Privacy Policy
1. General notes and mandatory disclosures
Privacy Policy
Your data privacy matters. We will maintain confidentiality on your personal data in compliance with the statutory regulations as well as the terms set out in this Privacy Policy.
We collect and process personal data that you provide on web forms on our website or in other ways such as by e-mail. We also collect and process data when you use our website. We will process your personal data according to the provisions of the EU General Data Protection Regulation (GDPR) as well as the German Data Protection Act (BDSG) and Telecommunications and Telemedia Data Protection Act (TTDSG). The term “personal data” refers to any information relating to an identified or identifiable individual person. This Privacy Policy explains in detail how we collect which data and on which legal basis. We will also explain your rights and how long we will be keeping your personal data before expiration.
Note on the party responsible for handling your data, or “controller.”
The controller responsible for data processing on this website is as follows:
Mibau Stema Group GmbH
Datenschutzkoordinator
Gewerbestraße 3
21781 Cadenberge
Tel.: +49 4777 9339-31
E-mail: datenschutz@mibau-stema.com
A “controller” is an individual person or legal entity that determines, on its own or with others, the purposes and means applied in processing personal data such as names and e-mail addresses.
SSL and TLS encryption
This website transmits sensitive and personal information, such as when you send requests or orders to the website owner, using SSL and TLS encryption for security and protection. An encrypted connection is clearly marked as such by the address field in your browser showing a padlock icon and the prefix https:// instead of http:// in front of the URL.
No third party (“man in the middle”) will be able to read the data you send us once an SSL/TLS-encrypted connection has been enabled.
2. Data collection on our website
Server log files
This website’s provider collects and stores server log files that your browser automatically sends us. These include:
- Browser type and version
- Operating system
- Referrer URL
- Host name of the user’s computer
- Time of server request
- IP address
The data collected will not be combined with data from other sources.
GDPR Art. 6.1 (f) allows this form of data processing for the purposes of contract preparation, management, and fulfilment. The data will be deleted automatically within fourteen days.
Contact by e-mail or contact form
We will process data personal data you have provided by contacting us, such as by e-mail or using one of our contact forms, according to GDPR Art. 6.1 (b) for the purposes of contract preparation, management, and fulfilment of your request, or GDPR Art. 6.1 (f) to protect our own vested interests in responding to or fulfilling an enquiry you have sent us.
Cookies
This website uses cookies. Cookies do not pose any risk to your computer, nor do they contain any viruses, but serve to improve usability, efficiency, and security on our website. Cookies are small text files that your browser stores on your computer.
Click the cookie image in the lower right corner of our website for our cookie policy, which describes in detail how we use cookies on our website.
We also use a “session cookie” as necessary to display the correct language and error messages. The cookie is labelled “mibau-stema.de” for easy recognition and will be deleted automatically when you leave our website.
You may configure your browser to tell you when it is about to save a cookie, to allow this once for certain cases or to reject all cookies, or to delete all cookies automatically after closing the browser. Note that if you choose to disable cookies, you might not be able to use all the features on our website.
Cookies as needed for digital communications or providing certain features such as the shopping cart or language selected are stored according to GDPR Art. 6.1 (f) in conjunction with Section 25 para. 2 No. 2 of the Telecommunications and Telemedia Data Protection Act (TTDSG). The website owner has a vested interest in storing cookies to keep the service technologically smooth and optimised. Any other cookies stored, such as cookies for analysing your browsing behaviour, will be covered separately in this Privacy Policy.
Who receives your personal data; transmission to third countries
We commission contractors and vicarious agents such as hosting providers, agencies, IT companies, and the providers as named in Section 3 in this Privacy Policy to operate this website. These parties may have access to your personal data. Any contractors and vicarious agents charged with processing data on our behalf act strictly on our instructions with corresponding contractual obligations towards us. This also applies to contractors headquartered in third countries (countries outside the EU or EEA). The data protection standard as applies in the European Economic Area may not be guaranteed in third countries. We will ensure that any data transferred to third countries will follow the statutory provisions of GDPR Chapter V. This means that we will always follow current jurisprudence and applicable recommendations from authorities to ensure that your data will always be handled in compliance with protection standards equivalent to the GDPR.
3. Plugins and tools
YouTube
Our website uses YouTube, a Google service for playing videos. This feature displays videos from a Google server in an iFrame on the website. The “Extended data protection mode” option is enabled, which means that to the best of our knowledge, no personal user data on our website will be processed before a playing a video based on information we have from Google.
A connection to Google servers will however be established as soon as you start playing a YouTube video on our website, informing the Google server about the page you visited.
Google may also save various cookies on your device or use comparable recognition technologies such as device fingerprinting when you start a video. This allows Google to obtain information on users visiting this website. This information is used for collecting video statistics towards improving user-friendliness and preventing fraud, among other things.
Other data processing operations may also be triggered once you start playing a YouTube video; we have no control over this.
More detailed information on how Google collects and uses your information, your rights in this respect, and the options available to you for protecting your privacy is available in YouTube service’s the privacy policy at https://www.YouTube.com/t/privacy (external link to Google) .
We cannot rule out the possibility of your personal data being transmitted to Google servers located in the USA. Data protection standards in the US are less stringent than in the EU. In particular, this means that US authorities may access your personal data more easily, and that you only have limited rights to appeal against such activity. Enabling the YouTube video feature automatically entails your explicit consent to your data being transmitted to Google and servers in the USA as described above.
We embed YouTube videos on web pages in our website to provide you with relevant content directly without requiring you to leave our website. This allows us to improve our service and user experience for you, making it more interesting and attractive. This justifies our vested interest according to GDPR Art. 6.1 (f).
Once you have given your corresponding consent, your data will only be processed according to Section 25 Para. 1 of the Telecommunications and Telemedia Data Protection Act (TTDSG) in connection with GDPR Art. 6.1 (a) (consent) and Art. 49.1 (a) (consent to transfer your data to a third country). Activating the video function by clicking on it automatically entails consent. Your data will be transferred to Google as described above when you use this feature.
You may always revoke any consent you have given; however, this will not affect the legitimacy of any processing previously performed on the basis of consent you have given prior to revocation.
You may revoke this consent at any time by clicking on the image of the cookie in the lower right corner and disabling the option on YouTube.
More general information on data privacy at Google is available at
https://www.google.de/intl/de/policies/ (external link to Google) and
https://www.google.com/policies/privacy (external link to Google).
4. Your rights
Revoking your consent to personal data processing
Your consent is required to enable some of the cookies and plugins on this website. You may always withdraw any consent you have previously given. To do so, set the corresponding option by clicking the cookie shown below on the right.
Information, restriction, deletion
You may always request information without charge on your personal data that we have stored, its origin and recipient and purpose of processing, and have the data corrected, restricted, or erased within the scope of statutory provisions. If you have any questions about this or other topics concerning data privacy and protection, please do not hesitate to contact us the address given in the legal notices.
Right to object
GDPR Art. 21.1 allows you to object against your personal data being processed according to Art. 6.1 (e) and (f), including profiling, for reasons arising from your particular situation. We will satisfy your above rights as long as the statutory requirements for asserting these rights are met. GSDPR Art. 21.2 allows you to object your personal data being processed for direct advertising; this includes profiling as related to direct advertising.
Right to data portability
You have the right to have your personal data that we have automatically processed with your consent towards fulfilling a contract sent to you or any third party named by you in a common electronically readable format. We can only transmit your data to another data controller named by you as requested as long as it is technically feasible for us to do so.
Contact - right to objection
Address any requests you might have concerning your personal data to the contact details given at the beginning of this Privacy Policy or listed in the appendix as well as in the legal disclosures on our website. Every data subject also has the right to lodge a complaint with a supervisory authority for data protection on their personal data being processed by us.