Privacy Policy (valid as of 03 March 2025)

The purpose of this Privacy Policy is to provide you with an overview of what happens with your personal data (hereinafter also referred to as “Data“) in our law firm and to inform you of the data protection claims and rights to which you are entitled in accordance with the European General Data Protection Regulation (“GDPR“) and national data protection laws, such as the German Federal Data Protection Act (Bundesdatenschutzgesetz, “BDSG“) and the German Act on Data Protection and the Protection of Privacy in Telecommunications and Digital Services (“Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz, “TDDDG“). We therefore ask you to take note of this Privacy Policy and, where appropriate, to print or save it.

Personal data is any information that can be used to personally identify you. The processing of your Data may be carried out for various purposes. In general, the data processing activities of MicroSys Electronics GmbH, Mühlweg 1, 82054 Sauerlach, Germany (hereinafter also referred to as „MicroSys“ or „We“) can be divided into the following areas of application:

• General Information: General information about data protection, data processing and the rights of data subjects, which applies to all data processing carried out for us, is set out in Part A
• Our internet presences: In connection with our website https://www.microsys.de/ (hereinafter: „Website“) or comparable external online presences, such as social media profiles, from which we refer to this Privacy Policy (Website and external online presences hereinafter also collectively: “Internet Presences“), we process data from visitors that is exchanged between their internet-enabled devices and the server operated by us, as well as other data that is communicated to us in connection with the use of the Internet Presences. Please see Part B for details.

Please visit the individual sections for quick, contextual information on specific processing situations.

A. General information on data protection and data subject rights

I. Who is responsible for data processing and who can you contact if you have any questions?

Controller according to the GDPR and other national data protection laws of the member states as well as other provisions of data protection law is:

MicroSys Electronics GmbH
Mühlweg 1
82054 Sauerlach, Germany

Tel: +49 8104 801-0

E-Mail: info@microsys.de

If you have any questions about our privacy policy, please contact us using the details above.

II. What rights do you have regarding your Data?

If your Data is processed, you are a “Data Subject” under the GDPR, which may entitle you to the rights described below. If you wish to exercise any rights against MicroSys as the „Controller“, we recommend that you contact us using our contact details above:

1. Right of access

In accordance with Art. 15 GDPR, you may request confirmation from us as to whether and to what extent we are processing your Data.

2. Right to rectification 

If the Data concerning you is incorrect or incomplete, you have the right to have your Data corrected and/or completed, in accordance with Art. 16 GDPR.

3. Right to erasure

If the legal requirements of Art. 17 GDPR are met, you can demand that we erase your Data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests. Please note that there may be reasons that prevent immediate deletion, such as statutory retention obligations.

Irrespective of the exercise of your right of erasure, we will immediately and completely delete your Data in order to comply with our legal obligations to delete Data, after the purpose of processing has ceased to apply, unless there is a legal or statutory retention period to the contrary.

4. The right to restriction of processing

In the cases referred to in Art. 18 GDPR, you may request us to restrict the processing of your data. If you have restricted the processing of your Data, such data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State

5. Right to data portability

According to Art. 20 GDPR, you have the right to have the Data provided by you, which we process automatically on the basis of your consent or in fulfilment of a contract, transferred to you or to a third party in a common, machine-readable format. If you request your Data to be transferred directly to another responsible person, this will only be done to the extent, that it is technically feasible. The right to data transfer does not apply to the processing of Data necessary for the performance of a task in the public interest or in the exercise of official authority assigned to the Data Controller.

6. Right to object

If we process your Data on the basis of a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, you may object to this data processing at any time for reasons arising from your particular situation; this also applies to profiling (which does not take place!) based on these provisions (see Art. 21 GDPR). If you object, we will no longer process the Data concerned, unless we can demonstrate compelling legitimate grounds for the processing which override your interests as a Data Subject or for the establishment, exercise or defence of legal claims.

If we process your Data for the purpose of direct marketing (which we do not!), you have the right to object at any time to the processing of your Data for such marketing purposes, including the creation of profiles in connection with such direct marketing. If you object, your Data will no longer be used for direct marketing purposes. You may object to the processing of your Data for direct marketing purposes at any time without giving reasons.

7. Right to withdraw consent under data protection law

Some data processing operations may only be carried out with your express consent pursuant to Art. 6 para. 1 lit. a GDPR or § 25 para. 1 TDDDG. You may revoke your consent at any time with effect for the future. Withdrawal of your consent does not affect the lawfulness of the processing based on your consent prior to its withdrawal. Please note that even if you withdraw your consent, we may still process the Data concerned in whole or in part on the basis of other legal principles.

8. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or the place of the alleged infringement, if the data subject considers that the processing of personal data relating to him or her infringes the GDPR (Article 77 GDPR in conjunction with Article 19 BDSG). 

A list of data protection authorities in Germany and their contact details can be found at the following link www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

If you believe that we have breached German or European data protection law in the processing of your Data, please contact us to clarify the matter.

You also have the right to contact the supervisory authority responsible for our registered office:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Office for Data Protection Supervision, „BayLDA“), P.O. Box 1349, 91504 Ansbach, Telephone: +49 (0) 981 180093-0; E-Mail: poststelle@lda.bayern.de

III. What personal data do we process and from what sources?

1. Source of personal data

Through our Website and services, we also process Data that we receive during your visit or that you actively provide to us as part of your use. Other Data is automatically collected by our IT systems when you visit the website or use one of our services. This is primarily technical data (e.g. Internet browser, operating system or time of a page view). This Data is collected automatically when you enter our website or access one of our services. Details of this are set out in the individual paragraphs of Part B.

In some cases, we also process data that we have lawfully received or acquired from other third parties or that we have lawfully taken, received or acquired from publicly available sources.

2. Categories of personal data

The personal data that we regularly process includes personal master/contact data such as: Title, first and last name, salutation, date of birth. Address, e-mail address, telephone number, fax, position in the company.

In addition, depending on the order, service or other relationship with you, we may also process the following other personal data:

• Address data: street, house number, address supplements if applicable, zip code, town, country
• Contact details: Telephone number(s), e-mail address(es)
• Registration data: Information about the service through which you signed up; timing and technical information about sign-in, confirmation and sign-out; information you provided when you signed up
• Quotation data
• Access data: Date and time of the visit to our Website; the webpage from which the accessing system accessed our Website; the subpages accessed during the visit; session identification data (session ID); in addition, the following information about the accessing computer system: Internet Protocol (IP) address used, browser type and version, device type, operating system and similar technical information
• Information about the nature and content of our business relationship such as contract data, order data, sales and document data, customer and supplier history, consulting documents
• Advertising and sales data
• Documentation data (e.g. consultation logs, data from service calls or support cases)
• other data that we have received from you as part of our business relationship (e.g. in customer meetings),
• the documentation of declarations of consent

IV. For what purposes and on what legal basis are your data processed?

We process your Data in accordance with the provisions of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Act on Data Protection and the Protection of Privacy in Telecommunications Digital Services Data Protection Act (TDDDG) as amended, in particular on the following basis:

• Consent (Art. 6 para. 1 lit. a GDPR, § 25 para. 1 TDDDG): If a service used by us in any way stores information in the user’s end devices or accesses such information, consent is required in accordance with Section 25 para 1 sentence 1 of the TDDDG. If the service functions without access to the terminal equipment, the GDPR applies. If we ask for your consent within the scope of the GDPR, this is done on the basis of Art. 6 para 1 lit. a in conjunction with Art. 7 GDPR. Any consent given can be revoked at any time with effect for the future. Please note that any processing that has taken place prior to the revocation will not be affected by the revocation and that the processing may continue, at least in part, on the basis of another legal basis.
• Fulfilment of (pre-)contractual obligations (Art. 6 para. 1 lit. b GDPR): Personal data is processed to fulfil pre-contractual measures or contractual obligations, in particular in connection with the sale and distribution of our products and other services as well as all activities required for the operation or administration of MicroSys as is common in the industry (e.g. customer and user administration). Details on the purpose of this data processing can be found in the respective contractual documents and terms and conditions.
• Protection of legitimate interests (Art. 6 para. 1 lit. f GDPR): Based on a balancing of interests, data processing may be carried out to protect the legitimate interests of MicroSys or those of third parties. This is permitted unless your interests or fundamental rights and freedoms require the protection of personal data to be overridden.
• Fulfillment of legal obligations (Art. 6 para. 1 lit. c GDPR): Processing of your data may be necessary in part for the purpose of fulfilling various legal obligations and requirements to which we are subject, e.g. from the German Commercial Code or the German Fiscal Code.

V. Who will receive my Data?

At MicroSys, those employees or organizational units receive your data that need it to fulfill our contractual and legal obligations or to process or pursue our legitimate interests.

Your data will be used for the purpose of processing a contractual relationship in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR or – depending on the nature of the specific contractual relationship – on the basis of our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR or those of our clients, in particular to service providers that we regularly use in connection with the homepage. This applies to the following recipients or categories of recipients:

• IT service providers (e.g. email service providers, web hosting service providers):
  • Alfahosting GmbH, Edmund-von-Lippmann-Straße 13-15, 06112 Halle (Saale), Germany (webhosting provider)
  • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland (web analytics and marketing software providers)
  • IndustryAgents GmbH, Hansastraße 23, 80686 München, Germany (website programming and maintenance)
  • Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Irland (software provider for Microsoft Forms)
• Sales partner
• Advertising partners
• Insurance companies
• Banks
• Communication providers (telephone providers, fax providers)
• Payment service providers
• Shipping and logistics service providers
• Credit agencies
• Auditors and accountants
• Tax and legal advisors

If we use a service provider for the purpose of processing on behalf in accordance with Art. 28 GDPR, we remain responsible for the protection of your Data. To the extent required by law, such data processors are contractually bound by a data processing agreement to treat your Data confidentially and to process it only within the scope of providing the service. Our data processors will receive your Data only to the extent, that they need it to perform their respective services.

Your Data will only be disclosed to or collected for the purposes of government institutions and authorities in accordance with mandatory national laws.

VI. How long will my Data be stored?

Your Data will only be used for the purpose for which you have provided it to us or for which you have given us your consent and will be stored until that specific purpose has been fulfilled. Once the purpose has been fulfilled, or if you request us to delete your Data, your Data will only be kept for as long as is necessary to comply with statutory limitation periods or retention periods (in particular for tax and commercial law purposes).

However, the Data will be deleted at the latest upon expiry of all time limits, unless you have expressly consented to further or other use. You may also exercise your rights during the retention periods, such as the blocking of your data. See Part A. No. II.

We will delete or block your data as soon as the purpose for which it was stored no longer applies or you request us to delete it.

We generally only process and, in particular, store your data until the end of the business relationship or until the expiry of the applicable guarantee, warranty and limitation periods. For example, the limitation period according to §§ 195 ff. of the German Civil Code (BGB) is generally three years, but in certain cases up to thirty years. In addition, it may be necessary for data to be stored until the legally binding conclusion of any legal disputes in which the data is required as evidence.

In addition, we are subject to statutory documentation and retention periods (e.g. from the German Commercial Code (Handelsgesetzbuch (“HGB”) (e.g. Section 257 HGB), the German Money Laundering Act (Geldwäschegesetz) or the German Fiscal Code (Abgabenordnung (“AO”) (e.g. Section 147 AO)). The retention and documentation periods specified there are between two and ten years. For example, we would have to retain your data even after the termination of a contract with you until the conclusion of the tax audit of the last calendar year in which you were our customer.

VII. Will personal data be transferred to a third country?

As part of our processing operations, personal data may also be transferred to entities in so-called third countries outside the EU or the EEA for certain business transactions or areas of activity that have not yet been certified by the EU Commission as having an adequate level of data protection, such as the USA. Should such a transfer become necessary in individual cases, it will only take place on the basis of an adequacy decision by the European Commission, standard contractual clauses, appropriate data protection safeguards or your express consent. Further information on transfers to third countries, including the recipients of such data, can be found in this privacy policy.

B. Use of our Internet Presences

In general, you can visit our Internet Presences and use them for informational purposes without providing any personal information (e.g., registering, placing orders, or otherwise providing information about yourself).  In this case, we process personal information about our users only to the extent necessary to provide a functional Website and our content and services, or to the extent that cookies used on the Website provide us with personal information when you visit the Website. For information about the cookies used by us, please refer to Part B Section II and Section III.

I. Hosting, provision of the Website and creation of log files

Description of data processing

Each time you visit our Website, our system automatically collects data and information from the computer system of the computer accessing the Website, that your Internet browser automatically transmits to us or our web host (so-called log files). These server log files may include IP addresses or other information that allows us to identify a specific user. This could be the case, for example, if the link to the website from which the user accesses the Website, or the link to the website to which the user switches, contains personal data. The following information is collected and stored by our hosting provider Alfahosting GmbH, Edmund-von-Lippmann-Straße 13-15, 06112 Halle (Saale), Germany in this context::

• Name of the retrieved file
• IP address
• Date and time of access
• Amount of data transferred
• Notification if the request was successful

The data is stored in the log files of our hosting provider. This data is not stored together with other personal user data.

Legal basis and purposes of data processing

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR. This information is also required for the provision of the service in accordance with Section 25 para. 2 no. 2 TDDDG.

The temporary storage of the IP address by the system is necessary in order to deliver the Website to the user’s computer. For this purpose, the user’s IP address needs be stored for the duration of the session.

The data is stored in log files to ensure the functionality of the site. The data is also used to optimise the Website and to ensure the security of our IT systems.

Retention period / Right of objection and deletion

The Data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. In the case of Data collected for the purpose of providing the Website, this will be the case when the relevant session has ended.

When Data is stored in log files, this is the case after 7 days at the latest.

The collection of Data for the provision of the Website and the storage of Data in log files are essential for the operation of the Website. Consequently, there is no possibility for the user to object. 

II. Cookies and similar technologies 

Description of data processing

Cookies are text files with a characteristic string of characters that are stored in the Internet browser or by the Internet browser on the user’s computer system and enable the browser to be uniquely identified when the site is accessed again. When a user visits a website, a cookie may be stored on the user’s operating system. A cookie contains a unique string of characters. Cookies are used to make a website more user-friendly, effective and secure. When you visit a website that has a cookie embedded in it, the information you enter is stored only in the cookie on your computer. In this case, data is only transmitted to our servers when a page is requested.

Some cookies are deleted at the end of the browser session when your browser is closed (so-called session cookies). These cookies are technically necessary, e.g. to enable you to log in to the application and remain logged in across pages during your visit to our Website.

Other cookies remain on your device for a certain period of time and enable us to recognise your browser on your next visit (so-called persistent or protocol cookies). The purpose of using these cookies is to provide you with the best possible user experience, to “recognise” you and to present you with as varied a website and new content as possible when you return.

Cookies from partner firms or third parties may be used, for example, to collect information for advertising, customised content or statistics (“Third Party Cookies”). Unless we indicate that the cookie originates from a third party, the cookie originates from our site (“First Party Cookies”). We will inform you separately about any third party cookies or tracking technologies that we use in the following sections of our Privacy Policy.

Flash cookies are stored on your computer as data elements of web pages when they are operated using Adobe Flash. Flash cookies do not have a time limit.

For more information about which cookies we use to make the Website more user-friendly, what purpose they serve and what data is stored with them or transmitted to third parties, please refer to our cookie management tool „Borlabs Cookie” from the provider Borlabs GmbH, Hamburger Straße 11, 22083 Hamburg (hereinafter referred to as „Borlabs“) through which you can give your consent to the use of cookies when you visit our Website in accordance with the preferences you have selected.

When you access our Website, Borlabs Cookies shows you a list of cookies divided into functional groups by means of a pop-up window, explains the purpose of the cookie functional groups and the individual cookies as well as their storage duration under the selection “Individual Privacy Preferences”. You can then switch on the cookies divided into function groups by clicking on the corresponding box and give your consent to the use of the cookies, or give your consent to all cookies. Please note that the technically essential cookies are already stored when you enter our Website and the corresponding field is preset.

Legal basis and purposes of data processing

The legal basis for the processing of personal data using technically necessary cookies within the meaning of Section 25 para 2 TDDDG is Art. 6 para 1 lit. f GDPR, insofar as these contain personal data. As the Website operator, we have a legitimate interest in the best possible functionality and security of the Website as well as a user-friendly and effective design of the site visit, unless we ask you for your consent in accordance with Section 25 para 1 sentence 1 TDDDG.

For this purpose, we have integrated Borlab Cookies which makes it easier for users to give or manage consent for the individual categories of cookies we use. CookieHub blocks all categories of cookies that are not essential for the proper functioning of the Website unless you give your consent to the use of additional tools. When accessing our Website, users are shown a banner. By clicking on the „I accept all“ button, you can either allow all cookies or decide individually via the „Individual Privacy Preferences“ button (by activating the individual selection sliders and clicking on the final button), for which cookies and/or cookie-based applications you give your consent, or reject all non-essential cookies by clicking on the „Accept only essential cookies “ button.

The purpose of the use of technically necessary cookies is to facilitate the use of websites for users. Some functions of our Website cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognised after a page change

Otherwise, the purpose of the cookies we use in the categories of user settings, analytical cookies, marketing cookies) depends on the services used and is clarified in the following sections of the data protection information.

The legal basis for the data processed using our cookie management tool is Art. 6 para. 1 lit. c GDPR with regard to user consent data, otherwise Art. 6 para. 1 lit. f GDPR and Section 25 para. 2 no. 2 TDDDG. As a website operator, we have a legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and the legally compliant design of our Website.

Retention period / Right of objection and deletion

Cookies are stored on the user’s computer and transferred to our Website by the user. Therefore, as a user, you have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your internet browser. Cookies that have already been stored can be deleted at any time. This can also be done automatically.

For example, you can opt out of the use of cookies for online marketing purposes, particularly in the case of tracking, through the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/ or generally at http://optout.aboutads.info.

You can of course also use our cookie management tool. 

If you disable cookies for our Website, you may not be able to use all the features of the Website.

III. Statistical analysis of the Website / increasing reach of the Website

1. Google Analytics and Google Site Kit

Description of data processing

For our Website we use functions of the web analysis service Google Analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google“), a subsidiary of Google LLC Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics also uses so-called “cookies”. The information generated by the Google cookie about your use of this Website will generally be transmitted to and stored by Google on servers in the United States. Google processes the data and we receive reports about your user behavior. These may include the following reports:

• Target group reports: We use target group reports to get to know our users better and know more precisely who is interested in our service.
• Behavioral reports: Here we learn how you interact with our Website. We can track which path you take on our site and which links you click on.
• Real-time reports: Here we always find out immediately what is happening on our Website. For example, we can see how many users are currently reading this text.

Google Analytics uses a tracking code to create a random, unique ID that is linked to your browser cookie. This is how Google Analytics recognizes you as a new user. The next time you visit our Website, you will be recognized as a “returning” user. All collected data is stored together with this user ID. This makes it possible to evaluate pseudonymous user profiles.

Identifiers such as cookies are used to measure your interactions on our Website. Interactions are all types of actions that you perform on our Website. If you also use other Google systems (such as a Google account), data generated via Google Analytics may be linked to third-party cookies. Google does not pass on any Google Analytics data unless we as the Website operator authorize this. Exceptions may be made if required by law. The cookies used by Google Analytics can be found in the detailed information of our cookie management tool Borlab Cookies, which you can access there under „Settings“.

Our Website uses Google Analytics exclusively using the extension “anonymizeIp()”. Your IP address will therefore not be stored completely and will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area prior to transmission to the USA. The identification of the visitor of the web page is impossible. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. Visitor to the Website cannot be identified. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. The following is an overview of the most important data collected by Google Analytics:

• Heatmaps: Google creates so-called heatmaps. Heatmaps allow you to see exactly those areas that you click on. This gives us information about where you are “traveling” on our Website.
• Session duration: Google defines session duration as the time you spend on our Website without leaving it. If you have been inactive for 20 minutes, the session ends automatically.
• Bounce rate: A bounce is when you only view one page on our Website and then leave our Website again.
• Account creation: When you create an account on our Website or place an order, Google Analytics collects this data.
• Location: The IP address can be used to determine the country and your approximate location. This process is also known as IP location determination.
• Technical information: Technical information includes your browser type, your internet provider or your screen resolution.
• Source of origin: Google Analytics and We are of course also interested to know about website or advertisement from which you switched to our Website.

We have also integrated Google’s Google Site Kit WordPress plugin into our website. With Google Site Kit, statistics from other Google products we use (Google Analytics, Google Tag Manager and Google AdSense, see the following sections) can be viewed directly in our WordPress dashboard after linking to Site Kit. We provide information about the data processing practices of each Google service in the respective sections of this privacy policy.

The list is not exhaustive and only serves as a general guide to data storage by Google Analytics. For further information on the processing of data by Google, please read Google’s privacy policy: https://policies.google.com/privacy?hl=de

Legal basis and purposes of data processing

We use Google Analytics to evaluate the use of our Website and services, to compile reports on the activities on our Website and services and to provide us with other services related to the use of our Website and services and internet usage. We also use Google Analytics to analyze data from AdWords for statistical purposes. Since we as Website and service operators have a great interest in this analysis of user behavior in order to optimize both our Website and our offers and advertising placed there, we ask you to give your consent to the use of Google Analytics and the storage of Google Analytics cookies on the basis of § 25 para. 2 TDDDG.

The information generated by the cookie on your use of our Website or our services is generally transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Nevertheless, in exceptional cases, the full IP address may be transmitted to a Google server in the USA and shortened there. By giving your consent to the use of cookies by Google Analytics, you also agree, that your data may be processed in the US, in accordance with Art. 49 Para. 1 S. 1 lit. a GDPR. The US are considered by the European Court of Justice to be a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly without the possibility of legal recourse. If you click on the button “reject all”, the described transmission to Google will not take place. You can revoke the consent you have given us at any time with effect for the future.

Google will use the information for the purpose of evaluating your use of the Website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google has contractually agreed not to link your IP address with other Google data. We have concluded a contract with Google for data processing on behalf and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Retention period / Right of objection and deletion

Cookies are stored on the user’s computer and transmitted to our site by the user. Therefore, you as a user have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our Website, it is possible that all functions of the Website can no longer be used to its full extent.

By installing the browser add-on to deactivate Google Analytics (http://tools.google.com/dlpage/gaoptout?hl=de), you can object to its use. By doing so, you inform Google Analytics that no information about the Website visit should be transmitted to Google Analytics.

Furthermore, you can install an opt-out cookie on your device via this link https://developers.google.com/analytics/devguides/collection/gajs/?hl=de#disable, in particular for browsers of mobile devices, so that the collection of data by Google Analytics on our Website is prevented in the future. Please note that if you delete cookies from your end device, you must also reinstall the opt-out cookie

Alternatively, you can also set your cookie preferences using the cookie management tool Borlab Cookies that we have integrated.

IV. More information about the processes, plug-ins and tools used to design the Website

1. SSL- or TLS encryption

Our Website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

2. Integration of content via YouTube

Description of data processing

From time to time, we use content and services provided by YouTube LLC, 901 Cherry Ave. San Bruno, California, CA 94066, United States (hereinafter: “YouTube”), a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States, which is offered in Europe by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: “Google”), in order to integrate video content on our website by means of a plugin.

Our YouTube videos are all integrated in ‘extended data protection mode’, i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play videos will the following data be transmitted. We have no influence on this data transfer.

If you want to play the videos embedded on our website using this plugin (by clicking the play button), your IP address will be sent to YouTube, as YouTube cannot send the video content to your browser without the IP address. The IP address is therefore required for the display. The YouTube server is also informed which subpage of our website you have visited. As soon as you visit one of our pages that has a YouTube video embedded, YouTube sets at least one cookie that stores this data.

If you are logged into your YouTube account as a YouTube member, you also enable YouTube to assign your usage behaviour directly to your personal profile when you play our videos. However, we have no influence on the scope and further use of the data collected and processed by YouTube.

According to Google, user data is analysed by Google in the context of YouTube, in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

Further information on data processing by YouTube can be found in the data protection information applicable to YouTube: https://policies.google.com/privacy?hl=de&gl=de

Legal basis and purposes of data processing

The use of YouTube is based on our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR to provide video content on our website. YouTube is the video platform with the most visitors and the best content. We endeavour to offer you the best possible user experience on our website. And of course, interesting videos are a must. With the help of our embedded videos, we provide you with further helpful content in addition to our texts and images. In addition, our website is easier to find on the Google search engine thanks to the embedded videos.

If you have given your consent via our cookie consent tool, the data processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR or § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device within the meaning of the TDDDG. Consent given by our users can be revoked at any time.

Retention period / Right of objection and deletion

To prevent the assignment described above, log out of your profile on YouTube before playing our video content. You have further options for restricting the processing of your data in the general settings of your Google account. In addition to these tools, Google also offers specific data protection settings for YouTube. You can find out more about this in Google’s guide to data protection in Google products::

https://policies.google.com/technologies/product-privacy?hl=de&gl=de

Alternatively, you can also set your cookie preferences using the cookie management tool we have integrated. There you will also find further details on storage duration.

3. Integration of content via Vimeo

Description of data processing

On the basis of our legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR), we use content or service offers from Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA (hereinafter: “Vimeo”) on our website to integrate video content on our website by means of a plugin. If you want to play the embedded videos using this plugin (by clicking the play button), a connection is established between your browser and a Vimeo server and your IP address is sent to Vimeo, as Vimeo cannot send the video content to your browser without the IP address. The IP address is therefore required for the display.

Our Vimeo videos are all integrated in “do-not-track mode”, i.e. no data about you as a user is transferred to Vimeo if you do not play the videos and only a minimal amount of data is transferred to Vimeo when you play them. Only when you play videos will the following data be transmitted. Furthermore, details of your interaction (e.g. click on the play button) are transmitted to the Vimeo server and stored there, as well as information about which subpage of our website you have visited. This data transfer is neither initiated by us nor do we have any influence over it. If you are logged into your Vimeo account as a Vimeo member, you also enable Vimeo to assign your usage behaviour directly to your personal profile when you play our videos on the basis of the user contract you concluded with Vimeo when you registered your member account. Vimeo uses cookies or comparable recognition technologies (e.g. device fingerprinting) to recognise Website visitors.

We have no influence on the scope and further use of the data collected and processed by Vimeo. According to Vimeo, user data collected via your user account is analysed by Vimeo in particular to provide needs-based advertising and to inform other users of the Vimeo platform about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Vimeo to exercise this right.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission and, according to Vimeo, on “legitimate business interests”. You can find details here: https://vimeo.com/privacy.

Further information on data processing by Vimeo can be found in the data protection information applicable to Vimeo: https://vimeo.com/privacy

Legal basis and purposes of data processing

The use of Vimeo is based on our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR to provide video content on our website. We endeavour to offer you the best possible user experience on our website. And of course, interesting videos are a must. With the help of our embedded videos, we provide you with further helpful content in addition to our texts and images.

If you have given your consent via our cookie consent tool, the data processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR or § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device within the meaning of the TDDDG. Consent given by our users can be revoked at any time.

Retention period / Right of objection and deletion

To prevent your data from being assigned, log out of your Vimeo profile before playing our video content. You have further options for restricting the processing of your data in the general settings of your Vimeo account. In addition to these tools, Vimeo also offers specific data protection settings. Alternatively, you can also set your cookie preferences using the cookie management tool we have integrated. There you will also find further details on storage duration.

4. Integration of Google Maps content

Description of data processing

We use Google Maps to display interactive maps and provide directions.

In order to use the Google Maps feature, it is necessary to store your IP address. For this purpose, each time you access Google Maps, Google sets a cookie as defined in Part B, Section II in order to process user settings and data when the page on which the Google Maps component is integrated is displayed. In particular, Google receives information that you have accessed the relevant sub-section of our Website. This cookie is not usually deleted when you close your browser, but will expire after a certain period of time unless you manually delete it first. This information is usually transferred to a Google server in the USA and stored there.

We have no control over this data transfer. If Google Maps is enabled, Google may use Google Fonts to standardise the display of fonts. When you access Google Maps, your browser caches the required web fonts in order to display text and fonts correctly. Google stores your data as user profiles and uses them for the purposes of advertising, market research and/or the customised design of its website. According to Google, such an evaluation is carried out in particular (even for users who are not logged in) to provide customised advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. For more information on how Google handles personal data, your rights to Google and setting options to protect your privacy, please refer to http://www.google.de/intl/de/policies/privacy.

Legal basis and purposes of data processing

The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Google also processes your personal data in the USA and is certified in accordance with the ‘”EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be found at the following link: https://www.dataprivacyframework.gov/list. Furthermore, the data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ und https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

Retention period / Right of objection and deletion

If you do not agree to this processing of your data, you have the option of deactivating the Google Maps service and thus preventing the transfer of data to Google. To do this, you must deactivate the Java Script function in your browser. However, we would like to point out that in this case you will not be able to use Google Maps, or only to a limited extent.

If you are logged into your Google user account during use, the aforementioned data will be assigned directly to your account. If you do not want this allocation, you must log out of your Google user account before using the Google Maps functions.

5. Google Fonts (local hosting)

Description of data processing

We design our Website with fonts from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, which are offered in Europe by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google“) and use the fonts from the “Google Web Fonts” service, which enables access to the Google font library. To make the fonts available, your browser loads the required Google fonts into your browser cache. 

This is necessary so that your browser can display a visually improved presentation of our texts and to correctly display the fonts used for this purpose. In doing so, we process the IP address of the browser to which this content is to be delivered when our website is accessed.

As we store the Google Fonts locally, to our knowledge no further data should be transferred to Google in the USA. However, we have no influence on the scope and further use of the data collected and processed by Google through the use of Google Web Fonts.

Legal basis and purposes of data processing / Retention period / Right of objection and deletion

The integration of Google Fonts is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR in the attractive design of our website and the technically secure and simple integration and presentation of fonts, their uniform presentation and the consideration of licensing restrictions when integrating the fonts.

The collection of data for the provision of the website is absolutely necessary for the operation of our website. Consequently, there is no possibility for the user to object

Insofar as Google Web Fonts carries out further independent processing of the data, Google is solely responsible for this. For more information on data protection and the storage period of the data collected by Google, please refer to Google’s privacy policy at: https://policies.google.com/privacy?hl=de&gl=de. Information about Google Web Fonts can be found at: https://fonts.google.com/, https://developers.google.com/fonts/faq?hl=de-DE&csw=1 and https://www.google.com/fonts#AboutPlace:about. 

Google is certified in accordance with the “EU-US Data Privacy Framework” (DPF).

V. Links to other websites

Our Website may contain links to other websites. We have no influence whatsoever on the content or design of other providers’ websites. The statements in this privacy policy therefore do not apply to external providers to whose offers or content we merely link with.

If you are forwarded via links from our Website to other websites, please inform yourself there about the respective handling of your Data.

VI. Internet Presences on social networks and platforms

Description of data processing

We maintain other Internet Presences within social networks and/or industry networks (e.g. LinkedIn) (hereinafter also referred to as “SN“) and platforms and link to these from our Website. By clicking on the respective buttons (recognisable by the respective logos of the social networks or platforms), you can access the respective Internet Presence on the SN. The purpose of these Internet Presences is to communicate with active clients, interested parties and users and to inform them about our services.

When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of the respective operators apply.

As the use of SN takes place outside of our Website, we have no control over it, unless otherwise stated below. However, please note that if you use the above-mentioned platforms and networks to which we link, Data may also be processed in the USA by these SN companies and may also be processed by the respective operators for market research and advertising purposes, including the creation of user profiles. If you are logged in to the relevant networks and platforms, they may also store cookies on your device that track your use of websites and other information about your usage behaviour.

Unless otherwise stated in our Privacy Policy, we only process users’ Data when they communicate with us within the social networks and platforms, such as by posting comments or sending us messages.

In order to make it easier for you to find out more about their data processing practices and how to opt-out, we refer you to the privacy policies and information provided by the operators of the respective SN below.

Legal basis and purposes of data processing

We process your Data only in the context of direct contact with us via the relevant social network or interaction with our Internet Presence there or its content. Unless otherwise stated in our Privacy Policy, we process Data on the basis of our legitimate interests pursuant to Art. 6 para 1 lit. f GDPR for the effective information of users and communication only insofar as they communicate with us within the social networks and platforms (e.g. when users write posts on our online presences or send us messages). If your contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

Otherwise, to the extent that Data is processed in connection with our appearance on a SN and the respective SN alone decides on the purposes and means of the processing, the respective SN is the sole controller of the processing. Please carefully consider what Data you share with us via a SN appearance. If you do not wish the SN to process the Data you provide to us, please contact us by other means.

Retention period / Right of objection and deletion

If you are a member of one of the SNs on which we maintain an Internet Presence and you do not want the SN to collect Data about you via our site and link it to your Data with the SN, you must log out of your SN before visiting our Website. For a detailed description of the respective processing, information on the duration of data storage by the respective SN and the opt-out options, please refer to the information provided by the providers linked below.

Similarly, in the case of requests for information and enforcement of users’ rights, we point out that the most effective way to do this is to contact the providers. Only the providers have access to users’ data and can directly take appropriate action and provide information. If you still need help, please contact us.

LinkedIn

LinkedIn is a service of LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA, operated in Europe by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. LinkedIn is an Internet-based social network that enables users to connect with existing business contacts and make new business contacts. Over 400 million registered people use LinkedIn in more than 200 countries. This makes LinkedIn currently the largest platform for business contacts and one of the most visited websites in the world.

Each time you visit our Website, which is equipped with a LinkedIn component (LinkedIn plug-in), this component causes the browser used by the data subject to download a corresponding representation of the LinkedIn component. Further information about the LinkedIn plug-ins may be accessed under https://developer.linkedin.com/plugins. As part of this technical process, LinkedIn receives information about which specific subpage of our Website is visited by the data subject.

If the data subject is logged in to LinkedIn at the same time, LinkedIn recognizes which specific subpage of our Website the data subject is visiting each time the data subject accesses our Website and for the entire duration of their stay on our Website. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the data subject. If the data subject clicks on one of the LinkedIn buttons integrated on our Website, LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data.

LinkedIn always receives information via the LinkedIn component that the data subject has visited our Website if the data subject is logged in to LinkedIn at the same time as accessing our Website; this takes place regardless of whether the data subject clicks on the LinkedIn component or not. If the data subject does not want this information to be transmitted to LinkedIn, they can prevent the transmission by logging out of their LinkedIn account before accessing our Website.

LinkedIn offers the option to unsubscribe from email messages, SMS messages and targeted ads and to manage ad settings at https://www.linkedin.com/psettings/guest-controls. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, which may set cookies. Such cookies can be rejected at https://www.linkedin.com/legal/cookie-policy or https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out . The applicable data protection provisions of LinkedIn may be retrieved under https://www.linkedin.com/legal/privacy-policy LinkedIn’s cookie policy is available at https://www.linkedin.com/legal/cookie-policy.

VII. Active use of our Website and services

1. Contact form and e-mail contact

Description of data processing

We implemented a contact form on our Website that can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored:

• Salutation
• Name (mandatory)
• E-mail (mandatory)
• Firm
• Message (mandatory)

At the time you send your message via one of our contact forms, the following data is also stored

• the IP address of the user
• Date and time of use of the form

Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored.

Legal basis and purposes of data processing

The legal basis for the processing of data transmitted in the course of sending a contact form request or an E-Mail is Art. 6 para. 1 lit. f GDPR. If the contact form request or the e-mail contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

The processing of the personal data from the contact form serves us solely to process the contact. If you contact us by email, this also constitutes the necessary legitimate interest in processing the data.

The information provided by users may also be stored in our CRM system or comparable inquiry organization on the basis of our legitimate interests.

The other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.

Retention period / Right of objection and deletion

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input screen of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified and no legal requirements necessitate longer storage.

Users have the option of withdrawing their consent to the processing of personal data at any time. If a user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

All personal data stored in the course of contacting us will be deleted in this case, unless legal requirements require longer storage.

2. Surveys

Description of data processing

From time to time, we ask existing customers, employees or other business contacts who have agreed to be contacted by e-mail to take part in surveys (e.g. on customer satisfaction). Participation in a survey is voluntary.

The scope of the data also depends on the information provided by the participant, particularly if the question is openly formulated. The following personal data may be processed:

• IP address
• User name, display name, e-mail address,
• Profile picture (if stored in Microsoft 365)
• Preferred language
• Status (if stored in Microsoft 365)
• Date and time the questionnaire was opened
• Date and time the response was sent
• Information in the survey: This information is specific to the survey. The survey participant determines which data is transmitted when free text is entered in answer fields.

Anonymous participation: If a survey participant takes part in a survey anonymously, the data they enter in the corresponding survey form will be transmitted to us and stored without their name or contact address. The response does not contain any contact information and cannot be traced by us. In this case, only the usage data collected as a visitor to our Website or as part of the technical provision of the survey (so-called “log files”, in particular the IP address) are recorded.

Legal basis and purposes of data processing / Data recipient

The legal basis for the processing of the data transmitted to us in the course of sending a survey is our legitimate interest in optimising our products and services and market research, as well as in the associated technical implementation of the survey or preventing misuse of the survey form and ensuring the security of our information technology systems (Art. 6 para. 1 lit. f GDPR), unless we ask the participant for their consent in accordance with Art. 6 para. 1 lit. a GDPR and we have this consent. In individual cases, a survey may also serve the fulfilment of a contract (Art. 6 para. 1 lit. b GDPR).

On the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) in conjunction with Art. 28 GDPR. Art. 28 GDPR, we use Microsoft Forms for our online-based surveys to send the survey emails and for the technical implementation of the surveys. Microsoft Forms is a service of Microsoft Corporation, provided in Europe by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland. In this respect, Microsoft acts as our processor. Microsoft cookies are used on the survey page to provide the Microsoft Forms service. Insofar as “Microsoft Forms” independently processes personal data or uses cookies, Microsoft is responsible for data processing. Further information on data protection at Microsoft can be found at privacy.microsoft.com/de-de/privacystatement.

Further information on data protection in the context of Microsoft Forms and on Microsoft’s other processing purposes can be found at support.microsoft.com/de-de/office/sicherheit-und-datenschutz-in-microsoft-forms-7e57f9ba-4aeb-4b1b-9e21-b75318532cd9

Retention period / Right of objection and deletion

Survey data will be deleted as soon as the survey has been completed and analysed. The participant has the option at any time to revoke any consent they have given to the processing of their personal data for the purpose of conducting surveys. Withdrawal or non-granting of consent does not result in any disadvantages.

3. Newsletter

Description of data processing

We would like to inform our business customers and interested parties at regular intervals with promotional messages about our services, products, events or other offers, innovations or news from us by e-mail or other electronic notifications (hereinafter referred to as “Newsletter“). We may also request the provision of this data in return for the provision of a file download. We require your e-mail address for this purpose. In the respective newsletter registration forms, further information may be requested in order to provide you with personalised content tailored to your interests.

You can subscribe to our newsletters by using the corresponding function of a registration form to subscribe to our newsletter or during a registration process by ticking a box (so-called opt-in). For this purpose, we provide various options for registering for our (possibly topic-specific) newsletters on our Websites or in the context of registration or order interfaces. The details of the respective contents of the newsletters are specifically described in the respective registration form. This description is decisive for your consent. We use the Subscribe to Download plugin from the provider WP Shuffle for the display and function of the corresponding input masks.

In addition to your e-mail address and name, the IP address and the registration date (“timestamp”) will be stored for verification purposes when sending the newsletter.

Following your registration, we will send you an e-mail asking you to confirm your newsletter subscription again (so-called double opt-in procedure). This confirmation is necessary to rule out the possibility that someone else has misused your e-mail address to subscribe to our newsletter under a different address. Your e-mail address will only be activated for sending newsletters once the hyperlink in the e-mail has been activated.

After you unsubscribe from the newsletter distribution list, we may store your e-mail address in a blacklist if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data.

Legal basis and purposes of data processing / Data recipient

The legal basis for the dispatch of newsletters is the consent given by you as the recipient pursuant to (Art. 6 para. 1 lit. a GDPR, Art. 7 GDPR in conjunction with Section 7 para. 2 no. 3 of the German Law Against Unfair Trade (Gesetz gegen unlauteren Wettbewerb, “UWG”), or if consent pursuant to Section 7 para. 3 UWG is not required for existing customers, on the basis of our legitimate interest in direct marketing measures pursuant to Art. 6 para. 1 lit. f GDPR in conjunction with Section 7 para. 3 UWG. Section 7 para. 3 UWG.

The logging of the registration procedure is based on our legitimate interests pursuant to Art. 6 Para. 1 lit. f GDPR in a secure and targeted newsletter system that meets both our business sales interests and the ideas and needs of the recipients, as well as the verifiability of the consents given.

The storage of your e-mail address in a blacklist after you have been removed from the newsletter distribution list serves both your interest and our interest in complying with the legal requirements when sending newsletters (Art. 6 para. 1 lit. f GDPR).

Retention period / Right of objection and deletion

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected by this.

You can object to the sending of the Newsletter at any time or revoke your consent to receive the Newsletter in whole or in part. You will find an unsubscribe link at the end of each Newsletter. You can also contact us directly using our contact details.

By unsubscribing the Newsletter, the business communication is not affected. Your data will be stored by us for the purpose of contract processing, our support and services, software updates or registration for events. In addition, we reserve the right to store the necessary proofs until the statutory limitation periods have expired in order to provide evidence of a legally compliant newsletter mailing

Storage in the blacklist is not limited in time.

C. Miscellaneous

Due to the further development of our Website, our services or our other offers as well as due to changed legal or official requirements, it may become necessary to change this privacy policy. You can access the current Privacy Policy at any time on our Website at www.microsys.de/de/datenschutz and print it out if required.