3. General information and mandatory information
Data protection
The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle
your personal data as confidential information and in compliance with the statutory data protection regulations and
this Data Protection Declaration.
Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that
can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the
purposes we use this data for. It also explains how, and for which purpose the information is collected.
We herewith advise you that the transmission of data via the Internet (i.e., through e-mail communications) may be
prone to security gaps. It is not possible to completely protect data against third-party access.
Information about the responsible party (referred to as the "controller" in the GDPR)
The data processing controller on this website is:
MiMuX Software UG (haftungsbeschraenkt)
George-Marshall-Strasse 7
D-65197 Wiesbaden
Germany
The contact details can be found in the legal notice
The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to
the purposes of and resources for the processing of personal data (e.g., names, e-mail addresses, etc.).
Storage duration
Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with
us until the purpose for which it was collected no longer applies. If you assert a justified request for deletion or
revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons
for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the deletion will
take place after these reasons cease to apply.
General information on the legal basis for the data processing on this website
If you have consented to data processing, we process your personal data on the basis of Art. 6 (1) (a) GDPR or
Art. 9 (2) (a) GDPR, if special categories of data are processed according to Art. 9 (1) GDPR. In the case of explicit
consent to the transfer of personal data to third countries, the data processing is also based on Art. 49 (1) (a) GDPR.
If you have consented to the storage of cookies or to the access to information in your end device (e.g., via device
fingerprinting), the data processing is additionally based on § 25 (1) TTDSG. The consent can be revoked at any time.
If your data is required for the fulfillment of a contract or for the implementation of pre-contractual measures, we
process your data on the basis of Art. 6 (1) (b) GDPR. Furthermore, if your data is required for the fulfillment of a
legal obligation, we process it on the basis of Art. 6 (1) (c) GDPR. Furthermore, the data processing may be carried out
on the basis of our legitimate interest according to Art. 6 (1) (f) GDPR. Information on the relevant legal basis
in each individual case is provided in the following paragraphs of this privacy policy.
Information on the data transfer to third-party countries that are not secure under data protection law and the transfer to US companies that are not DPF-certified
We use, among other technologies, tools from companies located in third-party countries that are not safe under data
protection law, as well as US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). If
these tools are enabled, your personal data may be transferred to and processed in these countries. We would like you
to note that no level of data protection comparable to that in the EU can be guaranteed in third countries that are
insecure in terms of data protection law.
We would like to point out that the US, as a secure third-party country, generally has a level of data protection
comparable to that of the EU. Data transfer to the US is therefore permitted if the recipient is certified under
the "EU-US Data Privacy Framework" (DPF) or has appropriate additional assurances. Information on transfers to
third-party countries, including the data recipients, can be found in this Privacy Policy.
Recipients of personal data
In the scope of our business activities, we cooperate with various external parties. In some cases, this also requires
the transfer of personal data to these external parties. We only disclose personal data to external parties if this is
required as part of the fulfillment of a contract, if we are legally obligated to do so (e.g., disclosure of data to
tax authorities), if we have a legitimate interest in the disclosure pursuant to Art. 6 (1) (f) GDPR, or if another
legal basis permits the disclosure of this data. When using processors, we only disclose personal data of our
customers on the basis of a valid contract on data processing. In the case of joint processing, a joint processing
agreement is concluded.
Revocation of your consent to the processing of data
A wide range of data processing transactions are possible only subject to your express consent. You can also revoke at
any time any consent you have already given us. This shall be without prejudice to the lawfulness of any data
collection that occurred prior to your revocation.
Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)
IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6 (1) (E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME
OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES
TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS
BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR
AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING
OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING,
EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21 (1) GDPR).
IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE
PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO
PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL
SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21 (2) GDPR).
Right to log a complaint with the competent supervisory agency
In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in
particular in the member state where they usually maintain their domicile, place of work or at the place where the
alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court
proceedings available as legal recourses.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a
contract handed over to you or to a third party in a common, machine-readable format. If you should demand the
direct transfer of the data to another controller, this will be done only if it is technically feasible.
Information about, rectification and eradication of data
Within the scope of the applicable statutory provisions, you have the right to demand information about your
archived personal data, their source and recipients as well as the purpose of the processing of your data at any
time. You may also have a right to have your data rectified or eradicated. If you have questions about this subject
matter or any other questions about personal data, please do not hesitate to contact us at any time.
Right to demand processing restrictions
You have the right to demand the imposition of restrictions as far as the processing of your personal data is
concerned. To do so, you may contact us at any time. The right to demand restriction of processing applies in the
following cases:
-
In the event that you should dispute the correctness of your data archived by us, we will usually need some time to
verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict
the processing of your personal data.
-
If the processing of your personal data was / is conducted in an unlawful manner, you have the option to demand the
restriction of the processing of your data instead of demanding the eradication of this data.
-
If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you
have the right to demand the restriction of the processing of your personal data instead of its eradication.
-
If you have raised an objection pursuant to Art. 21 (1) GDPR, your rights and our rights will have to be weighed
against each other. As long as it has not been determined whose interests prevail, you have the right to demand a
restriction of the processing of your personal data.
If you have restricted the processing of your personal data, these data - with the exception of their archiving - may
be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights
of other natural persons or legal entities or for important public interest reasons cited by the European Union or a
member state of the EU.
SSL and / or TLS encryption
For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you
submit to us as the website operator, this website uses either an SSL or a TLS encryption program. You can recognize
an encrypted connection by checking whether the address line of the browser switches from "http://" to "https://" and
also by the appearance of the lock icon in the browser line.
If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
Encrypted payment transactions on this website
If you are under an obligation to share your payment information (e.g. account number if you give us the authority to
debit your bank account) with us after you have entered into a fee-based contract with us, this information is
required to process payments.
Payment transactions using common modes of paying (Visa / MasterCard, debit to your bank account) are processed
exclusively via encrypted SSL or TLS connections. You can recognize an encrypted connection by checking whether the
address line of the browser switches from "http://" to "https://" and also by the appearance of the lock icon
in the browser line.
If the communication with us is encrypted, third parties will not be able to read the payment information you share with us.
Rejection of unsolicited e-mails
We herewith object to the use of contact information published in conjunction with the mandatory information to be
provided in our Legal Notice to send us promotional and information material that we have not expressly requested. The
operators of this website and its pages reserve the express right to take legal action in the event of the unsolicited
sending of promotional information, for instance via SPAM messages.
