR you have the right to object to the processing of your personal data at any time on grounds related to your particular situation. However, we cannot always comply with this right if legal regulations oblige us to process your personal data.
- Right to Data Portability: In accordance with Art. 20 of the GDPR, you have the right to receive personal data provided to us in a structured, commonly used, and machine-readable format, and you have the right to transfer this personal data to another responsible entity without impairment, provided that additional data processing is with your consent or based on a contract between you and us and the processing was done with the help of automation. You also have the right to have your personal data transferred directly from us to another responsible entity, if it is technically feasible.
- Revoke of Consent: If you have given consent to data use, you can revoke your consent at any time with future effect. To revoke your consent to cookie storage, simply delete the respective cookie. If you access or reload our website after deleting this cookie, you will be asked again whether or to what extent you wish to consent to the processing of your personal data (using cookies).
If you wish to exercise the rights described above or have any questions regarding our data policy, please contact the MENTZ data protection officer using the contact information provided above.
In any case, you have the right to lodge a formal complaint with a supervisory authority. A list of supervisory authorities (for the non-public sector) with address can be found on pages of the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
We reserve the right to make future changes to this policy statement to comply with any changed legal requirements or to take changes to our website into account.
We use “Google reCAPTCHA” (in what follows “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
reCAPTCHA is used to check whether data entry on the website (in a contact form) was performed by a human or an automated program. reCAPTCHA analyzes the behavior of website visitors using various attributes. This analysis begins automatically when the website is first accessed. For this analysis, reCAPTCHA evaluates different information (like IP address, dwell time on the website, or user mouse movements). The data collected during this analysis is forwarded to Google.
The reCAPTCHA analyses run entirely in the background. Website visitors are not informed that analysis is occurring.
Data storage and analysis occurs on the basis of Art. 6 Paragraph 1 of the GDPR. The website provider has legal interest to protect its web offerings from abusive automated spying and from SPAM.
Additional information regarding Google reCAPTCHA can be found in the Google Private Policy and the Google Terms of Service using the following links:
https://policies.google.com/privacy?hl=en , https://policies.google.com/terms?hl=en and https://developers.google.com/recaptcha/