Privacy policy

1. Data protection at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text.

Data collection on our website
Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the legal notice of this website.

How do we collect your data?

On the one hand, your data is collected when you provide it to us (e.g. by contacting us via the contact channels provided).
Your data is also collected and processed if you provide it to us for the performance of a contract or when opening a customer account. Which data is collected can be seen from the respective input forms.
Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.
Information on the scope of the specific data processing can be found below under section 3.

What do we use your data for?

Some of the data is collected to ensure that the website is provided without errors. Data may also be processed to ensure the proper execution of concluded contracts, to answer any user inquiries in a targeted manner and to inform our existing customers about relevant technological innovations, events and webinars.
Data is also used for analysis purposes. This data helps us to understand how our visitors use the website (e.g. analysis of website visitor numbers).

What rights do you have regarding your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.
You also have the right to request the restriction of the processing of your personal data under certain circumstances. For details, please refer to the privacy policy under “Right to restriction of processing”.

2. General notes and mandatory information

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Information on the controller

The controller responsible for data processing on this website is:
Microstaxx GmbH
Managing Director: Christian Hoffmann
Wilhelm-Kuhnert-Straße 26
81543 München
Phone: +49-89-413266-0
E-mail: info@microstaxx.de
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Data protection officer required by law

We have appointed a data protection officer for our company.
You can contact our data protection officer as follows:
Phone: +49-89-413266-0
E-mail: datenschutz@microstaxx.de

Withdrawal of your consent to data processing

Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. All you need to do is send us an informal e-mail. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

If data processing is carried out on the basis of Art. 6 para. 1 lit. e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims (objection pursuant to Art. 21 (1) GDPR).
If your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR).

Right to lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, erasure and rectification

Within the scope of the applicable statutory provisions, you have the right to obtain information free of charge at any time about your stored personal data, its origin and recipients and the purpose of the data processing and, if applicable, a right to rectification, blocking or erasure of this data. You can contact us at any time at the address given in the legal notice if you have further questions on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address given in the legal notice. The right to restriction of processing exists in the following cases:
• If you dispute the accuracy of your personal data stored by us, we generally need time to check this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
• If the processing of your personal data was/is carried out unlawfully, you can request the restriction of data processing instead of erasure.
• If we no longer need your personal data, but you need it for the exercise, defense or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of its erasure.
• If you have lodged an objection in accordance with Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

Objection to advertising e-mails

We hereby object to the use of contact data published as part of our duty to provide a legal notice to send advertising and information material that has not been expressly requested. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

3. Data collection on our website

Server log files and statistics plugin

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us.
Visits to our website are also recorded by a plugin from WP Statistics for analysis purposes. The IP address and the user agent string are collected each time a page is accessed. The user agent string contains information about the browser or program used to ensure that our website is displayed correctly in the respective environment.
In addition to the IP address and user agent string, the following data is collected each time a page is accessed:
• Page URL: We record the URL of each page accessed on our website and how often it was visited.
• HTTP referrer: We record the referrer website.
• Time of access: The time of the server request is recorded.
• Browser: Browser type and browser version used.
• Operating system: Name and type of operating system used.
• Device type: Device type of the accessing device.
• Host name: The host name of the accessing computer is recorded.
• Country, region, city: We record the location of visitors via the IP address.
This data is recorded in server log files on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – the server log files must be recorded for this purpose.
The collection of data via the WP Statistics plugin is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of website user behavior in order to enable a needs-based website design.
The data collected, including the IP address and the user agent string, are only used for the above-mentioned purposes and are not processed for any other purposes.
This data is not merged with other data sources.
The data collected is stored locally on our WordPress instance (data residence: EU) for a period of 180 days.

Use of Google Analytics

We use the web analysis service Google Analytics 4 (GA4) on our website to analyze your visits to our website and to improve our services. The data is processed on the basis of your express consent in accordance with Art. 6 para. 1 lit. a GDPR, which is requested via our cookie banner. This also gives you the opportunity to object to the use of Google Analytics if you do not agree to the collection of data.
The data collected by Google Analytics is transmitted by Google to the USA and stored on servers there. Furthermore, data transmission to other third countries cannot be ruled out. To ensure an adequate level of data protection, Google uses the EU standard contractual clauses and other protective measures for the transfer of personal data to third countries. Nevertheless, it cannot be ruled out that certain data processing operations are not fully covered by these agreements and that US authorities may gain access to this data under certain circumstances.

Google Analytics collects the following information, among others Your usage behaviour on our website (page views, clicks on external links, scrolling behaviour, file downloads, length of stay), browser and device information (e.g. screen settings, resolution, operating system), search engines and referral links used, URL search parameters and your IP address, which is anonymized as follows when transferred to the USA:
The use of Google Analytics 4 is configured in such a way that your IP address is anonymized by Google at the time of transmission to the USA. Direct personal identification is no longer possible due to IP anonymization.
The data collected will only be used for the above-mentioned purposes and will not be processed for any other purposes, such as for advertising purposes. No profiling takes place.
The user and event data collected by Google Analytics is stored for a maximum period of 14 months and then deleted. Summarized, non-personal analysis data can be stored by Google indefinitely.
You can revoke your consent to the use of Google Analytics at any time with effect for the future by adjusting the settings in our consent tool.
Further information on data processing by Google can be found in Google’s privacy policy: https://policies.google.com/privacy.

Inquiry by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, we will store and process your inquiry including all personal data (name, inquiry) for the purpose of processing your request. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 para. 1 lit. a GDPR) and / or on our legitimate interests (Art. 6 para. 1 lit. f GDPR), as we have a legitimate interest in the effective processing of the inquiries addressed to us.
The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

Subscribe to our newsletter via this website
You can subscribe to our newsletter on this website to receive regular information about new technologies, webinars and events from us by e-mail. For this purpose, we only collect your e-mail address, which you enter in the registration form on our website (opt-in). Your e-mail address is therefore processed on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR.
Technical data such as your IP address, device information or the time of registration may also be collected when you submit the registration form. This data is used to ensure the proper functioning and verifiability of your registration and is collected on the basis of the legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.

Your data will be used exclusively for sending the newsletter and will not be passed on to third parties. You can revoke your consent at any time. All you need to do is unsubscribe via the unsubscribe link in the newsletter (opt-out). After unsubscribing from the newsletter, your e-mail address will be deleted from our mailing list immediately. The legality of the data processing that has already taken place remains unaffected by the revocation.
However, data may still be stored in a blacklist in order to prevent future mailings to this address. This processing is carried out on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR). Statutory retention periods remain unaffected.

Processing of data (customer and contract data)

We collect, process and use personal data only insofar as it is necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. We collect, process and use personal data about the use of our website (usage data) only insofar as this is necessary to enable or charge the user for the use of the service.
In addition, we process personal data from our existing customers in order to provide them with relevant information and updates on the products and/or services offered by us as part of an existing contractual or business relationship (see “E-mail information to existing customers and e-mail invitations to webinars and events”).
The customer data collected will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.

Data transmission upon conclusion of contract for online stores, retailers and shipping of goods

We only transmit personal data to third parties if this is necessary in the context of contract processing, for example to the companies entrusted with the delivery of the goods or the credit institution commissioned with payment processing. Any further transmission of data will not take place or will only take place if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
Data transmission upon conclusion of a contract for services and digital content
We only transmit personal data to third parties if this is necessary in the context of contract processing, for example to the credit institution responsible for processing payments.
Any further transmission of data will not take place or will only take place if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

E-mail information to existing customers and e-mail invitations to webinars and events

We process personal data for our existing customers in order to send them relevant information and updates on the products and/or services we offer as part of an existing contractual or business relationship. This applies either if you have an active contract or business relationship with us or if you have given us a double opt-in, as long as you have not objected. We do this to ensure the long-term satisfaction of our customers. The basis for data processing is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. For the aforementioned purpose, we also reserve the right to regularly send you information and invitations to participate in online seminars (webinars) and events to the e-mail address you have provided.
In addition to your e-mail address, we also process your name and the webinars and events you have attended for this purpose. In the case of e-mails received, we evaluate whether you have opened them or clicked on a link in them (the opening of the e-mail is only registered if images can be displayed in the newsletter. If recipients suppress the display of images, it is not possible to determine whether they have opened the e-mail or not). We do this to measure the success of our e-mail campaigns. Further evaluations or profiling do not take place.
For the efficient management of our e-mail campaigns, we use an EU-hosted online marketing tool (Brevo, formerly Sendinblue), in which your data is stored and which supports us in tracking and analyzing e-mail campaigns.
Your data is generally processed in the European Union. Should a transfer to third countries become necessary, e.g. through the involvement of certain service providers, appropriate protective measures such as standard contractual clauses in accordance with Art. 46 GDPR are used.
Your personal data will be processed for the stated purpose for as long as there is an active customer relationship and you have not objected to the use of your data. You have the right to unsubscribe from e-mails at any time and to object to the processing of your e-mail address and the personal data mentioned with effect for the future (opt-out). To do so, please use the opt-out link provided in each e-mail.
Once you have opted out, your e-mail address will be automatically removed from our mailing list so that you will not receive any further marketing e-mails from us.

E-mail validation

To ensure that we can reach you reliably by e-mail, we use an external service provider (Zero Bounce) to verify e-mail addresses at regular intervals and when a new contact is created. The basis for data processing is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR to check the validity and deliverability of e-mail addresses.
Only your e-mail address will be used for this processing. No further data will be collected.
Your data is generally processed within the European Union. Should a transfer to third countries become necessary, e.g. through the involvement of certain service providers, appropriate protective measures such as standard contractual clauses in accordance with Art. 46 GDPR are used.
Your e-mail address is only stored by Zero Bounce for as long as necessary for validation and is automatically deleted 30 days after verification.

Links

Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click on the LinkedIn “Recommend” button and are logged into your LinkedIn account, LinkedIn is able to associate your visit to our website with you and your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by LinkedIn.
Further information on this can be found in LinkedIn’s privacy policy at https://de.linkedin.com/legal/privacy-policy.
Our website uses functions of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time one of our pages containing Xing functions is accessed, a connection to Xing servers is established. To the best of our knowledge, no personal data is stored in the process. In particular, no IP addresses are stored or usage behavior evaluated.
Further information on data protection and the Xing share button can be found in Xing’s privacy policy at https://privacy.xing.com/de/datenschutzerklaerung.

Contact
Any questions?

Contact us!

Phone: +49-89-413266-0
E-mail: info@microstaxx.de

It’s not always easy to associate trust with IT. Which technologies and structures offer the best performance? The best security? The greatest flexibility? The most comprehensive possibilities for expansion? Whatever requirements you’re focused on, we develop solutions to suit your needs. To secure what you have. To lay the groundwork for new ideas. To take advantage of current developments. And to ensure operations at any time as a managed service provider. This is the meaning of “Trust your IT – managed by Microstaxx.”