The protection of information relating to you, such as your name, address, telephone number, e-mail or IP address (so-called "personal data"), which you entrust to us, is an important concern for us. Therefore, we operate this website in accordance with the laws on data protection and data security.
The transmission of personal data in the context of the use of this website always takes place via encrypted SSL connections. These meet the requirements of the security guideline TR-02102 of the German Federal Office for Information Security (BSI).
The data protection declaration is based on the terms used by the European legislator in the adoption of the EU General Data Protection Regulation (hereinafter: "GDPR"). The data protection declaration is intended to be easy to read and understand. To ensure this, the most important terms are explained below:
Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data subject is any identified or identifiable natural person whose personal data are processed by the controller.
Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person's job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
The controller or controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.
Processor means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the Controller.
A recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigation mandate under Union or Member State law shall not be considered as recipients.
Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.
Consent shall mean any freely given indication of the data subject's wishes for the specific case in an informed and unambiguous manner in the form of a statement or any other unambiguous affirmative act by which the data subject indicates that he or she consents to the processing of personal data relating to him or her.
We point out that data transmission over the Internet (eg communication by e-mail) security gaps. A complete protection of the data against access by third parties is not possible.
Person responsible for data handling within the framework of this website
D-87488 Betzigau (Germany)
Phone: +49 (831) 57444-0
Fax: +49 (831) 57444-90
Contact details of the data protection officer
AKWISO Datenschutz & Audit
D-87435 Kempten (Germany)
Tel.: +49 (831) 5124703-0
Fax: +49 (831) 5124703-1
Purposes of processing and respective legal basis
Provision of the website; communication with mimatic GmbH
The website offer at www.mimatic.de requires the handling of personal data, such as the IP address for the retrieval of the content displayed on the website, when you make inquiries or in our online service areas.
Online service "User account”
You can register for our user account at www.mimatic.de and then use it. We collect your name, e-mail address and telephone number for this purpose.
The handling of your personal data in the context of the online service "user account" is carried out for the initiation, implementation and processing of the corresponding user contract.
You can purchase products within our online store. We collect your name, company, address, country and email address for this purpose.
The handling of your personal data is carried out for the initiation, implementation and processing of the corresponding purchase contract.
Recipients of the personal data
mimatic GmbH does not pass on personal data to third parties.
Criteria for the storage period of personal data
Your personal data sent to us will be deleted if the respective purpose of storage no longer applies and no legal regulations require storage. Statistical evaluations are only carried out in anonymized form.
Your rights as a data subject
In principle, you have the right to information about the personal data concerned as well as the right to correction or deletion or to restriction of processing. In addition, you generally have the right to object to further processing and the right to data portability. Please contact the data protection officer for this purpose.
You have a right of appeal to the data protection supervisory authority responsible for us:
The Bavarian State Commissioner for Data Protection
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke an already given consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to object to data collection in special cases and to direct marketing (Art. 21 GDPR)
If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR).
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. To do this, you can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:
If you have restricted the processing of your personal data, this data may - apart from being stored - only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.
Objection to advertising e-mails
The use of contact data published within the framework of the imprint obligation to send advertising and information materials not expressly requested is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
Newsletter and revocation of consent
You have the right to revoke your consent at any time with effect for the future.
Children should not
transmit any personal data to
mimatic GmbH without the consent of their parents or guardians.
We recommend that all parents and guardians instruct their children in the safe and responsible handling of personal data on the Internet.
mimatic GmbH will not, knowingly, collect, process or use personal data from children.
mimatic GmbH uses appropriate technical and organizational security measures to protect the data we have under our control against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. We also continuously improve the security measures used in line with technological developments.
Information collected automatically by analysis software
This website does not use any analysis software.
We have activated the IP anonymization function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Information, blocking, deletion
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which we are subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need to continue storing the data for the conclusion or performance of a contract.
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction, blocking or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.
Data collection on our website
This website uses so-called cookies. Below you will find a list of cookies with a description of which are used.
Cookies are small text files that, as soon as you visit a website, are sent from a web server to your browser and stored locally on your end device (PC, notebook, tablet, smartphone, etc.) and are stored on your computer and provide the user (i.e. us) with certain information. Cookies are used to make the website more customer-friendly and secure, and in particular to collect usage-related information, such as frequency of use and number of users of the pages and behavioral patterns of page use. Cookies do not harm the computer and do not contain viruses. This cookie contains a characteristic character string (so-called cookie ID), which enables
the browser to be uniquely identified when the website
is called up again.
Server log files
In the case of purely informational use of the website, i.e. if you do not register or otherwise transmit information to us, we automatically collect the following data and information from the computer system of the calling computer each time the website is called up:
The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.
The legal basis for the temporary storage of the log files is Art. 6 para. 1 p. lit. f) GDPR.
The temporary storage of the IP address by the system is necessary in order to
The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
These purposes also constitute our legitimate interest in data processing according to Art. 6 para. 1 p. 1 lit. f) GDPR.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected - in this case, at the end of the usage process.
In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses are deleted or anonymized, so that an assignment of the calling client is no longer possible.
The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website, which is why there is no possibility to object.
Contact form and e-mail contact
Our website contains a contact form that can be used for electronic contact. If you take advantage of this option, the data entered in the input mask will be transmitted to us and stored. These data are:
At the time of sending the message, the following data is also stored:
The legal basis for the processing of the data is Art. 6 para. 1 p. lit. a) GDPR if the user has given his consent. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 p. 1 lit. f) GDPR. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1S. 1 lit. b) GDPR.
The processing of personal data from the input mask serves us solely to process the contact. Of course, we will use the data from your e-mail inquiries exclusively for the purpose for which you provide them to us when contacting us. In the case of contact by e-mail, the necessary legitimate interest in the processing of the data also lies in its reply. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified. The additional personal data collected during the sending process will be deleted at the latest after expiry of the legally prescribed period.
Inquiry by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
The processing of this data is based on Art. 6 (1) lit. b GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 (1) (a) GDPR) and/or on our legitimate interests (Art. 6 (1) (f) GDPR), as we have a legitimate interest in the effective processing of requests addressed to us.
The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular legal retention periods - remain unaffected.
Processing of data (customer and contract data)
We collect, process and use personal data only to the extent that they are necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. We collect, process and use personal data about the use of our websites (usage data) only to the extent necessary to enable the user to use the service or to bill the user.
The collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
Data transfer upon conclusion of a contract for services and digital content
We transmit personal data to third parties only if this is necessary for the processing of the contract, for example, to the credit institution entrusted with the processing of payments.
A further transmission of the data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
Links to external websites
This website contains links to external sites. We are responsible for our own content. We have no influence on the contents of external links and are therefore not responsible for them, in particular we do not adopt their contents as our own. If you are directed to an external site, the data protection declaration provided there applies. If you notice illegal activities or content on this site, you are welcome to inform us. In this case we will check the content and react accordingly (notice and take down procedure).
If you purchase goods or services from us and provide us with your e-mail address, we may subsequently use it to send you a newsletter. In such a case, only direct advertising for our own similar goods or services will be sent via the newsletter. The legal basis for sending the newsletter is Article 7 (3) UWG.
To avoid abusive or incorrect mail entries, we use the so-called double-opt-in procedure. This means that we send you an e-mail to the specified e-mail address in which we ask you to confirm that the mail address is correct. If you do not confirm your details, your information will be blocked and automatically deleted in compliance with the legally prescribed period. In addition, we store your respective IP addresses used and times of registration and confirmation.
The collection of the user's e-mail address serves to deliver the newsletter. The collection of other personal data in the context of the confirmation process according to para. 2 serves to prevent misuse of the services or the e-mail address used.
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. Accordingly, the user's e-mail address will be stored as long as you do not revoke the receipt of the newsletter.
You can unsubscribe from receiving our emails at any time by clicking on the "unsubscribe" box in our newsletter unsubscribe or by sending us a text message (email, letter or fax) to the contact details provided in the imprint stating that you no longer wish to receive our promotional emails.
Plugins and tools
We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our websites. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). The purpose of reCAPTCHA is to verify whether data entry on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
Data processing through social networks
We maintain publicly accessible profiles on social networks. The social networks used by us in detail can be found below.
Social networks such as Facebook can generally analyze your user behavior extensively when you visit their website or a website with integrated social media content (e.g. Like buttons or advertising banners). Visiting our social media presences triggers numerous processing operations relevant to data protection. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are or were logged in.
Our social media presences are intended to ensure the most comprehensive presence possible on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which are to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) lit. a GDPR).
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. against Facebook).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.
Facebook fan page
We operate an online presence on Facebook, a so-called Facebook Fanpage. The following additional information on data processing applies to visits to our fan page. Information on data protection at Facebook in general can be found at https://www.facebook.com/about/privacy/.
We are jointly responsible with Facebook for the operation of our Facebook fan page in accordance with Art. 26 GDPR. For this purpose, we have defined in an agreement with Facebook who fulfills which obligations with regard to data protection. This agreement can be accessed here. Accordingly, Facebook is primarily responsible for providing the data subject with information about the joint processing and enabling him or her to exercise his or her data protection rights. Irrespective of this, we hereby inform you about your visit to our Fanpage.
Our contact details are:
D-87488 Betzigau (Germany)
Phone: +49 (831) 57444-0
Fax: +49 (831) 57444-90
You can reach Facebook at:
Facebook Ireland Ltd.
4 Grand Canal Square,
Grand Canal Harbour,
Dublin 2, IrelandOnline you can reach Facebook at https://www.facebook.com/help/contact/2061665240770586.
You can reach Facebook's data protection officer at
If you are a Facebook user, Facebook collects the data described in the Facebook Data Policy (https://www.facebook.com/about/privacy/update) under "What types of information do we collect? If you are not a Facebook user, cookies with identifiers, small text files, may still be stored in your browser, which enable so-called tracking of your user behavior.
As a rule, the user data during a visit to Facebook is also processed by Facebook for market research and advertising purposes. Based on user behavior (also when visiting our fan page), complex user profiles are created, which Facebook can use to play personalized advertisements to the visitor within and outside of Facebook. More information on this can also be found in the Facebook data policy (https://www.facebook.com/about/privacy/update).
If you do not agree to this, you can object at https://www.facebook.com/index.php?next=https%3A%2F%2Fwww.facebook.com%2Fsettings%3Ftab%3Dads (opt-out).
Facebook provides us with statistics and usage data that we can use to analyze the use of our fan page (so-called "page insights"). This enables us to continuously improve our offer on Facebook. We, as the operator, do not make any decisions regarding the processing of Insights data and any other information resulting from Art. 13 of the GDPR, such as the storage duration of cookies on user devices. The primary responsibility under the GDPR for the processing of Insights Data lies with Facebook and Facebook complies with all obligations under the GDPR with respect to the processing of Insights Data.
We as the site administrator have no other way, not even via user tracking, to evaluate user behavior on our Fanpage. It is also fundamentally not possible for us to identify the visitor to the Fanpage on the basis of the Page Insights. In particular, we have no right under the agreement to require Facebook to disclose individual visitor data. Identification is only possible for us if we are able to assign individual profile pictures to "Like" page views; however, this is only possible insofar as our Fanpage has been marked with "Like" by the corresponding visitor and the "Like" is set to "public".
You can find out what information Facebook uses to create Page Insights at: https://www.facebook.com/legal/terms/information_about_page_insights_data.
The operation of the Facebook fan page and the use of page insights serves our legitimate interest in effective external presentation and efficient communication with our customers and interested parties. This interest justifies the operation of the page both to the legitimate interests of Facebook users and to visitors to our fan page who do not have a Facebook account. Accordingly, the legal basis is Art. 6 para. 1 p. 1 lit. f) GDPR.
Data collected by Facebook is shared and processed throughout the Facebook group. The Facebook Group also includes, for example, Instagram, WhatsApp and Oculus. For example, information collected through Facebook is used to display personalized ads to the user on Instagram, or information from WhatsApp is used to take action against accounts that send spam through WhatsApp on Facebook. This information can be found in the Facebook Data Policy (https://www.facebook.com/about/privacy/update) under "How do Facebook companies work together?".
When Facebook processes data, user data may be transferred outside the European Economic Area (EEA), in particular to the USA. Facebook has therefore submitted to the EU-US Privacy Shield:
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without specifying a particular situation. If you wish to exercise your right of revocation or objection, it is sufficient to send an e-mail to e-mail.
You have the right to revoke your consent to us at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future. Furthermore, you have the right to information according to Art. 15 GDPR, the right to correction according to Art. 16 GDPR, the right to deletion according to Art. 17 GDPR, the right to restriction of processing according to Art. 18 GDPR, as well as the right from data portability from Art. 21 GDPR. Furthermore, there is a right of appeal to a competent data protection supervisory authority (Art. 77 GDPR in conjunction with § 19 BDSG).
In principle, you can assert your data protection rights both against Facebook and against us. Since only Facebook has direct access to your user data, you can most effectively assert your data subject rights against Facebook.
Rights of the data subject
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
You have the right to obtain from the controller the rectification and/or completion without undue delay of any personal data processed concerning you which is inaccurate or incomplete.
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this rectification/erasure/restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right against the controller to be informed about these recipients.
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. You can contact the responsible person for this purpose.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.