Mitocare MITOcare

Do you have questions?
+49 89 248 8163 - 40
Mon - Fri: 8 am – 5 pm

Data protection

General Information

Thank you for your interest in our website. The protection of privacy and your personal data is an important concern to us. In the following you will find information about how we handle your personal data whilst using our website. The processing of personal data in compliance with the applicable data protection law. Insofar as we link to other websites, we have neither influence nor control over the linked contents and the privacy policies there. We recommend checking the privacy policies on the linked websites in order to determine whether and to what extent personal data is collected, processed, used or made available to third parties.

Controller within the meaning of data protection law

Heike Sachtleben
MITOcare GmbH & Co.KG
Lindenschmitstraße 44
81371 München
info@mitocare.de
+49 (0)89 2488163-0

Contact details of the data protection officer:

datenschutzbeauftragter@datenschutzexperte.de
www.datenschutzexperte.de

Definitions

Our data protection aims to be clear and intelligible for everyone. For this reason, our data protection declaration generally uses the official terms of the General Data Protection Regulation (GDPR). The official definitions are explained in Art. 4 GDPR.

Data processing by visiting our website

Once you visit our website, it is technically necessary for data to be transmitted to our web server via your internet browser. The following data is recorded during an ongoing connection for communication between your internet browser and our web server:

We collect the data listed in order to guarantee a smooth connection oft he website and to enable a comfortable use of our website by the users. The log file also serves to evaluate system security and stability as well as for administrative purposes. The legal basis for the temporary storage of data or log files is Art. 6 Para. 1 lit. f GDPR. For reasons of technical security, in particular to prevent attempts to attack our web server, we store this data temporarily. Based on this data, it is not possible for us to draw conclusions about individual persons. After 7 days at the latest, the data is anonymised by shortening the IP address at domain level, so that it is no longer possible to relate a reference to the individual user.

For reasons of technical security, in particular to prevent attempts to attack our web server, we store this data temporarily. Based on this data, it is not possible for us to draw conclusions about individual persons. After 7 days at the latest, the data is anonymised by shortening the IP address at domain level, so that it is no longer possible to relate a reference to the individual user.

General data processing’s on our website

Contact form and contact by e-mail
If you send us enquiries via contact form or e-mail, your information from the enquiry form or your e-mail, including the first and last name you indicated there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. The indication of an e-mail address is necessary for the contact indication, the indication of your name as well as your telephone number is voluntary. We will not transfer this data without your consent. The legal basis for the processing of the data is our legitimate interest in responding to your request pursuant to Art. 6 para. 1 lit. f GDPR and, if applicable, Art. 6 para. 1 lit. b GDPR, insofar as your request is aimed at the conclusion of a contract. Your data will be deleted after your request has been processed, unless there are legal obligations to retain it. In the case of Art. 6 para. 1 lit. f GDPR, you may object to the processing of your personal data at any time.
 
Registration
 
You can register for certain services provided on our website and thus create a user account. As part of the registration and setup, we collect and use the following personal data:
In addition, information may be provided voluntarily (e.g. telephone number). Fields marked with an asterisk are obligatory. Your user account gives you the opportunity to use other parts of our website and to log in for the offers you have purchased. The legal basis of the data processing is your consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 6 para. 1 lit. b GDPR, if the processing is required to provide the requested services. Your data will be deleted as soon as the user account on our website is deleted and there are no more statutory storage requirements. A change and / or deletion of your user account, including the data you have provided, can usually be done directly in your user account after logging in or by sending a message to the person named in the introduction.
 
Online Shop
or access to our online shop, we offer the possibility to register with personal data for the creation of a customer account. The data is entered into an input mask and transmitted to us and stored. A transfer of data to third parties does not take place. As part of the registration for a user account, we save the following data necessary for the performance of a contract to which you are a party or in order to take steps at the request of you prior to entering into a contract:
 
 
A registration of the user is required to fulfill the contract or to carry out pre-contractual measures or to provide the desired services. The legal basis for processing the data is Art. 6 para. 1 lit. b GDPR. The data will be deleted if the data is no longer necessary for the fulfillment of the contract. Even after the contract has been concluded, it may be necessary to store personal data of our contractual partners in order to comply with contractual or legal obligations. As a user, you have the option of canceling the registration at any time. An early deletion of the data is only possible, as far as contractual or legal obligations do not preclude a deletion.

Privacy Policy for the use of Mailchimp

With the following information, we will inform you about the contents of our newsletter, the registration, dispatch and statistical evaluation procedures as well as your right of objection. By subscribing to our newsletter, you agree to the dispatch and the procedures described.

Content of the newsletter

We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter "newsletter") only with the consent of the recipient or a legal permission. Insofar as the contents of a newsletter are concretely described, they are authoritative for the consent of the users. Incidentally, our newsletters contain information about health topics, dietary supplements, offers and general information about our company and our services.

Double opt-in and logging

For the registration of our newsletter we use the so-called double opt-in procedure. After the registration, you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with external e-mail addresses.

The registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes the storage of the login and the confirmation time, as well as the IP address. Similarly, the changes to your data stored with MailChimp will be logged.

Use of the online marketing platform “Mailchimp”

The newsletter is distributed via Mailchimp, an online marketing platform operated by The Rocket Science Group LLC, 675 Ponce De Leon Ave NE 5000, Atlanta, GA 30308, USA. The e-mail addresses of our newsletter recipients, as well as their other information described in these policies, are stored on the servers of Mailchimp in the USA. Mailchimp uses this information to send and evaluate the newsletters on our behalf. Furthermore, Mailchimp may, according to its own information, use this data to optimize or improve its own services, e.g. for the technical optimization of the shipping and the presentation of the newsletter or for economic purposes, to determine from which countries the recipients come. However, Mailchimp does not use the data of our newsletter recipients to write them down or to pass them on to third parties.

We rely on the reliability, IT and data security of Mailchimp. Mailchimp is certified under the US-EU privacy shield "Privacy Shield" and is committed to complying with EU data protection requirements. Furthermore, we have concluded a data processing agreement with Mailchimp. This is a contract in which Mailchimp pledges to protect the data of our users, to process it in accordance with its privacy policy on our behalf and, in particular, not to disclose it to third parties. The privacy policy of Mailchimp can be viewed here.

Login details

To subscribe to the newsletter, it is sufficient to enter your e-mail address. Optionally, we ask you to provide your first and last name. This information is only for the personalization of the newsletter.

Legal basis of the newsletter dispatch

In accordance with the provisions of the General Data Protection Regulation (GDPR), which has been in force since 25 May 2018, we inform you that the legal basis of the dispatch of the newsletter is your consent in accordance with Art. 6 para. 1 lit. a, 7 GDPR and § 7 para. 2 no. 3 and para. 3 UWG. The use of the mail service provider MailChimp, carrying out the statistical surveys and analyzes as well as logging the registration process, are based on our legitimate interests in accordance with. Art. 6 para. 1 lit. f GDPR. Our legitimate interest is to use a user-friendly and secure newsletter system that serves both our business interests and users' expectations.

We further point out that you can object to the future processing of your personal data in accordance with Art. 21 GDPR at any time. The objection may in particular be made against processing for direct marketing purposes.

Note to the newsletter according to sample of lawyer Dr. Thomas Schwenke.

Withdrawal

You can terminate the receipt of our newsletter at any time, i.e. withdraw your consent. At the same time, your consent in the dispatch via MailChimp and the statistical analyzes will lapse. A separate withdrawal of the dispatch via MailChimp or the statistical evaluation is unfortunately not possible.

A link to the withdrawal of the newsletter can be found at the end of each newsletter.

Statistical survey and analyzes

The newsletters contain a so-called "web beacon", i. a pixel-sized file that is retrieved from the MailChimp server when the newsletter is opened. This call will initially collect technical information, such as information about the browser and your system, as well as your IP address and time of access. The legal basis for processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest is the technical improvement of the services on the basis of the technical data or the target groups and their reading behavior on the basis of their call-off locations (which can be determined with the help of the IP address) or the access times. Statistical surveys also include determining if the newsletters will be opened, when they will be opened, and which links will be clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our desire nor that of MailChimp to observe individual users. Rather, our legitimate interest in the evaluations is to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

Online calls and data management

There are cases in which we direct the newsletter recipients to the MailChimp websites. For example, our newsletters contain a link that allows newsletter recipients to retrieve newsletters online (for example, in the case of display problems in the e-mail program). Furthermore, newsletter recipients can store their data, such as correct the e-mail address later. Similarly, the privacy policy of MailChimp is only available on their page.

In this regard, we point out that cookies are used on the websites of MailChimp and thus personal data may be processed by MailChimp, their partners and service providers (for example, Google Analytics). We have no influence on this data collection. For more information, please have a look on the privacy policy of MailChimp. Please also refer to the possibility of objecting to the data collection for advertising purposes on the websites http://www.aboutads.info/choices/ and http://www.youronlinechoices.com/ (for the European area).

Advertising Analysis and Advertising Tracking

Google Analytics

This website uses Google Analytics, an internet analysis service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies”. These are text files which are stored on your computer and which allow an analysis of your use of the website. The information generated in relation to the use of this website is transferred by default to a Google server in the USA and stored there. We use Google Analytics only with IP anonymization enabled. This means that Google will reduce the IP address of users within Member States of the European Union or in other signatory states to the Agreement on the European Economic Area, which may exclude any personal relationship. Google Inc., based in the USA, is certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR and § 15 para. 3 TMG respectively based on our legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes.

On behalf of the operator of this website, Google will use this information to analyze your use of the website and to generate reports on website activity. Google also uses this information to provide other services related to the use of the website and the internet to the website operator.

The IP address sent by your browser as part of Google Analytics is not combined with other Google data. The terms of use of Google Analytics and information on data protection can be accessed via the following links:
https://www.google.com/analytics/terms/us.html and at
https://policies.google.com/?hl=en&gl=de.
You can prevent cookies from being saved by adjusting the settings of your browser software accordingly. However, we must point out that in this case you will not be able to use all functions of this website without restrictions. You can also prevent Google from collecting the data generated by the cookie and analysing your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at https://tools.google.com/dlpage/gaoptout?hl=en.

A click on the following link prevents Google Analytics from capturing the data by placing a so-called opt-out cookie: Deaktivierung von Google Analytics Information on the handling of user data at Google Analytics can be found in Google's data protection declaration:
https://support.google.com/analytics/answer/6004245?hl=en

Hotjar

Our website uses the web analysis service Hotjar of Hotjar Ltd. Hotjar Ltd. is an European-based company based in Malta (Hotjar Ltd, Level 2, St Julian's Business Center, 3, Elia Zammit Street, St. Julian's STJ 1000, Malta, Europe, Tel: +1 (855) 464-6788).

With this tool, movements on the websites where Hotjar is used can be understood (so-called heat maps). For example, you can see how far users are scrolling and which buttons users click as often. The tool also allows to directly get feedback from users of the website. Most importantly, Hotjar's services enhance the functionality of Hotjar-based websites by making them more user-friendly, more valuable, and easier to use for end users.

When using this tool, we pay particular attention to the protection of your personal data. So we can only track what buttons are clicked, the mouse's history, how far you scrolled, the screen size of the device, device type and browser information, geographic location (country only) and preferred language to represent our website. Areas of the websites in which personal data of you or third parties are displayed are automatically hidden by Hotjar and are therefore comprehensible at no time. In order to exclude a direct personal relationship, IP addresses are only stored and processed anonymously. Hotjar uses various third-party services such as Google Analytics and Optimizely. It may therefore be the case that these services collect data transmitted by your browser as part of website inquiries. These may be, for example, cookies or your IP address. In these exceptional cases, this processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.

Hotjar offers every user the option of using a "Do-not-Track-Header" to prevent the use of the tool Hotjar, so that no data about the visit of the respective website are recorded. This is a setting that supports all common browsers in current versions. For this, your browser sends a request to Hotjar to disable the tracking of the respective user. If you use our websites with different browsers or computers, you must set up the "Do-not-Track-Header" for each of these browsers or computers separately.

If you visit a Hotjar-based website, you can prevent Hotjar from collecting your information at any time by going to our opt-out page https://www.hotjar.com/legal/compliance/opt-out and disabling Hotjar. More information about Hotjar Ltd. and via the Hotjar tool, visit: https://www.hotjar.com

The privacy policy of Hotjar Ltd. can be found at: https://www.hotjar.com/privacy.

Google Maps

Via an API, this website uses the mapping service Google Maps. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To enable the use of the Google Maps features, your IP address must be stored. As a rule, this information is transferred to one of Google’s servers in the United States, where it is archived. The operator of this website has no control over the data transfer. Please note the opt-out feature: https://www.google.com/settings/ads/ We use Google Maps to present our online content in an appealing manner and to make the locations disclosed on our website easy to find. This constitutes a legitimate interest as defined in Art. 6 Sect. 1 lit. f GDPR. For more information on the handling of user data, please review Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

Social Media

Social media links

Social networks (Facebook, Twitter and Xing) are only included as a link to other sites on our website. After clicking on the linked text / image link, you will be redirected to the page of the other controller. User information is only transmitted to the respective provider after you have been redirected.. You may want to refer to the privacy policies on those sites to see how they collect and use this information.

Cookies

Our website uses cookies which are stored on your device by the browser and which contain certain settings for the use of the website (e.g. the current session). Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and stored by your browser. Most of the cookies we use are so-called session cookies, which are automatically deleted after the browser is closed. Other cookies remain stored on your end device until you delete them, or the storage period expires.

These cookies enable us to recognize your browser on your next visit. In some cases, the cookies are used to simplify website processes by saving settings (e.g. to keep already selected options available). If personal data are also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either to implement the contract or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interest in the best possible functionality of the website and a customer-friendly and effective design of the page visit. You can set your browser in a way that you get informed about the setting of cookies and only allow cookies in individual cases, accept cookies for certain cases or generally exclude them and activate the automatic deletion of cookies when closing the browser. The cookie settings can be administered under the following links for the respective browsers.

Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Safari: https://support.apple.com/kb/ph21411?locale=de_DE
Opera: http://help.opera.com/Windows/10.20/de/cookies.html

You can also individually manage the cookies of many companies and functions that are used for advertising. To do so, use the user tools available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.

Most browsers also offer a "do-not-track- feature" that allows you to indicate that you do not want to be "tracked" by websites. If this feature is enabled, the browser will tell ad networks, websites and applications that you do not want to be tracked for behaviour-based advertising and such like. For information and instructions on how to edit this feature, see the links below, depending on your browser provider:

Google Chrome: https://support.google.com/chrome/answer/2790761?co=GENIE.Platform%3DDesktop&hl=en-GB
Mozilla Firefox: https://www.mozilla.org/de/firefox/dnt/
Internet Explorer: https://support.microsoft.com/en-gb/help/17288/windows-internet-explorer-11-use-do-not-track
Opera: http://help.opera.com/Windows/12.10/de/notrack.html 
Safari: https://support.apple.com/kb/PH21416?locale=de_DE

In addition, you can prevent the loading of scripts by default. NoScript allows you to run JavaScripts, Java and other plug-ins only on trusted domains of your choice. Information and instructions on how to edit this function can be obtained from your browser's provider (e.g. for Mozilla Firefox at: https://addons.mozilla.org/de/firefox/addon/noscript/).). Please note that disabling cookies may limit the functionality of this website.

Data transfer and recipients

A transfer of your personal data to third parties does not take place, except
In addition, we use external service providers for the processing of our services, whom we have carefully selected and commissioned in writing. They are bound by our instructions and are regularly monitored by us. If necessary, we have concluded a contract for data processing under commission pursuant to Art. 28 GDPR with them. These are service providers for web hosting, sending e-mails, maintenance and care of our IT systems, etc. The service providers will not transfer this data on to third parties.

Extent of processing of personal data

In principle, we process personal data of our users only insofar as this is necessary to provide a functioning website and our content and services. The processing of personal data of our users takes regularly place only with the consent of the user. An exception applies to cases in which prior consent cannot be obtained for reasons of fact and the processing of the data is permitted by law.

Rights of the data subject

Storage Period of Personal Data

The period for which the personal data will be stored is determined by the relevant statutory retention periods (e.g. from commercial law and tax law). After expiry of the respective period, the corresponding data is deleted routinely. If data is required for contract fulfilment or contract initiation or if we have a justified interest in further storage, the data will be deleted if you are no longer required for these purposes or if you make use of your right of revocation or objection.

Rights of the data subject

Your rights

In the following section you will find information about your rights as data subject which are granted to you by the current data protection law regarding the controller of the processing of your personal data:

The right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the storage duration planned, the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing, the existence of a right to lodge a complaint with a supervisory authority, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved, as well as the significance and the envisaged consequences.

The right to immediately request the correction of incorrect or complete personal data stored by us in accordance with Art. 16 GDPR.

The right to request the erasure of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right of freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

The right, pursuant to Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is contested by you, the processing is unlawful, but you opposes the erasure and we no longer need the data, but you need it for the establishment, exercise or defence of legal claims or you have filed an objection against the processing pursuant to Art. 21 GDPR.

The right, in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in in a commonly used and machine-readable format or to transmit those data to another controller.

The right to withdraw your given consent pursuant to Art. 7 para. 3 GDPR with effect in the future at any time.

The right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state in which we have our registered office or, if applicable, that of your usual place of residence or work.

The right to withdraw your given consent pursuant to Art. 7 para. 3 GDPR: You have the right to withdraw your given consent to the processing of data with effect for the future at any time. In the event of withdrawal, we will delete the data concerned without delay, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent shall not affect the legality of the processing carried out on the basis of the consent until withdrawal;

Right of object

If your personal data is processed by us based on legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right pursuant to Art. 21 GDPR to object at any time to the processing of your personal data if this is done for reasons arising from your particular situation. If the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement to state a particular situation.

If you wish to exercise your right of withdrawal or opposition or any of your other rights, simply send an e-mail to info@mitocare.de.

Use of the webinar-plattform of the edudip GmbH

We use the edudip webinar platform from edudip GmbH. To participate in a webinar on the edudip webinar platform, a membership or registration at edudip is required. When booking our webinars, MITOcare GmbH & Co. KG receives your registration data (name, email address, desired password) for registration and execution. In addition, we do not receive any further data from edudip. The legal basis for data processing is Art. 6 para. 1 lit. b, the fulfilment of the contract.To inform other members about yourself, you can voluntarily describe yourself in your member profile by providing additional information. To which extent your member profile can be viewed, can be determined in your member account under Settings -> Privacy. Your address, telephone number, email address and bank details will not appear in your member profile. If you work as a trainer, your offer and specialization will be listed under "YOUR_URLtrainer" and made available to every visitor of the website. If you do not want this information published, you can change it in the profile settings under "Privacy". 
Furthermore, MITOcare GmbH & Co. KG collects voluntary personal data from you (e-mail-address & full name). The legal basis for data processing is Art. 6 para. 1 lit. f, our legitimate interest in improving the webinar offer.
Your data will be deleted if they no longer necessary in relation to the purposes for which they were collected or otherwise processed, or we do not have a legitimate interest in further storage or if you have made use of your right of withdraw or objection. Please note that we have no influence on the data collected and the data processing by the edudip GmbH. Further information can be found in the privacy policy by the edudip GmbH under:

https://www.edudip.com/datenschutz

Adaptation and Status of the Privacy Policy

Subject to change

We reserve the right to adapt or update this data protection declaration if necessary, in compliance with the applicable data protection regulations. In this way, we can adapt it to the current legal requirements and take account of changes to our services, e.g. the introduction of new services. The most current version applies to your visit.

Status of this privacy policy: 07.01.2018