Data Protection Policy

MENTZ takes the protection of your personal information very seriously, and carefully observes all valid data protection laws and regulations, in particular, the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the German Telemedia Act (TMG). Below, we provide information about personal data processing while using our website. “Personal data” is any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person (such as name, address, or email address).

Controller and Data Protection Officer
Data Security
Collection and Processing of Personal Data for Informational Use
Use of Cookies
Collection and Processing of Personal Data for Initial Contact / Customer Login Registration
Data Recipients and Transfer to Third Countries
Your Rights
Changes to this Data Protection Policy
Our Use of reCAPTCHA
Controller and Data Protection Officer

The controller of our privacy policy as stated in the General Data Protection Regulation is MENTZ GmbH, Grillparzerstraße 18, 81675 Munich, Germany (

Our data protection officer can be contacted through or through our mailing address by including the words “Data Protection Officer”

Data Security

We constantly implement technical and administrative security measures to protect your data from inadvertent or intentional manipulation, loss, damage, or access by unauthorized persons. In order to protect your data during transfer while using our website, we use state-of-the-art encryption methods.

Collection and Processing of Personal Data for Informational Use

For informational use of our website (use that does not extend beyond accessing our website – you are not attempting to contact us or initiate any sort of information transfer) we collect information from cookies, and only the usage data that your browser automatically provides to enable you to visit our website. We collect and process the following data, which is technically required to display our website and to ensure its stability and security:

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Request content (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website where the request originated
  • Browser
  • Operating system and its interface
  • Language and browser version.

Our legitimate interest in data processing is in the purposes described above. The legal basis can be found in Art. 6 (1) GDPR.

We delete the data collected in this context when storage for the purposes listed above is no longer required, but not later than six weeks after the requirement is no longer present; or we limit the processing if there are legal storage obligations.

Use of Cookies

In addition to the data mentioned above, cookies are stored on your computer, smartphone, or other device when you use our website, but only if you have previously consented to that storage.

Cookies are small text files that are stored in the memory of the device you are using and assigned to the browser you are using; through them, certain information flows to the actor who sets the cookie (in this case, to us). The cookies we use do no damage to your device and contain no viruses. They serve to make our website more effective, secure, and user-friendly. Most cookies we use are so-called session cookies. They are deleted automatically at the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies enable us to recognize your browser when you next visit us.

The data contained in the cookies is separated from other data about you that is stored; it is explicitly not associated with such data.

You can configure your browser settings according to your preferences and refuse the storage of cookies. We would like to point out that if you do this, you will not be able to use all of our website’s functions.

We use cookies necessary for the electronic communication process or for providing certain functions you have requested (such as identifying you during subsequent visits if you have a customer login and wish to remain logged in). The legal basis for cookies that are technically essential is Art. 6, para. 1, page 1, (f) of the GDPR. We have a legitimate interest in storing cookies for flawless technical provision of our website.

The legal basis for the use of cookies that are not technically essential is your active consent.

Consent – “Essential”

We use the so-called Borlabs Cookie to store your consent to the processing of your personal data (in the form of the use of cookies) and the scope of that consent. When you first call up/enter our website, you will be asked to confirm a declaration to this effect. If you consent to storage of essential cookies by clicking the “save” button, the Borlabs Cookie is stored on your device.

Moreover, we use essential cookies for the optimized use of our website to check whether your browser accepts cookies (“wordpress_test_cookie”) or whether you are a logged-in user (“wporg_logged_in” or “wporg_sec”). If, upon log-in, you opted for “Stay logged in”, these cookies are stored for 14 days; otherwise, only they are stored for the duration of each visit. We also use a cookie (“wp-wpml_current_language”) to store the language you have chosen to have our website displayed in.

Consent – “External Media”

Displaying or playing the integrated external media on our website requires your consent to the storage of additional cookies. In the dialog concerning your consent to the processing of your personal data (in the form of the use of cookies) and the scope of that consent, enable the “External media” option and confirm by clicking the “save” button.

Revoking Your Consent

To revoke your consent, you can simply delete the cookie in question. Instructions for deleting cookies can be found here:

For Google Chrome

Für Microsoft Edge

For Mozilla Firefox

For Microsoft Internet Explorer

For Opera

For Apple Safari

If, after deleting the cookie, you call up or refresh our website, you will once again be asked for your consent to the processing of your personal data (in the form of the use of cookies) and the scope of that consent.

Collection and Processing of Personal Data for Initial Contact / Customer Login Registration

If personal data are shared (like your name, telephone number, or email address) using our contact form or a contact email, we process this data only for the purposes of fulfilling your request. When using our contact form, data can be voluntarily entered in specific fields to provide additional information about you that may allow us to process your request in a more targeted way. Fields required for initial contact are explicitly marked as such. The legal basis for this is laid out in art. 6, paragraph 1 page 1 (a), (b), and (f) of the GDPR. After responding to your request, all data related to it will be automatically deleted.

If a customer login is requested, we process the data related to that login to set up a user account (plus access data) and to provide that account. The legal basis for this is Art. 6 paragraph 1, page 1 (b) of the GDPR. If your customer account is no longer required, we will delete the data within two weeks of having received notice. Otherwise, the data are deleted when a customer account has not been used for more than 12 months; we inform of automatic deletion in advance.

Data Recipients and Transfer to Third Countries

Your data is not regularly provided to third parties, except to service providers that we have tasked with data processing within the scope of the data protection policy, for provision of the website’s technical infrastructure, for maintenance of website content, and, if contacted, for the provision of our email system. Your data may be transferred during email communication, including to the U.S. (so-called third country). This third country may provide lower levels of data protection than that provided within the EU. To ensure sufficient levels of data protection, we have a running contract with one of our service providers based on standard data protection provisions. Moreover, the service providers in question are currently certified under the EU-US Privacy Shield. On request, we can send you a copy of the guarantees relevant to the processing of your data that are described in this paragraph.

Your Rights

You are afforded various rights according to the GPDR, most of which can be found in art. 15 to 18, 20, and 21:

  • Right to access: You can request access to the personal data we process according to Art. 15 GDPR. In your access request, you should specify exactly what you want in order to facilitate or compilation of the necessary data. Note that, under certain conditions, your right of access may be restricted by legal regulations (especially by § 34 BDSG).
  • Right to rectification: If information about you is incorrect or no longer correct, you can request rectification according to Art. 16 GDPR. If your data is incomplete, you can request completion according Art. 16 GDPR.
  • Right to erasure: Under the conditions of Art. 17 GDPR, you can request the erasure of your personal data. However, your request for erasure depends on such matters as whether we still need the data concerning you to fulfill our legal obligations.
  • Right to restriction of processing: Within the framework of the requirements of Art. 18 GDPR, you have the right to request restriction of processing of data concerning you.
  • Right to object: According to Art. 21 GDPR, you have the right to object to the processing of data concerning you for reasons arising from your peculiar situation. We may not be able to comply with the request, however (in cases in which legal requirements demand that we process the data).
  • Right to data portability: According to Art. 20 GDPR, you have the right to receive the personal data you have provided us in a structured, commonly used, and machine-readable format; further, you have the right to transfer the data to another controller without hindrance if the processing is based on your consent or on a contract between you and us, and the data processing is automated. In some cases, you also have the right to have the data transferred directly from us to another controller if doing so is technically feasible.
  • Revoking consent: If you have granted consent to the use of data, you can revoke that consent at any time with effect for the future. To revoke your consent to storage of cookies, you can simply delete the cookie in question. If, after deleting the cookie, you call up or refresh our website, you will once again be asked for your consent to the processing of your personal data (in the form of the use of cookies) and the scope of that consent.

If you wish to assert any of the rights described above or have questions about data protection, contact our data protection officer using the contact information indicated above.

In any case, you have the right to lodge a complaint with the responsible supervisory authority. A list of supervisory authorities (for the private sector) with addresses can be found on the website of the German Federal Commissioner for Data Protection and Freedom of Information (BfDI).

Changes to this Data Protection Policy

We reserve the right to modify this data protection policy to address changes in legal requirements or other changes to our website.

Our Use of reCAPTCHA

Google reCAPTCHA

We use “Google reCAPTCHA” (in what follows “reCAPTCHA”) on this website. Our provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to check whether data on this website (like in a contact form) is entered by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of website visitors based on various characteristics. This analysis begins automatically as soon as website visitors access the website. reCAPTCHA evaluates various information (like IP address, time spent on the website, or mouse movements) for analysis. The data collected as part of this analysis is forwarded to Google.

The reCAPTCHA analyses run entirely in the background. Website visitors are not notified that an analysis is occurring.

The storage and analysis of data is based on Art. 6, para. 1, (f) of the DSGVO. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and from SPAM.

Additional information about Google reCAPTCHA can be found in the Google Privacy Policy and the Google Terms of Service using the following links: , and