I. Our approach to data protection

Data protection law is part of our personal rights. Especially in our constantly developing and networked world, the importance of these rights should not be underestimated. For EFO Mentalgold GmbH, data protection law in all its forms and requirements is very important, which is why we also take the protection of your data very seriously and always strive to provide an appropriate level of protection on our website www.metalgold.de .

You are free to use our website without providing your personal data. However, if you want to use one of our services via our website, it may be necessary to collect and process your data. If this is the case and there is no legal basis for this processing, we will always obtain your consent for the respective process.

As the controller, we have implemented numerous technical and organizational measures to ensure the most complete protection possible for personal data processed via this website. Since, despite all technical precautions, absolute protection cannot be fully guaranteed during data transmission, you are free to transmit your personal data in other ways, for example by telephone.

1. Details of data protection law

Our data protection declaration should be easy to read and understand for the public as well as for you as a customer and business partner. To ensure this, we would like to explain some of the terms we use that you will come across in this data protection declaration. Terms that require a more detailed explanation of the term and use have their own paragraph (e.g. cookies).

  • Personal data

Personal data is all information that relates to an identified or identifiable natural person (hereinafter “data subject”). A natural person is regarded as identifiable who, directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more special features that express the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person can be identified.

  • Affected person

Affected person is any identified or identifiable natural person whose personal data is processed by the person responsible for processing. So when in doubt, you are an affected person.

  • processing

Processing is any process carried out with or without the help of automated procedures or any such series of processes in connection with personal data. The term processing includes any handling of data, be it the collection, evaluation, storage, transmission or deletion.

  • Profiling

Profiling is any type of automated processing of personal data that consists of using this personal data to evaluate, analyze or predict certain personal aspects relating to a natural person.

We do not use profiling on our website to protect your personal data.

  • Pseudonymization

Pseudonymization is the processing of personal data in a way in which the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is stored separately and is subject to technical and organizational measures that guarantee that the personal data cannot be assigned to an identified or identifiable natural person.

  • Responsible person or person responsible for processing

The person responsible or the person responsible for the processing is the natural or legal person, authority, institution or other body that alone or jointly with others decides on the purposes and means of processing personal data.

  • Processor

Processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the person responsible.

  • recipient

Recipient is a natural or legal person, authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not.

  • Third

A third party is a natural or legal person, public authority, agency or body other than the data subject, the person responsible, the processor and the persons who are authorized to process the personal data under the direct responsibility of the person responsible or the processor.

  • consent

Consent is any voluntary, informed and unambiguous declaration of intent given by the person concerned for the specific case in the form of a declaration or other unequivocal affirmative action with which the person concerned indicates that they consent to the processing of their personal data is.

  • Tracking (German: “tracking”)

In the field of online marketing, tracking refers to the logging of the user behavior of a website visitor. With the help of tracking, it is possible to understand which websites a visitor came from to your own website, how long the visitor stayed on the website, which pages were called up and which IP address the visitor has. In order to access this data, cookies are used and evaluated with tools such as Google Analytics. The success of marketing campaigns can be read from this and measures for their optimization and adjustments can be derived. With these measures, the website can be made more user-friendly and better tailored to customers.

  • Range measurement

The main purpose of the range measurement is to statistically determine the intensity of use, the number of visitors or users of a website and their surfing behavior – on the basis of a uniform standard procedure. With the help of various tools, website operators can see exactly how many people are reached with a contribution. It is also possible to determine exactly how often a person clicks on an advertisement, from which websites, advertisements or articles people reach your own website.

The data required for this is collected and processed in accordance with the GDPR and German data protection law. Technical and organizational measures ensure that individual users cannot be identified at any point in time. Data that may be related to a specific, identifiable person will be anonymized as early as possible.

2. Who we are

The person responsible for this website within the meaning of the General Data Protection Regulation is:

EFO Mentalgold GmbH

Kaitzer Street 18

01069 Dresden

Tel: 0151/641 229 24

Mail: info@mentalgold.de

EFO Mentalgold GmbH is represented by the managing director Herbert Meyer.

3. What data and information we collect

Our website collects a range of general data and information from you each time you visit the website. These general data and information are stored in the server’s log files. The

(1) browser types and versions used,

(2) the operating system used by the accessing system,

(3) the website from which an accessing system reaches our website (so-called referrer),

(4) the sub-websites that are accessed via an accessing system on our website,

(5) the date and time of access to the website,

(6) an internet protocol address (IP address),

(7) the Internet service provider of the accessing system and

(8) other similar data and information that serve to avert danger in the event of attacks on our information technology systems.

When using this general data and information, our company does not draw any conclusions about you. Rather, this information is required to correctly display the content of our website and also to optimize that content and the advertising for the content.

We also need the above information for the permanent functionality of our IT infrastructure and technology of the website. Last but not least, it may happen that we need the information in order to provide law enforcement authorities with the necessary data in the event of law enforcement.

This anonymously collected data and information is therefore evaluated by us on the one hand for statistical findings, but also for the optimization of data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The anonymous data in the server log files are stored separately from all of your specified personal data.

Our website processes data for the following purposes , for example

  • Provision of our online offer with the associated user-friendliness
  • Office and organizational procedures
  • the implementation of contractual performances and services
  • Management and answering of inquiries

The groups of people affected, the types of data processed, the specific purpose and the legal basis will be explicitly described to you again in the course of this data protection declaration for the respective processing operation.


4. What are your rights?

The European legislator has given you a number of options within the framework of the General Data Protection Regulation to assert your rights – also against us. In order to comply with our information obligation, the following rights are presented:

  • a) Right to confirmation

You have the right to request confirmation from us as to whether your personal data is being processed.

  • b) Right to information

You have the right to receive free information from us about your stored personal data (e.g. the processing purpose or the categories of data that are processed) and a copy of this information from us at any time.

  • c) Right to rectification

You have the right to request us to correct your incorrect personal data relating to you without delay. Taking into account the purposes of the processing, you still have the right to request the completion of incomplete personal data – including by means of a supplementary declaration.

  • d) Right to erasure (right to be forgotten)

You have the right to ask us to delete your personal data relating to you immediately. We are also obliged to delete personal data immediately if there is a reason that does not justify processing the data

  • e) Right to restriction of processing

You have the right to request that we restrict the processing of your data,

  • f) Right to data portability

You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. You also have the right to transfer this data to another person responsible without hindrance from us, to whom the personal data was provided.

  • g) Right to object

For reasons that arise from your particular situation, you have the right at any time to object to the processing of your personal data relating to you, which is based on Art. 6 Para. 1 letter e or f GDPR takes place, to file an objection.

We no longer process the personal data unless we can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

  • h) Right to information and to lodge a complaint with a supervisory authority

You have the right to contact a supervisory authority at any time with questions about data protection.

If you are of the opinion that the processing of your personal data violates data protection law, you still have the right to lodge a complaint with a competent supervisory authority.

So that it doesn’t get that far in the first place, we would be grateful that we can find a solution together in the event of any discrepancies.

  • i) Right to withdraw consent under data protection law

You have the right to withdraw your consent to the processing of personal data at any time.

If you would like to revoke your consent, you can contact the following office at any time:

EFO Mentalgold GmbH

Kaitzer Street 18

01069 Dresden

Tel: 0151/641 229 24

Mail: info@mentalgold.de


5. Provision of the online offer and web hosting

So that we can provide our website safely and efficiently, we use the services of one or more web hosting providers, from whose servers (or servers managed by them) the online offer can be accessed. For these purposes, we can use infrastructure and platform services, computing capacity, storage space and database services as well as security services and technical maintenance services.

The data processed on our website may include information that arises in the context of use and communication. This regularly includes the IP address, which is necessary to display the content of our online offer, and all entries made within our online offer or from websites.

Sending and hosting of e-mails: We use web hosting services, which include sending, receiving and storing e-mails. For this purpose, the addresses of the recipients and senders as well as other information relating to the sending of e-mails (e.g. the providers involved) and the contents of the respective e-mails are processed.

Please note that emails on the Internet are generally not sent in encrypted form. In most cases, e-mails are encrypted while they are being transported, but (if no so-called end-to-end encryption method is used) not on the servers from which they are sent and received. We cannot therefore accept any responsibility for the transmission path of the e-mails between the sender and the receipt on our server.

Collection of access data and log files : We collect data every time the server is accessed (so-called server log files). In addition to the server log files, the address and name of the websites and files accessed, the date and time of access, the amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page) and, as a rule, IP Addresses and the requesting provider belong. In short, server log files record all processes that happen on a website.

The server log files are used, among other things, for security by recognizing and defending against attacks or to guarantee the load on the server and its stability.

  • Processed data types: content data (e.g. text input, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta / communication data (e.g. device information, IP addresses).
  • Affected persons: users (e.g. website visitors, users of online services).
  • Legal basis: Legitimate interests (Art. 6 Para. 1, S. 1 lit. f. GDPR).


6. Deletion and blocking of personal data

We process and store your personal data only for the period necessary to achieve the storage purpose or if this has been provided for by the European directives and regulations or another legislator in laws or regulations to which we are subject. The criterion for the duration of the storage of personal data is therefore the respective statutory retention period.

If the purpose of storage no longer applies or if a storage period prescribed by the European directives and regulations or another responsible legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions, provided that they are no longer required for contract fulfillment or contract initiation.


7. Protection of minors

Consent to the processing of personal data can only be given by an adult. For information society services, a child’s consent is permitted from the age of sixteen in accordance with Art. 8 GDPR.


8. Our handling of cookies

Our website is operated through the use of cookies, among other things. Cookies are text files that are placed and saved on your computer system via your internet browser.

Numerous websites and servers use cookies. Simply put, cookies are used to give the website a “memory”. For many website operators they are an essential means of offering you as a website visitor a smooth and technically flawless experience.

Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the websites and servers you visit to differentiate your individual browser from other Internet browsers that contain other cookies. A specific internet browser can be recognized and identified via the unique cookie ID.

By using cookies, our website can provide you with more user-friendly services that would not be possible without the setting of cookies. A distinction is made between the following types of cookies and functions:

Cookies that differ according to their storage duration

  • Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after you leave an online offer and close your browser.
  • Permanent cookies: Permanent cookies are saved after the browser is closed. These are used, for example, to save your login status or to display content that is often or welcome.

Cookies that differ according to their origin

  • First-party cookies: First-party cookies are set by us.
  • Third-party cookies (also: third-party cookies) : Third-party cookies are mainly placed by advertisers (so-called third parties) in order to process user information.

Cookies that differ according to their purpose

  • Necessary (required) cookies: Cookies may be necessary for the operation of a website (e.g. to save logins or other user input or for security reasons).
  • Statistics, marketing and personalization cookies : It can happen that cookies are used as part of the range measurement (web analysis), if your interests or behavior (e.g. viewing certain content, using functions, etc.) on individual websites be saved in a user profile. Such profiles are used to show users, for example, content that corresponds to their potential interests. This process is also known as “tracking”, ie following up the potential interests of users. Insofar as we use such cookies or other “tracking” technologies, we will inform you separately in our data protection declaration or in the context of obtaining consent directly when opening our website (cookie banner).

Storage period : Unless we specifically tell you the storage period for permanent cookies, please allow for a storage period of up to 2 years.

Which cookies do we use? We do not use any statistics, marketing or personalization cookies or any other cookies that correspond to the description above on our website.

II. What to expect on our website

We offer a wide variety of content on our website in order to offer you as a user an interesting surfing experience, so that you get a lasting and, above all, positive impression of us and our company. For this we use various programs, tools and a lot of other content. In the following we would like to explain to you what this is all about.

1. Contact option via the website

Due to legal regulations, our website contains information that enables quick electronic contact to our company and direct communication with us, which also includes a general address for so-called electronic mail (e-mail address).

If you contact us by email or using our contact form, the personal data you have transmitted will be saved automatically. Such personal data that you provide to us on a voluntary basis will be stored for the purpose of processing or contacting you. This personal data is not passed on to third parties.

Concrete data processing:

Processed data types: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos).

Affected persons: communication partner.

Purposes of processing: contact requests and communication.

Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 Para. 1, S. 1 lit. b.GDPR), legitimate interests (Art. 6 Para. 1, S. 1 lit.f.

2. We offer payment options

In the context of contractual and other legal relationships, due to legal obligations or otherwise based on our legitimate interests, we offer you efficient and secure payment options and use other payment service providers in addition to banks and credit institutions (collectively “payment service providers”).

The data processed by the payment service provider includes inventory data such as name and address, bank data such as account numbers or credit card numbers, passwords, TANs and checksums as well as contract, sum and recipient-related information. The information is required to carry out the transactions.

However, the data entered will only be processed and stored by the payment service providers. We do not receive any account or credit card-related information, but only information with confirmation or negative information about the payment. It can happen that the data is transmitted to credit agencies by the payment service provider. This transmission may be necessary for the identity and credit check. For this we refer to the terms and conditions and the data protection information of the payment service providers.

The terms and conditions and data protection notices of the respective payment service providers, which can be accessed on the respective websites or transaction applications, apply to payment transactions. We refer to them for the purpose of further information and assertion of rights of revocation, information and other data subjects.

We use the following payment processors:

Mollie: payment services; Service provider: Mollie BV – Mollie Headquarter, Keizersgracht 126, 1015CW Amsterdam, The Netherlands

Website: https://www.mollie.com/de

Data protection declaration: https://www.mollie.com/de/privacy

Klarna: payment services; Service provider: Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden

Website: https://www.klarna.com/de

Data protection declaration: https://www.klarna.com/de/datenschutz/

Paypal: payment services; Service provider: Paypal (Europe) S.à.rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg, Luxembourg

Website: https://www.paypal.com/de

Data protection declaration: https://www.paypal.com/myaccount/privacy/privacyhub

Concrete data processing:

Processed data types: inventory data (e.g. names, addresses), payment data (e.g. bank details, invoices, payment history), contract data (e.g. subject matter of the contract, duration, customer category)

Affected persons: customers, interested parties.

Purposes of processing: Provision of contractual services and customer service.

Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 Paragraph 1, S. 1 lit. b. GDPR), legitimate interests (Art. 6 Paragraph 1, S. 1 lit. f. GDPR).

3. Legal permission for data processing

The following standards can serve as the legal basis for the above-mentioned processing operations for Wolkenflug Cosmopolitan Meyer GbR:

4. Obligation to provide personal data

We explain to you that the provision of personal data is in part required by law (e.g. tax regulations) or can also result from contractual regulations (e.g. information on the contractual partner). In addition, in order to conclude a contract, it may be necessary for you to provide us with personal data that we subsequently have to process. For example, you are obliged to provide us with personal data when our company concludes a contract with you. Failure to provide personal data would mean that the contract could not be concluded.

Before providing your personal data, you should contact one of our employees. Our employee will explain to you on a case-by-case basis whether the provision of your personal data is required by law or contract or is necessary for the conclusion of a contract, whether there is an obligation to provide the personal data and what consequences the failure to provide the personal data would have.

III. Your contact in our company

If you have any questions about data protection and the handling of your data on our website and our company, please do not hesitate to contact us:

EFO Mentalgold GmbH

Managing director: Herbert Meyer

Kaitzer Street 18
01069 Dresden

Tel .: 0151/641 229 24

Email: info@mentalgold.de
Website: www.mentalgold.de

This data protection declaration was provided by Bastanier & Schmelzer Rechtsanwälte PartmbB, www.bastanier-schmelzer.de