Privacy Notice
Information concerning the processing of your data in accordance with Art. 13 of the European General Data Protection Regulation (GDPR).
1 General and Mandatory Information
1.1 Content and Definitions
This Privacy Notice (“the Privacy Notice”) describes how and why we collect, store and use personal data and provides information on the data subjects’ rights.
In this Privacy Notice, we will use the following terms:
“We”, “us” and “our” (and similar terms) mean Miller Anlagen GmbH (also referred to as “MIA” or “the Controller”);
“Personal Data” means any information relating to an identified or identifiable natural person;
“You” and similar terms mean our customers, any persons connected with them, prospective customers, suppliers and visitors to our website, https://www.miller-anlagen.de.
Any reference herein to provisions of the law is a reference to the European Data Protection Regulation (GDPR).
When you use this website, certain personal data will be processed. Personal data are data that can be used to identify you personally. This notice concerning the processing of your personal data (in the following, “the Data Protection Declaration”) describes which data we process. It also explains how and for which purpose such processing occurs. Lastly, this Data Protection Notice sets out the legal basis for such processing.
1.2 Controller
The controller responsible for the processing of personal data on this website is:
Miller Anlagen GmbH
Louisenstr. 145
D–61348 Bad Homburg
Telephone: +49 6172 4863 0
E-mail: datenschutz@miller-anlagen.de
If you have any questions concerning our processing of personal data or the exercise of your rights, please do not hesitate to contact us or our Data Protection Officer (see Sec. 4).
2 Types and Purposes of Processing and Legal Basis
2.1 Website
2.1.1 Server Log Files
We use so-called server log files to automatically collect and store information which your browser routinely transmits to us. These are the following:
• type and version of browser
• operating system used
• referrer URL
• hostname of the computer accessing the site
• time of server request
• IP address
This data will usually be deleted after 7 days. Where there is reason to suspect that a security-related incident has occurred, the relevant data will be retained until the incident has been fully resolved, and will be forwarded to the competent authorities. These data will not be merged with any other data sources except in order to resolve such security-related issues.
This type of processing is based on our legitimate interest in the public presentation of our company (Article 6(1)(f) of the GDPR) as well as our legal obligation to protect visitors to our website from potential security threats on the site (Article 6(1)(c) of the GDPR).
2.1.2 Cookies
We store so-called "cookies" in order to offer you a comprehensive range of functions and to make the use of our websites more convenient and interesting. "Cookies" are small text files that are stored on your end device with the help of your internet browser. In some cases, similar technologies such as "tags" are also used, however these are equivalent to cookies in terms of the processing of personal data and we therefore combine them here under cookies. We differentiate between cookies in the categories "Essential" and "Functional" and describe these categories in more detail below.
When you visit our website for the first time or have deleted your cookies, we offer you a selection menu. You can use this selection menu to view descriptions of the individual cookies and select which cookies you will allow. You can also call up this selection menu at any time later; you will find it in the footer of every page under "Cookie settings".
a) Essential cookies
Essential cookies are cookies without which our website would not function properly. These cookies save settings such as language selection and enable the shop system to function, for example. For this reason, the cookie selection menu cannot offer you the option of deselecting essential cookies - because we would have to set a cookie on your browser for this setting alone. If you do not wish the use of essential cookies, you can prevent the storage of cookies altogether by making the appropriate settings in your Internet browser. Please note that this will limit the functionality and scope of our website.
As a rule, our essential cookies are deleted either at the end of your visit or when you close your browser (session cookies). If this is not the case (e.g. for cookie selection settings and consent management), you can delete the cookies in your browser yourself.
We process essential cookies either at your request in preparation for a contract (e.g. for settings, logins or the shopping basket), or to fulfil a contract with you (e.g. processing the order); the legal basis is Art. 6 (1) b) GDPR.
b) Functional cookies
Functional describes a second category of cookies that we do not necessarily need for the actual operation of the website, but which enable us, for example, to analyse the use of the website in order to measure and improve performance.
2.1.3 Usage data
This website uses Matomo (https://www.matomo.org), an open source analysis tool. When content from our website is accessed, the following data is stored:
• the first two octets of the IP address (e.g. 192.168.) of the accessing end device
• the identifier of the content accessed
• the website from which the user accessed the accessed content (referrer)
• the subpages that are accessed from the accessed website
• the time spent on the website
• the frequency with which the website is accessed
The software runs exclusively on our web servers. This data is only stored there. The data is not passed on to third parties. The software is configured so that IP addresses are not stored in full, but the last two octets of the IP address are omitted (e.g. 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the calling computer.
We use the information generated by Matomo exclusively to analyse the use of the website and to better understand potential improvements.
We use this data on the basis of our legitimate interest in measuring the reach of our website and improving our website (Art. 6 (1) f) GDPR).
You have the option of preventing the actions you take here from being analysed and linked. This will protect your privacy, but will also prevent the owner from learning from your actions and improving usability for you and other users.
☑ Your visit to this website is currently being analysed by Matomo Web Analytics. Uncheck this box to opt-out.
2.1.4 SSL and TLS Encryption
This website uses SSL or TSL encryption for security reasons and in order to protect the transmission of confidential data such as, for example, orders or enquiries that you direct to us as the site operators. You can identify an encrypted connection by the presence of the text “https://” instead of “http://” in your browser address bar and a padlock icon next to it.
When SSL or TLS encryption is active, data that you transmit to us can not be easily read by third parties.
2.1.5 Hosting
This website is hosted by an external web hosting service provider on our behalf and according to our specifications. The personal data collected on this website is stored on the service provider’s servers in Germany.
2.1.6 Google Web Fonts (Local Hosting)
This site uses so-called web fonts provided by Google for the uniform display of fonts. These Google fonts are installed locally on our respectively our web hosting service provider’s servers. This means that no connection to Google’s servers is established when you access our website. You can find additional information on Google Web Fonts here: https://developers.google.com/fonts/faq.
2.2 Initiation and Performance of Contracts
2.2.1 Contract Data
When contemplating new contracts or performing existing ones, we process the following personal data for the following purposes:
Business contacts: Name, User name, hash value of a password, e-mail address, profile picture (optional), group (optional) , language , and , when ordering, additionally company, VAT ID, delivery address telephone number,. We use this data to communicate with you in connection with a contract. We will store business contact information for as long as this is required to achieve the objectives named above (i.e. for the duration of the business relationship but no shorter than the legal retention period of six years for business correspondence). When you demand that we delete your business contact data, we will comply with this request to the extent this is legally permitted, i.e. we will delete your business contact data unless we are obliged by law to retain them.
Customers or persons connected with customers: We would ask the data subjects to only state those personal data that are required for us to perform our services. We will let you know in each case which personal data we require. Usually, we collect personal data from our customers and from third parties acting on behalf of your customers. We use this data for the following purposes:
Creating a new contract: As required by law, we undertake certain background checks when we create a new contract (anti-money laundering checks, sanctions lists) in order to identify obstacles to cooperation in good time and avoid potential risks to our reputation.
• Financing contracts(incl. short-term rental and receivables purchase agreements), maintenance contracts and supply agreements: We process personal data in a manner we deem to be reasonably required in order to properly perform our services, for instance when we engage a service provider or supplier following consultation with you.
• Accounting: We use your personal data to agree on payment terms and to invoice and collect our remuneration and expenses, where applicable.
• Customer relationship management: Providing information regarding our services; organizing and holding events; determining how we can improve our services.
Our general storage period for contract data is the duration of the contract plus three years (standard limitation period); however, our storage period for business records is ten years including for contracts of a shorter duration, and for business correspondence and similar communication, the storage period is six years. In some cases, the law or certain authorities may stipulate exceptions requiring a longer or shorter storage period. Please do not hesitate to contact us if you require any additional information.
Suppliers: We will collect personal data including name, e-mail address, telephone number and other business contact information in order to obtain services from suppliers, pay for such services and pass them on to our customers where applicable, manage the relationship with the supplier and offer services to our customers. The storage period corresponds to the duration of the contract but will not be shorter than the legal retention period. Please do not hesitate to contact us if you require any additional information.
2.2.2 Legal Basis of Data Processing
The legal basis for our processing of personal data in connection with any contract will always be one of the following:
• processing is necessary for the performance of a contract to which you are a party or in order to take preliminary steps at your request prior to entering into a contract (Article 6(1)(b) of the GDPR);
• processing is necessary for compliance with a legal obligation to which we are subject (such as compliance with anti-money laundering laws) (Article 6(1)(c) of the GDPR);
• processing is necessary for the purpose of safeguarding our legitimate business interests, except where such processing affects your interests (including the continued development of our services, for instance by means of internal training courses) (Article 6(1)(f) of the GDPR); or
• the data subject has given consent to the processing of the personal data specified for one or more purposes (Article 6(1)(a) of the GDPR).
2.2.3 Data Transmission on the Conclusion of a Contract and Shipping of Goods
The following third parties will be given access to your personal data:
We only transmit personal data to the following recipients as provided for by law:
• credit rating agencies for creditworthiness checks (only where required and only after you have been separately notified thereof);
• service providers: we must pass on your personal data to our service providers in order to be able to offer our services to you. Our contracts with external service providers currently cover the provision of operating and support services such as IT, accounting/tax, mail/logistics and translation services;
• disclosure on the basis of laws and regulations: under certain circumstances, we may be required by applicable laws , regulations or regulatory orders to disclose personal data to authorities including supervisory authorities (BaFin,) criminal prosecution authorities or in connection with proposed or actual legal proceedings.
We only transfer personal data to other third parties if this is necessary in the context of contract initiation, contract processing or for the enforcement of our claims, for example to the companies entrusted with the delivery of the goods, for requests for maintenance offers, companies that support us in the transfer of software licences or the credit institution commissioned with payment processing. Any further transmission of data will not take place or will only take place if you have consented to the transmission. For the avoidance of doubt, your data will not be passed on to third parties for advertising purposes without your consent.
2.3 International Transmission of Personal Data
Your personal data will be processed exclusively inside the EEA. This does not apply, however, if we agree otherwise in an individual case or if the contract requires, for example, that we communicate with a supplier located outside the EEA. In such an exceptional case, we will safeguard you by means of appropriate warranties, of which we will notify you separately in such case.
2.4 Automated Individual Decisions
We do not perform any automated individual decisions as defined in Art. 22 of the GDPR.
2.5 Technical and Organizational Measures
When processing your personal data, we implement technical and organizational measures to ensure the integrity, availability, authenticity and confidentiality of your data in accordance with Article 32 of the GDPR. We also require our service providers to implement the relevant measures and safety precautions and regularly review these.
2.6 Newsletter
2.6.1 Newsletter Data
If you wish to receive our newsletter, we require your e-mail address as well as information permitting us to verify whether you are indeed the owner of the e-mail address stated, and whether you consent to receiving the newsletter. No further data is collected, or is purely collected on a voluntary basis . We use such data solely for sending out the requested information and do not pass them on to any third parties.
The data entered into the newsletter subscription form is processed solely on the basis of the consent you have given (Article 6(1)(a) of the GDPR). You may at any time withdraw any consent you have granted to the storage of your data and e-mail address and the use thereof for the purpose of receiving the newsletter, for example by using the “unsubscribe”/”Austragen” link in the newsletter. The lawfulness of the data processing operations that have already been carried out remains unaffected by the withdrawal.
We will store the data you have provided to us for the purpose of receiving the newsletter until such time as you unsubscribe from the newsletter, and will delete them once you have unsubscribed from the newsletter. Data that we have stored for other purposes (for instance, e-mail addresses in our customer database) will not be affected thereby.
2.6.2 Newsletter2Go
Newsletters are sent out on our behalf and in accordance with our specifications by Newsletter2Go GmbH, Nürnberger Straße 8, 10787 Berlin, Germany.
Newsletter2Go is a service that can be used to organize and analyze the mailing of newsletters, among other things. The data you entered for the purpose of receiving the newsletter will be stored for us on the servers of Newsletter2Go in Germany.
If you do not wish to permit the analyses performed by Newsletter2Go as described below, you must cancel your newsletter subscription. We provide a link for this in every newsletter that you receive.
Newsletter2Go enables us to analyze our newsletter campaigns. We can see, for instance, whether a newsletter message was opened and which links, if any, were clicked on. This way, we can see, among other things, which links were clicked on particularly often.
In addition, we can see whether certain previously defined actions were performed after opening the newsletter/clicking on the link (conversion rate). This will show us, for example, whether you concluded a contract after clicking on the newsletter.
Newsletter2Go also enables us to “cluster” the newsletter recipients into groups based on a number of categories. By this means, the newsletter recipients may be classified, for example, according to age, gender or place of residence. This way, newsletters can be better adapted to the respective target audience.
3 Your rights
3.1 Withdrawal of your Consent to Data Processing
Many data processing operations may only be performed with your express consent. You may withdraw your consent at any time with future effect; there will be no charge for this. For this withdrawal, an informal notice to us via e-mail to datenschutz@miller-anlagen.de will suffice.
When we obtain your consent, we will provide information to you regarding further withdrawal options. The lawfulness of the data processing operations carried out until the time of said withdrawal remains unaffected thereby.
3.2 Right to Complain to the Responsible Supervisory Authority
In the event of a breach of any data protection regulations, you have a right to lodge a complaint with the responsible data protection authority, for example at your permanent place of residence.
3.3 Right to Data Transferability
You have the right to have any data you have provided to us transferred to yourself or to any third party in a commonly used, machine-readable format.
3.4 Information, Correction, Deletion, Restriction of Processing
You have the right, under the applicable provisions of the law, to demand at any time that we provide information to you regarding the personal data that we process, including a copy thereof, and, where applicable, you have the right to have such personal data corrected, to have the processing of the data restricted, or to have them deleted.
3.5 Objection to Processing based on Legitimate Interest
You may object to the processing of your personal data to the extent that we process such data on the basis of our legitimate interest.
4 Data Protection Officer
We have appointed a Data Protection Officer for our company, who may be contacted as follows:
Miller Anlagen GmbH
- Data Protection Office –
Louisenstr. 145
D-61348 Bad Homburg
Telephone: +49 6172 4863 0
E-mail: datenschutz@miller-anlagen.de
The Data Protection Officer is bound to impartiality and secrecy and will be pleased to assist you as an alternative to the Controller stated as a contact person in Sec. 1 above.
Last updated: January 1, 2024