Mitto AG, represented by its sole managing director, Mr. Andrea Giacomini, is the responsible controller within the meaning of EU Regulation 2016/679 of 27 April 2016 (General Data Protection Regulation) (“GDPR”). Our contact details are:
Our data protection officer can be reached at: Mitto, E-mail: firstname.lastname@example.org
We are committed to the responsible handling of your personal data. Consequently, we comply with the requirements of the GDPR, the applicable national data protection laws and other provisions of the applicable data protection regulations.
In the following we would like to inform you about how we handle your personal data. Unless explicitly stated otherwise, the following information applies to all websites operated by us.
Each time our website is accessed, our system automatically records in a log file data and information from the computer system of the requesting computer or terminal and only data that your browser transmits to our servers. The following data is processed:
This data is also stored automatically in the log files of our system. There is no storage together with other personal data pertaining to you. The legal basis for the temporary storage of data and log files is Art. 6 (1) (f) GDPR.
The processing of this data as well as the storage in log files takes place anonymously without personal reference and only temporarily for the purpose of enabling the use of the website (connection establishment), since this is only possible if the IP address remains stored for the duration of the session. Furthermore, the system security and stability should be thereby permanently guaranteed, and our internet offer optimised. Our legitimate interest in the processing of data pursuant to Art. 6 (1) (f) GDPR lies in these purposes.
The data will be deleted as soon as it is no longer necessary for the purpose of its collection.
The collection of data for the provision of our website and the storage of the data in log files is essential for the operation of the website. There is therefore no possibility of objecting to such processing.
On our website we offer a contact form, which can be used to contact us. If you used this contact form, the data entered in the input mask will be transmitted to us and saved. This data is:
At the time of sending the message, the following data is also stored:
Alternatively, contacting us via various provided e-mail addresses is possible. In this case, the user’s personal data transmitted by e-mail will be stored.
If you contact us by phone, we will save the following:
The legal basis for the processing of the data for the use of the contact form is the consent of the user pursuant to Art. 6 (1) (a) GDPR. The legal basis for the processing of the data transmitted in the course of sending an e-mail or making contact by telephone is Art. 6 (1) (f) GDPR. If the e-mail contact or the telephone contact is intended to conclude a contract, then the additional legal basis for the processing is Art. 6 (1) (b) GDPR.
The processing of personal data from the input mask is solely for processing the contact as well as the processing of your request. In the case of contact via e-mail or telephone, the required legitimate interest in the processing of the data also lies herein. The other personal data processed during the sending process is intended to prevent misuse of the ability to contact us and to ensure the security of our communications and IT systems.
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. Regarding the personal data from the input form of the contact form and data that has been sent by e-mail or communicated by telephone, it is deleted when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified.
The legal basis for the processing of personal data using cookies is Art. 6 (1) (f) GDPR.
Cookies are stored on your computer and transmitted by it to our system. Therefore, as a user, you have control over the use of stored cookies. By changing the settings in your browser, you can disable or restrict the transmission of cookies. Already saved cookies can be deleted at any time. This can also be done automatically. However, if cookies are disabled for our website, it may not be possible to fully use all functions of the website.
We use the web analytics service Google Analytics of Google LLC, Amphitheater Parkway, Mountain View, CA 94043, USA, on our website and Nimbow.
The IP address is shortened by the activation of IP anonymisation (“anonymizeIP”) on our website before the transmission. This guarantees an anonymisation of your IP address so that all data is only processed anonymously. Only in exceptional cases will the full IP address be sent to a server of Google LLC in the USA and shortened there. In these cases, we provide contractual guarantees to ensure that Google LLC maintains a reasonable level of data protection. According to Google LLC, the IP address will in no case be associated with any other data related to the user.
The legal basis for processing users’ personal data is Article 6 (1) (f) GDPR.
Google will on our behalf use the transmitted information to evaluate your use of our website. By analysing the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website, Nimbow and their user-friendliness. Our legitimate interest in the processing of data pursuant to Art. 6 (1) (f) GDPR lies in these purposes. The anonymisation of the IP address sufficiently takes into account the interests of users in their protection of personal data.
The data will be deleted as soon as it is no longer needed for our recording purposes.
Since Google Analytics works with cookies, you as the user also have control over the use of stored cookies (see section VIII).
In addition, you may prevent the collection and transmission to Google of the data generated by the cookie and related to your use of our website (including the IP address) and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
As an alternative to the browser plug-in, you can click on this link to prevent data collection by Google Analytics on the website in the future. An opt-out cookie is stored on your used device. If you delete your cookies, the link must be clicked again.
For more information about privacy related to Google Analytics, see the Google Analytics Help Center (https://support.google.com/analytics/answer/6004245?hl=de.
We only pass on your personal data if you have expressly consented, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to assert claims arising from the contractual relationship, as well as to fulfil our obligations.
In addition, we pass on your data to third parties, as far as it is required in the context of the use of the website and the contract, namely for the processing of your orders, the processing of your purchases, the delivery of your ordered products and their payment, and for the provision of the services you request, for the analysis of your user behaviour as well as for the service providers supporting us.
Our service providers are always carefully selected, commissioned and bound by our instructions. They are checked regularly by us.
The LinkedIn button and social widgets are services allowing interaction with the LinkedIn social network provided by LinkedIn Corporation.
Personal Data collected: Cookies and Usage Data.
You can always ask for information about your personal data stored by us. Likewise, you are fundamentally entitled to demand the deletion or correction of your stored data at any time, as long as legal obligations do not conflict. Please note that by law certain data must be kept for a certain period of time. Such data must therefore be stored by us until the expiration of these deadlines. We block this data in our system and only use it to fulfil legal requirements.
Please note that we reserve the right to require submission of proof of identity, and that in the event of deletion of your data use of our services is not or is no longer fully possible.
Consents to certain data processing can be revoked at any time with effect for the future.
You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence or the place of the alleged infringement, if you believe that the processing of your personal data infringes the GDPR.
Our website and are open to people only from the age of 16 years. Personal data of persons who have not yet reached the age of 16 is therefore not collected by us. If you think your child is sharing data with us, you can contact us at the contact details provided.
This part of the document uses the term “personal information” as it is defined in The California Consumer Privacy Act (CCPA).
11.1 Categories of personal information collected, disclosed or sold
In this section we summarize the categories of personal information that we’ve collected, disclosed or sold and the purposes thereof. You can read about these activities in detail in the section 4 and 5.
11.2 Information we collect: the categories of personal information we collect
We have collected only the categories of personal information about you related on what express in the above mentioned sections 4 and 5.
We will not collect additional categories of personal information without notifying you.
11.3 How we collect information: what are the sources of the personal information we collect?
We collect the above mentioned categories of personal information, either directly or indirectly, from you when you use this website.
For example, you directly provide your personal information when you submit requests via any forms on this website. You also provide personal information indirectly when you navigate this Application, as personal information about you is automatically observed and collected. Finally, we may collect your personal information from third parties that work with us in connection with the Service or with the functioning of this website and features thereof.
11.4 How we use the information we collect: sharing and disclosing of your personal information with third parties for a business purpose
We may disclose the personal information we collect about you to a third party only in relation to what express in the previous section 8.
11.5 No sale of your personal information
In the past 12 months we have not sold any of your personal information
11.6 What are the purposes for which we use your personal information?
We may use your personal information to allow the operational functioning of this website and features thereof (“business purposes”). In such cases, your personal information will be processed in a fashion necessary and proportionate to the business purpose for which it was collected, and strictly within the limits of compatible operational purposes.
We may also use your personal information for other reasons (as indicated in the section 5 within this document), as well as for complying with the law and defending our rights before the competent authorities where our rights and interests are threatened, or we suffer an actual damage.
We will not use your personal information for different, unrelated, or incompatible purposes without notifying you.
11.7 Your California privacy rights and how to exercise them
The right to know and to portability
You have the right to request that we disclose to you:
The disclosure described above will be limited to the personal information collected or used over the past 12 months.
If we deliver our response electronically, the information enclosed will be “portable”, i.e. delivered in an easily usable format to enable you to transmit the information to another entity without hindrance – provided that this is technically feasible.
The right to request the deletion of your personal information
You have the right to request that we delete any of your personal information, subject to exceptions set forth by the law (such as, including but not limited to, where the information is used to identify and repair errors on this Application, to detect security incidents and protect against fraudulent or illegal activities, to exercise certain rights etc.).
If no legal exception applies, as a result of exercising your right, we will delete your personal information and direct any of our service providers to do so.
How to exercise your rights
To exercise the rights described above, you need to submit your verifiable request to us by contacting us via the details provided in this document (see sections 2 and 5).
For us to respond to your request, it’s necessary that we know who you are. Therefore, you can only exercise the above rights by making a verifiable request which must:
We will not respond to any request if we are unable to verify your identity and therefore confirm the personal information in our possession actually relates to you.
If you cannot personally submit a verifiable request, you can authorize a person registered with the California Secretary of State to act on your behalf.
You can submit a maximum number of 2 requests over a period of 12 months.
How and when we are expected to handle your request
We will confirm receipt of your verifiable request within 10 days and provide information about how we will process your request.
We will respond to your request within 45 days of its receipt. Should we need more time, we will explain to you the reasons why, and how much more time we need. In this regard, please note that we may take up to 90 days to fulfil your request.
Our disclosure(s) will cover the preceding 12 month period.
Should we deny your request, we will explain you the reasons behind our denial.
We do not charge a fee to process or respond to your verifiable request unless such request is manifestly unfounded or excessive. In such cases, we may charge a reasonable fee, or refuse to act on the request. In either case, we will communicate our choices and explain the reasons behind it.
The website may contain links to the pages of other providers. Since we have no influence on these websites and offers, we recommend that you inquire about information regarding data protection that may be provided there. We assume no responsibility for the contents of the linked pages.