mirabyte GmbH & Co. KG takes the protection of your personal data seriously. Your personal data is processed by us only in accordance with the provisions of any applicable German data privacy laws (e.g. BDSG) and the European General Data Protection Regulation (GDPR). Personal data on our Websites is only collected for internal purposes to the technically or legally required extent or if there is a legitimate interest from our side (see “Legal Basis for the Processing”). In no case will the collected data be sold or forwarded/shared to third parties for other reasons.

The following privacy policy will give you an overview on how we guarantee this protection and which kind of data is collected for what purpose. Furthermore, data subjects are informed of the rights to which they are entitled:

Definitions

This privacy policy largely uses the terms also used by the European General Data Protection Regulation (GDPR):

Personal Data
Any information and data relating to an identifiable or identified natural person.

Processing
Any automated or manual process or operation during which personal data is collected, stored, analyzed, adjusted, modified, read, queried or transferred. Also restricting, deleting or erasing such data is covered by this term.

Controller Responsible for the Processing
The controller responsible for the processing is mirabyte GmbH & Co. KG in this case, represented by the executive board (see “Further Information / Contact Information”).

Processor
Any natural or legal person, public authority, agency or any other institution which processes personal data on behalf of and for the controller.

Data Subject
Any identifiable or identified natural person, whose personal data is processed by the controller.

Customer Data

If you buy a product, a license or any other kind of service from us, we also collect personal data of one or multiple contact persons of yours. These include salutation, first name, last name and e-mail address.

This information is required to be able to conclude a contract with you, to fulfil this contract and to be able to supply you with the necessary documents.

Server Data

We automatically collect and store in our server the log file information, which we get from your Web browser. These typically contain:
  • Browser type/ -version
  • used operating system
  • referrer URL (the previously visited page)
  • IP address and host name of the accessing computer
  • date and time of server inquiry

This data cannot be used to identify persons. This data is not combined with other data sources; furthermore, the data is deleted after statistical analysis.

This data is required to deliver the content of the Website correctly and to ensure the permanent, stable operations of our information systems and to and provide the necessary information for criminal prosecution in case of misuse or other crimes.

Analysis

We use the Web analytics software Matomo on our Websites. Matomo uses Cookies for analyzing Web traffic (see “Cookies”). The data which is collected with the help of these cookies and which is also stored on our server includes information such as date/time, location and frequency of a Website visit including your IP address and your customer ID, if you are logged in.

Your IP address is anonymized during this process so that visitors of our Website remain anonymous. The data which collected during this process is not passed on to third parties. The processing of personal data with Matomo is based on legitimate interests (see “Legal Basis for the Processing”).

Cookies

Our Web sites use cookies in several places. These cookies are used to make our services more user-friendly, more effective and more secure. Cookies are small text files that your browser saves on your computer. Cookies cannot do damage to your computer and do not contain viruses. Cookies can also be saved for a longer period of time, e.g. for a Web site to recognize your user profile without the need to log in. You can customize how cookies are handled in your Web browser settings. You can prevent storage of cookies by choosing a “disable cookies” option in your browser settings. However, this can limit the functionality of our Internet offers as a result.

Registration

To download certain information or trial versions of our software products, a registration is required. The personal data that is collected by a form during the registration process is only used to for providing you the requested download link or information and to inform you about future updates, improvements and news. You can opt out from this service at any time. A link for this purpose is included in every e-mail (see “Newsletter”).

In addition to that also the IP address as well as date/time of the registration and the registration confirmation (double opt-in) is stored to prevent an abuse of our systems and products and to allow criminal prosecution.

The collected personal data may be transferred to one or multiple data processors in order to allow e.g. the sending of e-mails as stated above. The data processor also uses the personal data only internally and for purposes that are directly related to the processing that is performed on behalf of us, the controller responsible for the processing.

Newsletter

After the subscription to a newsletter, your e-mail address is used for our own advertising purposes and information offerings (e.g. news on product or security updates) until you cancel the newsletter subscription again. The consent granted by you that you must express separately is displayed during the signup process. Cancellation is possible at any time.

A newsletter signup is also performed based on the recital 47 sentence 2 GDPR, if you have purchased a product/license in our Web shop or requested a free trial version using the registration process. You may revoke your consent at any time with future effect. If you no longer want to receive the newsletter, then please unsubscribe by clicking on the unsubscribe link which can be found at the end of each newsletter that has been sent by us.

Newsletter Tracking

The newsletters sent out by us contain a so-called tracking pixel and link extensions in the HTML source code of the e-mail to allow a statistical analysis of the success of our online marketing campaigns. This method tracks the opening of newsletters as well as any clicks on hyperlinks within the newsletter. This data is collected, stored and analyzed by a data processor of the controller responsible for the processing with the aim of optimizing the newsletter sending and to better align the content to your interests and needs.

You may revoke your consent given during the signup to the newsletter (see “Newsletter”) at any time by unsubscribing from the newsletter.

Data Protection Provisions about the Application and Use of YouTube

In our Website we have integrated components of YouTube. YouTube is a video portal which allows the integration of videos hosted on that portal into 3rd party Websites. For this purpose, when you visit certain pages of our Website, components by YouTube are downloaded and executed in our Web browser.

It is possible that information about your visit is transmitted to YouTube by this component. The applicable data protection policies of YouTube can be accessed under https://www.google.de/intl/en/policies/privacy/ and inform you about the collection, processing and usage of personal data by YouTube and Google and how you can contradict to that if desired.

The operating company of YouTube is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. The YouTube, LLC is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Period for which the Personal Data will be Stored and Routinely Carried out Erasure of Personal Data

The personal data that is processed and stored by us is only stored for the period that is required to fulfill the data collection purpose unless legal obligations require a longer storage period of the data. Personal data is also stored as long it is required for the performance of a contract or the contract initiation.

In general, the period for storing personal data is oriented towards the applicable legal obligations.

Rights of Data Subjects

According to the Federal Data Protection Act (German Law) and the GDPR, you have the following rights regarding the personal data collected about you:

Right of Confirmation
You have the right to demand a confirmation whether personal data concerning yourself is being processed.

Right of Access
You have the right to demand from the controller free information about the personal data that is stored about you and may request a copy of this data. You also have the right to be informed about the purpose for storing personal data about you.

Right to Rectification
You have the right to demand from the controller without undue delay the rectification of inaccurate personal data concerning yourself.

Right to Erasure (Right to be Forgotten)
You have the right to demand from the controller to delete any personal data concerning yourself.

Right of Restriction of Processing
You have the right to demand from the controller the restriction of the processing of personal data concerning yourself.

Right to Data Portability
You have the right to demand and receive the personal data concerning yourself, which was provided to the controller, in a structured, commonly used and machine-readable format.

Right to Object
You have the right to object to processing of your personal data which is based on article 6(1) lit. e or f GDPR. This also applies to profiling based on these provisions.

Right to Lodge a Complaint
You have the right to lodge a complaint with the responsible supervisory authority if you consider that the processing of your personal data infringes the data protection regulations. The responsible supervisory authority is the national data protection commissioner of North Rhine-Westphalia (Germany). The contact information is available here: https://www.ldi.nrw.de/

The rights stated above may only be exercised fully if no other legal obligations prevent these and if the necessary requirements according to the GDPR are fulfilled.

Legal Basis for the Processing

By default, Art. 6(1) lit. a GDPR serves as the legal basis for processing for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract or to provide any other kind of service, the processing is legitimated by Article 6(1) lit. b GDPR. The same also applies to such processing which is necessary for carrying out pre-contractual measures. If our company is subject to a legal obligation by which processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1) lit. c GDPR.

Finally, processing may also be legitimated in case it is necessary for the purposes of the legitimate interests of the controller (see “Legitimate Interests Pursued by the Controller or by a Third Party”). This is specifically applicable if the data subject is a client or customer of the controller (recital 47 sentence 2 GDPR).

Legitimate Interests Pursued by the Controller or by a Third Party

In case the processing of personal data is based on Article 6(1) lit. f GDPR, it is the legitimate interest to carry out the business of mirabyte GmbH & Co. KG in favor of the well-being of our employees and the company shareholders.

Further Information / Contact Information

Your trust is important to us. Thus, we are always ready to answer your questions about the handling of your personal data. If, at any time, you have questions that this privacy policy could not answer or if you wish to receive more specific information about certain issues, please contact our data protection coordinator: privacy@mirabyte.com

The name and the address of the controller responsible for the processing by the means of the GDPR as well as other privacy-related laws and regulations are stated on the contact information page of our Website (the personal contact for this subject is the CEO).