Data protection declaration
MENTZ takes the protection of your personal information very seriously, and carefully observes all valid data protection laws and regulations, especially the General Data Protection Regulation (GDPR), and German Federal Data Protection Act (BDSG), and the German Telemedia Act (TMG). Below, we provide information about personal data processing during use of our website. “Personal data” is any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person (such as name, address, or e-mail address).
The controller within the meaning of the General Data Protection Regulation is MENTZ GmbH, Grillparzerstraße 18, 81675 Munich, Germany (firstname.lastname@example.org).
Our data protection officer can be reached at email@example.com or at our mailing address with the addendum “The data protection officer”
We implement technical and administrative security measures to protect your data that we process against inadvertent or intentional manipulation, loss, or destruction or access by unauthorized persons. To protect your data when they are transferred as part of your use of our website, we use state-of-the-art encryption procedures.
For informational use of our website (that is, when your use does not extend beyond simply calling up our website – you do not contact us or initiate any sort of information transfer) we collect, besides the information from cookies, only the usage data that your browser automatically provides to enable you to visit our website. We collect and process the following data, which is technically necessary for us to display our website to you and to ensure its stability and security:
- IP address
- Date and time of the query
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request comes
- Operating system and its interface
- Browser software language and version.
Our legitimate interest in data processing is in the purposes described above. The legal basis is Art. 6 (1) GDPR.
We delete the data collected in this context when storage for the purposes listed above is no longer required, but not later than six weeks after the requirement is no longer present; or we limit the processing if there are legal storage obligations.
In addition to the data mentioned above, cookies are stored on your computer, smartphone, or other device when you use our website, but only if you have previously consented to that storage.
Cookies are small text files that are stored in the memory of the device you are using and assigned to the browser you are using; through them, certain information flows to the actor who sets the cookie (in this case, to us). The cookies we use do no damage to your device and contain no viruses. They serve to make our website more effective, secure, and user-friendly. Most cookies we use are so-called session cookies. They are deleted automatically at the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies enable us to recognize your browser when you next visit us.
The data contained in the cookies is separated from other data about you that is stored; it is explicitly not associated with such data.
You can configure your browser settings according to your preferences and refuse the storage of cookies. We would like to point out that if you do this, you will not be able to use all of our website’s functions.
Consent – “essential”
Moreover, we use essential cookies for the optimized use of our website to check whether your browser accepts cookies (“wordpress_test_cookie”) or whether you are a logged-in WordPress.org user (“wporg_logged_in” or “wporg_sec”). If, upon log-in, you opted for “Stay logged in”, these cookies are stored for 14 days; otherwise, only they are stored for the duration of each visit. We also use a cookie (“wp-wpml_current_language”) to store the language you have chosen to have our website displayed in.
Consent – “external media”
Revoking your consent
To revoke your consent, you can simply delete the cookie in question. Instructions for deleting cookies can be found here:
For Google https://support.google.com/accounts/answer/32050?
For Microsoft Edge
For Mozilla Firefox
For Microsoft Internet Explorer
For Apple Safari
If you share certain personal data (such as your name, telephone number, or e-mail address) via our contact form or a contact e-mail, we will process that data only for the purposes of transacting your query. When you use our contact form, you can fill in certain fields to voluntarily provide us with additional information about you that may allow us to process your query in a more targeted manner. The fields required for initial contact are explicitly marked as such. The legal basis is Art. 6 (1) Sentence 1 Letters (a), (b), and (f) GDPR. After we have dealt with your query, all data related to it will be deleted automatically.
If you request a customer login, we will process the data related to that login for the purpose of setting up a user account (with access data) and providing that account. The legal basis for this is Art. 6 (1) Sentence 1, Letter (b) GDPR. If you tell us that you no longer require your customer account, we will delete this data within two weeks of receiving that notice. Otherwise, we delete the data when you have failed to use your customer account for more than 12 months; we will inform you of automatic erasure in advance.
Your data is not regularly provided to third parties, with the exception of service providers that we have tasked with data processing within the scope of this data protection declaration, and especially with the provision of the website’s technical infrastructure, upkeep of website content, and, if you contact us, the provision of our e-mail system. Your data may be transferred during any e-mail communication, including to the U.S. (so-called third country). This third country may have a lower level of protection for your data than that provided within the EU. To ensure a sufficient level of protection, we have concluded a contract with one of our service providers based on standard data protection provisions. Moreover, the service providers in question are currently certified under the EU-US Privacy Shield. Upon request, for which you can use the contact information provided above, we will send you a copy of the guarantees relevant to the processing of your data that are described in this paragraph.
According to the GDPR, you have various rights, especially those arising from Articles 15-18, 20, and 21:
- Right to access: You can request access to the personal data we process according to Art. 15 GDPR. In your access request, you should specify exactly what you want in order to facilitate or compilation of the necessary data. Note that, under certain conditions, your right of access may be restricted by legal regulations (especially by § 34 BDSG).
- Right to rectification: If information about you is incorrect or no longer correct, you can request rectification according to Art. 16 GDPR. If your data is incomplete, you can request completion according Art. 16 GDPR.
- Right to erasure: Under the conditions of Art. 17 GDPR, you can request the erasure of your personal data. However, your request for erasure depends on such matters as whether we still need the data concerning you to fulfill our legal obligations.
- Right to restriction of processing: Within the framework of the requirements of Art. 18 GDPR, you have the right to request restriction of processing of data concerning you.
- Right to object: According to Art. 21 GDPR, you have the right to object to the processing of data concerning you for reasons arising from your peculiar situation. We may not be able to comply with the request, however (in cases in which legal requirements demand that we process the data).
- Right to data portability: According to Art. 20 GDPR, you have the right to receive the personal data you have provided us in a structured, commonly used, and machine-readable format; further, you have the right to transfer the data to another controller without hindrance if the processing is based on your consent or on a contract between you and us, and the data processing is automated. In some cases, you also have the right to have the data transferred directly from us to another controller if doing so is technically feasible.
If you wish to assert the rights described above or have questions about data protection, contact our data protection officer using the contact information indicated above.
In any case, you have the right to lodge a complaint with the responsible supervisory authority. A list of supervisory authorities (for the private sector) with addresses can be found on the website of the German Federal Commissioner for Data Protection and Freedom of Information (BfDI)..
We reserve the right to adjust this data protection declaration to any changes in legal requirements or modifications to our website.