This Privacy Policy informs you about the nature, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within our online offering and the associated websites, functions, and content, as well as external online presences, such as our social media profiles (collectively referred to as the "online offering").
With regard to the terminology used, such as "processing" or "controller," we refer to the definitions set out in Article 4 of the General Data Protection Regulation (GDPR).
Montibor GmbH
Aignerstr. 2
81541 Munich
E-Mail: office@montibor.com
Visitors and users of the online offering (hereinafter collectively referred to as "users").
Personal data refers to any information relating to an identified or identifiable natural person ("data subject"). An identifiable person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier (e.g. cookie), or one or more characteristics expressing the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
Processing means any operation or set of operations performed on personal data, whether or not by automated means. The term is broad and includes virtually any handling of data.
The controller is the natural or legal person, authority, institution, or other body which alone or jointly determines the purposes and means of the processing of personal data.
In accordance with Article 13 of the GDPR, we inform you of the legal bases on which we process personal data. Unless a specific legal basis is stated in this Privacy Policy, the following applies:
Where, in the course of our data processing, we disclose personal data to other individuals or companies (processors or third parties), transfer such data to them, or otherwise grant them access to the data, this is carried out only on the basis of a legal authorization. Such authorization may exist, for example, where the transfer of data to third parties—such as payment service providers—is necessary for the performance of a contract pursuant to Article 6(1)(b) GDPR, where you have given your consent, where a legal obligation requires such disclosure, or where it is based on our legitimate interests (e.g. in the use of agents, web hosting providers, etc.).
Where we engage third parties to process data on our behalf on the basis of a so-called data processing agreement ("Auftragsverarbeitungsvertrag"), this is carried out in accordance with Article 28 GDPR.
Where we process personal data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)), or where such processing occurs in the context of using third-party services or through the disclosure or transfer of data to third parties, this takes place only if it is necessary for the fulfillment of our (pre-)contractual obligations, based on your consent, due to a legal obligation, or on the basis of our legitimate interests.
Subject to statutory or contractual permissions, we process or arrange for the processing of data in a third country only where the specific requirements of Articles 44 et seq. GDPR are met. This means, for example, that processing is carried out on the basis of appropriate safeguards, such as an officially recognized decision confirming an adequate level of data protection equivalent to that of the EU (e.g. for the United States through the former "Privacy Shield") or compliance with officially recognized contractual obligations (so-called "Standard Contractual Clauses").
"Cookies" are small files that are stored on users' devices. Cookies may contain various types of information. A cookie primarily serves to store information about a user (or the device on which the cookie is stored) during or after their visit to an online service.
Temporary cookies, also referred to as "session cookies" or "transient cookies," are deleted after a user leaves an online service and closes their browser. Such cookies may, for example, store the contents of a shopping cart in an online shop or a login status.
"Permanent" or "persistent" cookies remain stored on the user's device even after the browser is closed. This allows, for example, the login status to be stored when users revisit the website after several days. In addition, such cookies may store users' interests, which are used for reach measurement or marketing purposes.
"Third-party cookies" are cookies that are offered by providers other than the controller operating the online service. If only cookies of the controller are used, these are referred to as "first-party cookies."
We may use temporary and permanent cookies and provide information about this use within this privacy policy.
If users do not wish cookies to be stored on their device, they are requested to deactivate the corresponding option in their browser settings. Stored cookies may be deleted via the browser settings at any time. Please note that disabling cookies may result in functional limitations of this online service.
A general objection to the use of cookies for online marketing purposes may be declared for many services,
particularly for tracking, via the U.S. website
http://www.aboutads.info/choices/
or the EU website
http://www.youronlinechoices.com/
In addition, cookies may be disabled by adjusting the browser settings. Please note that in this case, not all functions of this online service may be available.
The personal data processed by us is deleted or restricted in accordance with Articles 17 and 18 GDPR. Unless explicitly stated otherwise in this privacy policy, stored data is deleted as soon as it is no longer required for its intended purpose and no statutory retention obligations prevent deletion.
If data is not deleted because it is required for other legally permissible purposes, its processing is restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
In Germany, statutory retention periods apply in particular for six years pursuant to Section 257(1) of the German Commercial Code (HGB) (e.g. commercial books, inventories, opening balance sheets, annual financial statements, commercial correspondence, accounting documents) and for ten years pursuant to Section 147(1) of the German Fiscal Code (AO) (e.g. books, records, management reports, accounting documents, commercial and business correspondence, and documents relevant for taxation).
In Austria, statutory retention periods apply in particular for seven years pursuant to Section 132(1) of the Federal Fiscal Code (BAO) (e.g. accounting records, receipts/invoices, accounts, business documents, income and expenditure statements), for twenty-two years in connection with real estate, and for ten years for documents relating to electronically supplied services, telecommunications, broadcasting, and television services provided to non-taxable persons in EU member states where the Mini One Stop Shop (MOSS) scheme is used.
The hosting services used by us serve to provide the following services: infrastructure and platform services, computing capacity, storage space, database services, security services, and technical maintenance services, which we use for the purpose of operating this online service.
In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, and meta and communication data of customers, interested parties, and visitors to this online service on the basis of our legitimate interests in the efficient and secure provision of this online service pursuant to Article 6(1)(f) GDPR in conjunction with Article 28 GDPR (conclusion of a data processing agreement).
We, or our hosting provider, collect data on the basis of our legitimate interests pursuant to Article 6(1)(f) GDPR regarding each access to the server on which this service is located (so-called server log files).
The access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address, and the requesting provider.
Log file information is stored for security reasons (e.g. to investigate misuse or fraud) for a maximum period of seven days and is then deleted. Data whose further retention is required for evidentiary purposes is excluded from deletion until the respective incident has been conclusively clarified.
When contacting us (e.g. via contact form, email, telephone, or social media), the information provided by users is processed for the purpose of handling the contact request and its execution pursuant to Article 6(1)(b) GDPR. User information may be stored in a customer relationship management system ("CRM system") or a comparable inquiry management system.
We delete inquiries once they are no longer required. The necessity of retention is reviewed every two years; statutory archiving obligations remain unaffected.
When you submit a contact inquiry via our website contact form, we collect and process the following data: your email address and the content of your inquiry. The legal basis for processing is Article 6(1)(b) GDPR (performance of a contract or pre-contractual measures). Your data is stored solely for the purpose of responding to your inquiry and is deleted once the matter has been conclusively resolved, unless statutory retention obligations apply. We do not share your contact form data with third parties.
Our website offers the option to subscribe to a newsletter. We use a double opt-in process: after entering your email address, you will receive a confirmation email containing a unique verification link. Your subscription is only activated once you click this link. This ensures that no one can subscribe using another person's email address.
When you subscribe, we store: your email address, a confirmation token, an unsubscribe token, and the date/time of subscription and confirmation. The legal basis for processing is your consent pursuant to Article 6(1)(a) GDPR.
You may withdraw your consent and unsubscribe at any time by clicking the unsubscribe link included in every newsletter email. Upon unsubscription, your data is deleted from our mailing list. You may also request deletion of your subscription data by contacting us at office@montibor.com.
Under the GDPR, you have the following rights regarding your personal data:
To exercise any of these rights, please contact us at office@montibor.com. We will respond to your request within 30 days. You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).
Within our online service, we use content or service offerings from third-party providers on the basis of our legitimate interests (i.e. interest in the analysis, optimization, and economic operation of our online service pursuant to Article 6(1)(f) GDPR) in order to integrate their content and services, such as videos or fonts (hereinafter collectively referred to as "content").
This always requires that the third-party providers of such content are aware of the users' IP address, as they could not send the content to the users' browser without it. The IP address is therefore required to display this content. We endeavor to use only such content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes.
Through these pixel tags, information such as visitor traffic on the pages of this website may be evaluated. The pseudonymous information may also be stored in cookies on users' devices and may include technical information about the browser and operating system, referring websites, visit time, and other information regarding the use of our online service, as well as be combined with such information from other sources.
Youtube
We integrate videos from the platform YouTube, operated by Google LLC, 1600 Amphitheatre Parkway, Mountain
View, CA 94043, USA.
Privacy Policy: https://www.google.com/policies/privacy/
Opt-Out: https://adssettings.google.com/authenticated.
Google Maps
We integrate maps provided by the service Google Maps, operated by Google LLC, 1600 Amphitheatre Parkway,
Mountain View, CA 94043, USA.
Privacy Policy: https://www.google.com/policies/privacy/
Opt-Out: https://adssettings.google.com/authenticated.
Google Fonts
We integrate fonts ("Google Fonts") provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA
94043, USA.
Privacy Policy: https://www.google.com/policies/privacy/
Opt-Out: https://adssettings.google.com/authenticated.