Privacy Policy
The controller in terms of the General Data Protection Regulation (GDPR) is the
mycon GmbH
Senner Straße 156
33659 Bielefeld
Tel.: (0521) 403090
E-Mail: info@mycon-germany.com
Data Protection Officer
CRO Datenschutz GmbH
Nora Loof
Adenauer-Platz 4
33602 Bielefeld
With these privacy notices, we inform you (referred to as “user” or “data subject” in the following text) about our data processing in connection with the use of digital systems that process and display data and establish a connection to a cloud. We also inform you about your rights regarding the processing of your data. The term “data processing” always refers to the processing of personal data. We place great importance on protecting your privacy and the security of your personal data. Please read this agreement carefully to understand how we handle your data.
1.General Information on Data Processing
The systems may collect personal data from you when you use them, register, contact us, or otherwise interact with them.
1.1 Categories of Personal Data
We process the following categories of personal data:
- Inventory data (e.g., names, addresses, functions, organizational affiliation, etc.);
- Contact data (e.g., email, phone/fax numbers, etc.);
- Content data (e.g., text entries, image files, videos, etc.);
- Usage data (e.g., access data);
- Meta/communication data (e.g., IP addresses).
1.2 Recipients or Categories of Recipients of Personal Data
If we disclose, transmit, or otherwise grant access to personal data to other persons and companies, such as processors or third parties, it will be done based on a legal permit (e.g., if data transmission to third parties is required for contract fulfilment according to Art. 6 para. 1 lit. b GDPR), if the data subjects have consented, or if a legal obligation requires it.
1.3 Duration of Storage of Personal Data
The criterion for the duration of the storage of personal data is the respective statutory retention period. After the period expires, the relevant data will be deleted unless they are still required to achieve the purpose.
1.4 Transfers to Third Countries
If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of using third-party services or disclosing or transmitting data to third parties, it will only occur if it is necessary to fulfil our (pre-)contractual obligations, based on your consent, due to a legal obligation, or based on our legitimate interests. Subject to legal or contractual permissions, we process or allow the processing of data in a third country only if the specific conditions of Art. 44 et seq. GDPR are met, i.e., the processing occurs based on specific guarantees, such as the officially recognised establishment of an adequate level of data protection equivalent to that of the EU or compliance with officially recognised specific contractual obligations (so-called “Standard Contractual Clauses”).
2.Data Processing
We process and use your personal data to provide you with the functions and services of the systems, process your inquiries, improve the performance of the systems, and provide you with relevant information. This includes the transmission and storage of your data in the cloud.
2.1 Cookies/Technologies
The systems may use cookies and similar technologies to analyse your usage, store user settings, and offer you a personalized experience. By using the systems, you consent to the use of such technologies. However, you have the option to control the use of cookies in your browser settings. The legal basis for the use of necessary cookies is Art. 6 para. 1 lit. f GDPR.
2.2 Integration of Other Third-Party Services
We are represented with content on social networks and other virtual platforms to communicate with customers, prospects, and users, and to present our services there. When accessing these networks and virtual platforms, their terms and especially their privacy principles apply. This is particularly important if you access our presence on social networks and other platforms via corresponding links on our website.
Unless otherwise specified in our privacy policy, we process your personal data that you provide us through social networks and virtual platforms in the context of our communication, e.g., by sending messages to us, for processing your inquiries. The legal basis for this processing of the transmitted data is Art. 6 para. 1 sentence 1 lit. b GDPR.
We also use third-party services on our website to optimize and analyze our online presence, to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “services”). This integration requires that the providers of these services process your IP address. Since this cannot be technically prevented, the processing of the IP address is necessary for the use and implementation of the services. We strive to use only those services whose respective providers process the IP address solely for the direct provision of the services. Third parties may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. Through the “web beacons,” various information, such as the visit to our website, can be examined and evaluated. In pseudonymized form, information can also be stored in cookies on your device, allowing technical information about your browser and operating system, linked websites, visit time, and other details of the use of our website to be processed. The legal basis for this processing of the transmitted data is Art. 6 para. 1 sentence 1 lit. b GDPR. The services used may include:
2.2.1 Google Maps
Integration of maps from the “Google Maps” service. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. The privacy policy of this third party can be found at Google Privacy Policy. If you consent to the use of Google Maps, the legal basis for data processing is Art. 6 para. 1 lit. a GDPR. We also have a legitimate interest in optimizing our online service, Art. 6 para. 1 lit. f GDPR.
2.2.2 Google Fonts
Integration of fonts from Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. The privacy policy of this third party can be found at Google Privacy Policy. If you consent to the use of Google Fonts, the legal basis for data processing is Art. 6 para. 1 lit. a GDPR. We also have a legitimate interest in optimizing our online service, Art. 6 para. 1 lit. f GDPR.
2.3 Hosting
The hosting services we use provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services, and technical maintenance services that we use for operating our website. In this context, we or our processor process inventory data, contact data, content data, contract data, usage data, meta and communication data based on our legitimate interests in providing the service efficiently and securely according to Art. 6 para. 1 lit. f GDPR in conjunction with Art. 28 GDPR.
3.Data Processing in the Context of Contacting Us
3.1 Contact via Email or Phone
You can contact us via the email address or phone number published on our website. If you use this contact method, the data you provide (e.g., name, first name, address, phone number), along with any personal data you provide, will be stored for the purpose of contacting and processing your request. Additionally, the following data is collected by our system when contacting us via email:
- IP address of the requesting computer;
- Date and time of the email.
The legal basis for processing personal data in the context of emails or phone calls is Art. 6 para. 1 lit. b or f GDPR.
3.2 Contact via Mail
If you send us a letter, the data you provide (e.g., name, first name, address) and the information contained in the letter, along with any personal data you provide, will be stored for the purpose of contacting and processing your request. The legal basis for processing personal data in the context of letters and faxes is Art. 6 para. 1 lit. b or f GDPR.
4.Your Rights
As a data subject, you have the following rights in connection with the processing of your personal data:
4.1 Right to Information
(1) As a data subject, you have the right to request confirmation from us as to whether personal data concerning you is being processed; if this is the case, you have the right to obtain information about this personal data and the following information: a) the purposes of the processing; b) the categories of personal data processed; c) the recipients or categories of recipients to whom the personal data has been or will be disclosed, particularly in the case of recipients in third countries or international organizations; d) if possible, the planned duration for which the personal data will be stored, or if this is not possible, the criteria used to determine this duration; e) the existence of the right to rectification or erasure of the personal data concerning you, or to restriction of processing by the controller, or to object to such processing; f) the existence of a right to lodge a complaint with a supervisory authority; g) if the personal data has not been collected from the data subject, all available information about the source of the data; h) the existence of automated decision-making, including profiling according to Art. 22 para. 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
(2) You have the right to obtain a copy of the personal data undergoing processing.
4.2 Right to Rectification
You have the right to request the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, including by means of a supplementary declaration.
4.3 Right to Erasure
You have the right to request that personal data concerning you be erased without undue delay, and we are obliged to erase personal data without undue delay if one of the following applies: a) The personal data is no longer necessary for the purposes for which it was collected or otherwise processed; b) You withdraw your consent on which the processing is based according to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, and where there is no other legal basis for the processing; c) You object to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 para. 2 GDPR; d) The personal data has been unlawfully processed; e) The personal data has to be erased for compliance with a legal obligation in Union or Member State law to which we are subject; f) The personal data has been collected in relation to the offer of information society services referred to in Art. 8 para. 1 GDPR.
4.4 Right to Restriction of Processing
You have the right to request the restriction of processing where one of the following applies: a) The accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data; b) The processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead; c) We no longer need the personal data for the purposes of the processing, but you require it for the establishment, exercise, or defence of legal claims; d) You have objected to processing pursuant to Art. 21 para. 1 GDPR pending the verification whether the legitimate grounds of our company override those of the data subject.
4.5 Right to Data Portability
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and you have the right to transmit those data to another controller without hindrance from us, where the processing is based on consent according to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract according to Art. 6 para. 1 lit. b GDPR and the processing is carried out by automated means. In exercising your right to data portability, you have the right to have the personal data transmitted directly from us to another controller, where technically feasible.
4.6 Right to Object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 para. 1 lit. e or f GDPR, including profiling based on those provisions. We will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defence of legal claims.
If personal data is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data will no longer be processed for such purposes.
4.7 Right to Withdraw Consent
You have the right to withdraw your consent to the processing of personal data at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
4.8 Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.
5.Changes to this Privacy Notice
We may update this privacy notice from time to time. We will inform you of any significant changes in the way we process your personal data. Please check this privacy notice regularly for any updates or changes.