Privacy policy

1. Controller

The controller responsible for data processing is:

MB Electronic AG
Am Schmiedberg 10
83623 Dietramszell
Email: info@mb-electronic.de
Telephone: +49 (0) 8027/90898-50

2. Collection and storage of personal data; nature and purpose of their use

a) When visiting the website

When you visit our website www.mb-electronic.de, the browser used on your device automatically sends information to our website's server. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:

  • IP address of the requesting computer,
  • Date and time of access,
  • name and URL of the accessed file,
  • website from which access is made (referrer URL),
  • browser used and, if applicable, your computer's operating system and the name of your access provider.

We process the aforementioned data for the following purposes:

  • to ensure a smooth connection to the website,
  • to ensure a comfortable use of our website,
    evaluating system security and stability, and
    for other administrative purposes.

The legal basis for data processing is Article 6(1)(f) of the GDPR. Our legitimate interest arises from the data collection purposes listed above. Under no circumstances do we use the collected data to draw conclusions about you.

b) Hosting and content delivery networks (CDN) External hosting

Our website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the host's servers. This may include, but is not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site.
The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR).

Our hosting company will only process your data to the extent necessary to fulfil its performance obligations and will follow our instructions with regard to this data.

We use the following hosting company:
dogado GmbH
Antonio-Segni-Straße 11
D-44263 Dortmund

Note on data transfer to the USA and other third countries

Among other things, we use tools from companies based in the United States or other third countries that do not have adequate data protection laws. When these tools are active, your personal data may be transferred to and processed in these third countries. We would like to point out that these countries do not guarantee a level of data protection comparable to that in the EU. For example, US companies are obliged to release personal data to security authorities without you as the data subject being able to take legal action against this. It cannot therefore be ruled out that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence over these processing activities.

c) When using our contact form

If you have any questions, we offer you the opportunity to contact us using a form provided on the website. In this case, you must provide a valid email address so that we know who sent the request and can respond to it. Further information can be provided voluntarily.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 (1) (1) (a) GDPR on the basis of your voluntarily granted consent.

d) Storage of customer data in the CRM and ERP system

We use a customer relationship management system (CRM) and an enterprise resource planning system (ERP) to store and manage customer data. The storage and processing of this data is based on your consent in accordance with Art. 6 (1) (a) GDPR or for the performance of a contract in accordance with Art. 6 (1) (b) GDPR.

The following data is stored in the CRM/ERP system:

  • Name
  • Address
  • Email address
  • Telephone number
  • Enquiry history
  • Order history
  • Communication history

The data is used for the following purposes:

  • Managing and maintaining customer relationships
  • Processing enquiries and orders
  • Carrying out marketing measures, provided you have consented to this
  • Improving our services

e) Marketing measures based on legitimate interest

We process our customers' personal data for marketing purposes based on our legitimate interest in accordance with Article 6 (1) (f) of the GDPR. Our legitimate interest is in informing our customers about similar products and services and maintaining our customer relationships.

The following data is processed for marketing purposes:

  • Name
  • Address
  • Email address
  • Telephone number
  • Order history

This data is processed in order to provide you with information about similar products and services that may be of interest to you. You can object to the processing of your personal data for these purposes at any time. All you need to do is send an email to info@mb-electronic.de.

f) Use of email services (Exchange Online)

We use Exchange Online for the administration and sending of e-mails. Personal data such as e-mail addresses, names and communication content are processed in the process. These data are used for the following purposes:

  • Communication with customers and business partners
  • Processing of enquiries and orders
  • Implementation of marketing measures, provided that you have agreed to this

The processing of these data is based on your consent according to Art. 6 para. 1 lit. a GDPR or for the fulfilment of a contract according to Art. 6 para. 1 lit. b GDPR.

g) Use of cloud-based CRM and ERP systems

We use cloud-based CRM and ERP systems to manage and store customer data and to support our business processes. The processing of personal data in these systems is based on your consent in accordance with Art. 6 (1) point a GDPR or for the performance of a contract in accordance with Art. 6 (1) point b GDPR.

**Contract data processing

Data processing is carried out in the context of order processing in accordance with Art. 28 GDPR. We have concluded corresponding contracts with the providers of the cloud-based systems that ensure that your data is protected in accordance with the legal requirements.

Data transfer to third countries

If the providers of the cloud-based systems transfer data to third countries outside the EU/EEA, we ensure that suitable guarantees are in place in accordance with Art. 44 ff. DSGVO to ensure an adequate level of data protection. This can be done by concluding standard contractual clauses or other suitable measures.

h) Use of company mobile phones, laptops and tablets

We use company mobile phones, laptops and tablets to support our employees' communication and work processes. This involves the processing of personal data such as telephone numbers, email addresses and communication content. This data is used for the following purposes:

  • Communication with customers and business partners
  • Processing of enquiries and orders
  • Implementation of marketing measures, provided you have given your consent

The processing of this data is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR or for the performance of a contract in accordance with Art. 6 para. 1 lit. b GDPR.

Security measures

To ensure the security of data stored on company mobile phones, laptops and tablets, we use appropriate technical and organisational measures, including data encryption and the use of secure communication channels.

Private use

If private use of the devices is allowed, we ensure that a clear distinction is made between private and business data in order to guarantee the integrity and confidentiality of the business data.

i) Use of Microsoft 365

We use Microsoft 365 for data management and storage and to support our business processes. This involves the processing of personal data such as email addresses, names, communication content and usage data. This data is used for the following purposes:

  • Communication with customers and business partners
  • Processing of enquiries and orders
  • Implementation of marketing measures, provided you have consented to this
  • Improvement of our services

This data is processed on the basis of your consent in accordance with Art. 6 (1) point a GDPR or for the fulfilment of a contract in accordance with Art. 6 (1) point b GDPR.

Contract data processing

Data processing is carried out in the context of contract data processing in accordance with Art. 28 GDPR. We have concluded corresponding contracts with Microsoft to ensure that your data is protected in accordance with legal requirements.

Data transfer to third countries

If Microsoft transfers data to third countries outside the EU/EEA, we ensure that appropriate safeguards are in place in accordance with Art. 44 ff. DSGVO to ensure an adequate level of data protection. This can be done by concluding standard contractual clauses or other suitable measures.

j) Matomo

This website uses the open source web analysis service Matomo.

With the help of Matomo, we are able to collect and analyse data about how visitors use our website. This enables us, among other things, to find out when which pages were viewed and from which region they come. In addition, we collect various log files (e.g. IP address, referrer, browser and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).

This analysis tool is used on the basis of Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user patterns to optimise the operator's web offerings and advertising. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.

IP anonymisation

We use IP anonymisation for our analyses with Matomo. This means that your IP address is shortened before the analysis, so that it can no longer be clearly assigned to you.

Cookie-free analysis

We have configured Matomo so that it does not store any cookies in your browser.

Hosting

We host Matomo exclusively on our own servers, so that all analysis data remains with us and is not passed on.

Opt-Out



3. Storage period

We only store your personal data for as long as is necessary to fulfil the purposes for which it was collected or as required by law. As soon as the data is no longer required for these purposes, it will be deleted. This may be the case, for example, if you revoke your consent to data processing or if the data is no longer required for the fulfilment of a contract. Legal retention periods remain unaffected.

4. Disclosure of data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We will only disclose your personal data to third parties if:

  • you have given your express consent in accordance with Art. 6 (1) (a) GDPR,
  • disclosure is required under Art. 6 (1) sentence 1 f) GDPR to establish, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
  • in the event that disclosure is required under Art. 6 (1) sentence 1 c) GDPR to comply with a legal obligation, and
  • this is legally permissible and required for the performance of a contract with you in accordance with Article 6 (1) sentence 1 point (b) GDPR.

5. Rights of data subjects

You have the right:

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of the processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the source of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about the details;
  • to immediately request the rectification of inaccurate personal data or the completion of incomplete personal data stored by us in accordance with Article 16 of the GDPR;
  • to request the erasure of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to establish, exercise or defend legal claims;
  • to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful but you refuse to allow its deletion and we no longer require the data, but you require it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing in accordance with Art. 21 DSGVO;
  • in accordance with Art. 20 GDPR, to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller;
  • in accordance with Art. 7 (3) GDPR, to withdraw your consent at any time. This has the consequence that we are no longer allowed to continue the data processing based on this consent in the future and
  • to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority at your usual place of residence or work or at our company headquarters.

6. Right to object

If your personal data are processed on the basis of legitimate interests in accordance with Art. 6 (1) sentence 1 e or f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR if there are reasons for doing so that arise from your particular situation or if the objection is to direct advertising. In the latter case, you have a general right of objection, which we will implement without you having to specify a particular situation.

If you wish to exercise your right of revocation or objection, simply send an e-mail to info@mb-electronic.de.

7. Objection to advertising e-mails

We hereby object to the use of contact data published in accordance with the imprint obligation to send unsolicited advertising and information material. The site operators expressly reserve the right to take legal action in the event of unsolicited advertising information being sent, for example by spam e-mails.

8. Data security

Our website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in your browser line.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

We use appropriate technical and organisational measures to ensure the security of your data, including the encryption of e-mails and the secure storage of data on our servers and in our cloud-based systems.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

9. Plugins and tools

**a) Google Web Fonts

Our website uses so-called web fonts, which are provided by Google, for the uniform display of fonts. When you access a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

To do this, the browser you use must connect to Google's servers. This enables Google to know that your IP address has been used to access this website. Google Web Fonts are used on the basis of Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in a uniform presentation of the font on the operator's website. If a corresponding agreement has been requested (e.g. an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.

If your browser does not support web fonts, a standard font is used by your computer.

For more information about Google Web Fonts, see Google Web Fonts FAQ and Google's privacy policy.

b) Font Awesome (local hosting)

Our website uses Font Awesome for the uniform display of fonts. Font Awesome is installed locally. A connection to the servers of Fonticons, Inc. does not take place.

For more information about Font Awesome, please see the Font Awesome privacy policy.

10. Updating and amending this privacy policy

This privacy policy is currently valid and was last updated on 01/02/2025.

It may be necessary to amend this privacy policy as a result of further developments to our website and offers or due to changes in legal or official requirements. You can access and print out the current privacy policy at any time on the website at [URL of the website].