Privacy policy information

Privacy policy information (as of 01/2024)

1 Responsible for data processing

miho Inspektionssysteme GmbH
Obervellmarsche Str. 12
34292 Ahnatal

Telefon: +49 5609 8382-0
Fax: +49 5609 6168
E-Mail: info@miho.de

If you have any questions about data protection, please contact us at any time using the above contact details.

2 Data processing on our website

We process your data on the basis of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and all other laws relevant to us under data protection law.

2.1 General collection of data
When you access our website or retrieve a file, data about this process is stored in a log file on our web server. In particular, the following data may be stored

• IP address
• Domain name of the website from which you came
• Names of the files retrieved
• Time of the retrieval
• Name of your internet service provider
• and, if applicable, the operating system and browser version of your end device

We collect this data on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR to ensure the proper functioning of our websites and to detect possible attack scenarios. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.

The data is usually deleted after 7 days. In the case of specific errors or suspected cases, the data is stored until the matter has been clarified. We reserve the right to statistically evaluate anonymized data records.

2.2 Cookies
Some of the Internet pages use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are stored, these are treated separately in this data protection information.

2.3 Contact form
If you send us inquiries via the contact form, your details from the form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions.

The data entered in the contact form is processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) or for the implementation of pre-contractual measures (Art. 6 para. 1 lit. b GDPR). It is not possible to process your request without providing data.

The data you enter in the contact form will remain with us until you ask us to delete it or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

2.4 Newsletter
We only send newsletters with advertising information with the consent of the recipient on the basis of Art. 6 para. 1 lit. a GDPR.

Registration for our newsletter takes place via a double opt-in procedure: After registering, you will receive an email asking you to confirm your registration.

This confirmation is necessary to verify you as the owner of the email. Registration for the newsletter is logged in order to be able to prove registration in accordance with legal requirements.

This includes storing the time of registration and confirmation as well as your IP address. Other data that you entered when registering for the newsletter is also stored. We only use your information other than your e-mail address to personalize the newsletter, for example your name.

You can unsubscribe from the newsletter at any time. You will find a link for this in every newsletter e-mail. The data will be deleted after revocation and expiry of the retention period required for proof.

2.5 Use of advertisting and analysis services
We use the following services of Google Ireland Limited, based in Ireland, on our website to place targeted advertising and improve our website:

• Google DoubleClick
• Google Photos

Some of the tools can recognize website visitors and also assign user behavior and link it to other information.

By using these tools, cookies can be used and data connections to Google LLC servers in the USA can be established as an unsafe third country. Google is certified in accordance with the EU-US Data Privacy Framework in order to nevertheless guarantee an appropriate level of data protection.

The use of these tools is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the analysis of user behavior in order to optimize both the advertising offer and the website. If consent has been requested, the integration takes place on the basis of Art. 6 para. 1 lit. a GDPR. This consent is voluntary and can be revoked at any time.

2.6 Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. When you access a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must connect to Google’s servers. This informs Google that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If consent has been requested, the integration takes place on the basis of Art. 6 para. 1 lit. a GDPR. This consent is voluntary and can be revoked at any time.

By using these tools, cookies can be used and data connections to Google LLC servers in the USA can be established as an insecure third country. Google is certified in accordance with the EU-US Data Privacy Framework to ensure an adequate level of data protection.

If your browser does not support web fonts, a standard font will be used by your computer.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy:
https://policies.google.com/privacy?hl=de.

2.7 YouTube
To embed videos, we use YouTube, a service provided by Google Ireland Ltd, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. The legal basis for embedding the videos is your consent in accordance with Art. 6 para. 1 a GDPR. You can revoke your consent at any time via the data protection settings.

By using these tools, cookies may be used and data connections to Google LLC servers in the USA may be established as an insecure third country. Google is certified under the EU-US Data Privacy Framework to ensure an adequate level of data protection.

You can find more information about data protection at YouTube in their privacy policy at https://policies.google.com/privacy?hl=de

3 Direct advertising and objection

For advertising purposes, we inform customers (on the basis of our legitimate interest in direct advertising in accordance with Art. 6 para. 1 lit. f GDPR) via various communication channels (e.g. e-mail, letter) about new products and offers.

You have the right to object to data processing for direct marketing purposes at any time.

The data required for direct marketing will be stored until you object to direct marketing.

4 Recipients of personal data

We only pass on your data to third parties if this is necessary to fulfill the purpose. Furthermore, data may be passed on to authorities on the basis of legal regulations in accordance with Art. 6 para. 1 lit. c and e GDPR.

In addition, in various cases we use processors in accordance with Art. 28 GDPR, who may receive data from us or have access to your data in connection with their services. In this context, data may also be transferred outside the EU. We make sure that there is either an EU adequacy decision for the destination country in question in accordance with Art. 45 GDPR or that we have concluded a contract with the service providers concerned on the basis of the standard data protection clauses in accordance with Art. 46 para. 2 lit. c GDPR. You can find these here: https://commission.europa.eu/publications/standard-contractual-clauses-international-transfers_de

5 Your legal

You have the following legal rights with regard to your personal data:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object to the processing (Art. 21 GDPR)
• Right to withdraw consent (Art. 7 para. 3 GDPR)
• Right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR)Google Analytics

6 Privacy policy on job applications

We are very happy to see that you would like to apply to us. In the following, we explain how we process your personal information concerning a job application and provide other relevant information in this context.

1. Who is responsible for the processing of your personal data?
miho Inspektionssysteme GmbH, Obervellmarsche Straße 12, 34292 Ahnatal (hereinafter referred to as „we“) is responsible within the meaning of the EU General Data Protection Regulation („DSGVO“).

2. Data Protection Officer
For all questions related to the processing of your personal data and the exercising of your rights under the GDPR, please contact our data protection officer Stefan Pietsch, who can be reached as follows:

Stefan Pietsch
Pietsch IT GmbH
Wilhelmhöher Straße 1
34590 Wabern
Tel. +49 5683-923440
E-Mail: datenschutz@pietsch-it.de
Internet: www.pietsch-it.de

3. For which purposes and on which legal basis do we process personal data?
We process personal information about you for the purpose of your application for employment, to the extent that this is necessary for any decision to establish employment with us. The legal basis is § 26 para. 1 in conjunction with para. 8 S.2 BDSG. Furthermore, we may process personal data about you, as far as this is required to defend against asserted legal claims against us concerning the application process. The legal basis is Art. 6 para. 1, subparagraph f of the GDPR; the legitimate interest is, for example, a burden of proof in proceedings under the German General Equal Treatment Act (AGG). Insofar as employment arises between yourself and us, then pursuant to § 26 (1) BDSG we may further process the personal data already received by you for employment purposes, if this is necessary for the execution or termination of the employment relationship or for performance or fulfillment, as required by law or a collective agreement, or through the rights and obligations for the representation of the interests of employees under an operating or service agreement (collective agreement).

4. Which categories of personal data do we process?
WWe process data related to your application. This may include general personal information (such as name, address and contact details), details of your job qualifications and education, or professional training, or other information that you provide to us in connection with your application. Incidentally, we may process your publicly available, job-related information, such as a profile in professional social media networks.

5. Which categories of recipients / data are there?
We may transfer your personal data to companies affiliated with us, insofar as this is possible within the framework of the provisions of para. 3 concerning purposes and legal bases. Incidentally, personal data is processed on our behalf on the basis of contracts pursuant to Art. 28 GDPR, in particular by host providers or providers of applicant management systems. We process your application in particular through StepStone, so that StepStone Deutschland GmbH and its subcontractors are also recipients on our behalf. You will find them under https://www.stepstone.de/ueber-stepstone/rechtliche-hinweise/allgemeine-geschaeftsbedingungen/#processors finden, Empfänger sind.

6. Is transfer to a third country intended?
A transfer to a third country is not intended.

7. How long will your data be stored for?
We store your personal information for as long as this is necessary to decide on your application. Insofar as an employment relationship between you and us does not arise, we may also continue to store data as long as is necessary to defend against any possible legal claims. The application documents will be deleted two months after notification of a decision of refusal, unless longer storage due to litigation is required.

8. What rights do you have?
As an applicant with us you have, depending on the situation in individual cases, the following data protection rights, and you may contact us or our data protection officer named in points 1 and 2 at any time concerning the exercising of these rights..

a. Information
You have the right to receive information about your personal data processed by us, as well as to request access to your personal data and / or copies of this data. This includes information about the purpose of the usage, the category of data used, their recipients and authorized users and, if possible, the planned duration of data storage or, if this is not possible, the criteria for determining this duration;

Correction, deletion or restriction of processing
You have the right to demand the immediate correction of incorrect personal data concerning you. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, including by means of a supplementary statement.

c. Right of objection
Insofar as the processing of your personal data takes place on the basis of Article 6 (1) (f) of the GDPR, you have the right, at any time, to object to the processing of such data for reasons arising from your particular situation. We will then no longer process such personal information, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is intended to assert, exercise or defend legal claims.

d. Right of revocation
If the processing is based on consent, you have the right to revoke your consent at any time without affecting the legality of the processing on the basis of the consent up to the point of revocation. Here, you can contact us or our data protection officer at any time as mentioned above.

e. A Right to delete
You have the right to ask us to delete your personal information without delay and we are obliged to delete your personal information immediately, if one of the following reasons applies:

• The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
• You object to the processing in accordance with Point 8c above and there are no legitimate reasons for the processing.
• The personal data was processed unlawfully.
• The deletion of personal data is required to fulfill a legal obligation under European Union or national law to which we are subject.

This does not apply if processing is required:

• to fulfill a legal obligation that requires processing under the law of the European Union or of the Member States to which we are subject.
• to assert, exercise or defend legal claims.

f. Right to restriction of processing
You have the right to ask us to restrict processing if one of the following conditions is met:

• The accuracy of your personal information is disputed by you and for a period of time that enables us to verify the accuracy of your personal information;
• the processing is unlawful, and you refuse to delete the personal data and instead request the restriction of the use of personal data;
• We no longer need personal information for the purposes of processing, but you need it to assert, exercise or defend your rights, or
• you have lodged an objection against the processing according to Point 8c above, as long as it is not certain that our legitimate reasons prevail over yours.

If processing has been restricted in accordance with this subparagraph, these personal data may only be used with your consent, with the exception of their storage, or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for important reasons of public interest of the European Union or of a Member State. If you have a limitation on processing, we will inform you before the restriction is lifted.

g. Right of appeal
Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, employment or the place of the alleged infringement, if you believe that the processing of your personal data is contrary to the GDPR.

9. Necessity of providing personal data
The provision of personal information is not required by law or contract, nor are you required to provide the personal information. However, the provision of personal information is required to enter into a contract of employment with us. This means that unless you provide us with personal data when applying, we will not enter into any employment relationship with you.

10. No automated decision-making
There is no automated decision on a case-by-case basis within the meaning of Art. 22 GDPR; i.e. the decision on your application is not based solely on automated processing.

7 Data protection information social media

The following information shows how we handle your data:

1. Responsible for data processing

miho Inspektionssysteme GmbH
Obervellmarsche Straße 12
34292 Ahnatal
Phone: +49 5609 8382-0
E-Mail: info@miho.de

If you have any questions about data protection, please contact us at any time using the above contact details.

We operate social media presences with the following platform operators. In some cases, we are jointly responsible with these operators and have concluded agreements that govern our cooperation. Further information on the operators and the contractual terms can be found via the links below:

• Facebook: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Irland
  Nutzungsbedingungen von Facebook
  gemeinsame Verantwortlichkeit mit Meta

• LinkedIn: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland
  Datenverarbeitungsvereinbarung mit LinkedIn

• YouTube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
  Datenschutzerklärung von Google
  Nutzungsbedingungen von Google

2. Data processing in the context of social media presences
We process your data on the basis of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and all other laws relevant to us under data protection law.

2.1       Porposes and legal basis
The purposes of data processing are the presentation of our company and interaction with users of social networks. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest is to share information with our interested parties and to be able to communicate with them.

In this context, we may receive further information, e.g. due to user comments, private messages or because you follow us or share our content. The processing takes place exclusively for the purpose of communication and interaction with you.

2.2       Use of insigths and a basis
In connection with the operation of our social media pages, we use the analysis functions provided there to obtain statistical evaluations of the users of our social media pages.

For this purpose, cookies and similar technologies such as pixels are used by the network operators when you visit our pages, and a unique user code is created in each case. This user code can be linked to the data of users who are registered with the platform operators.

The information stored for the user code is processed by the platform operators, in particular when the user visits these services. Other entities, such as partners or even third parties, may also use cookies within these services in order to provide services to the companies advertising on the platforms.

3. Recipients of personal data
We only pass on your data to third parties if this is necessary to fulfill the purpose. Furthermore, data may be passed on to authorities on the basis of legal regulations in accordance with Art. 6 para. 1 lit. c and e GDPR.

It is possible that some of the information collected may also be processed in the USA as an unsafe third country, as the parent companies of Facebook, Instagram (Meta Platforms Inc.) and Google (Google LLC) are based in the USA. These are certified under the EU-US Data Privacy Framework to ensure an adequate level of data protection.

LinkedIn transmits data to LinkedIn Corporation in the USA on the basis of standard contractual clauses (data processing agreement) approved by the European Commission.

4. Your rights
You have the following rights vis-à-vis us with regard to your personal data

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object to the processing (Art. 21 GDPR)
• Right to withdraw consent (Art. 7 para. 3 GDPR)
• Right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR)

8 Data protection officer

If you have questions about data protection, please write us an e-mail or contact our data protection officer directly

Stefan Pietsch
who can be reached as follows:

Pietsch IT GmbH
Wilhelmhöher Straße 1
34590 Wabern

Tel: +49 5683-923440
E-Mail: datenschutz@pietsch-it.de
Internet: www.pietsch-it.de

9 Up-to-dateness and amendment of this data protection information

This data protection information is currently valid (see status in the heading). It may become necessary to amend this data protection information as a result of the further development of our services or due to changes in legal or official requirements.