Miez-Maunz

––––––––––––––––––––

1) Introduction and contact information for the data controller

1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we provide information about how we handle your personal data when you use our website. Personal data refers to any information that can be used to identify you personally.

1.2 The data controller for this website within the meaning of the General Data Protection Regulation (GDPR) is Agnes Hanning,Maunz Cat SittingMaunz , Adelheidstr. 14, 80798 Munich, Germany, Tel.: 01708039579, Email:maunz. The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2) Data collection when you visit our website

2.1 When you use our website for informational purposes only—that is, if you do not register or otherwise provide us with information—we collect only the data that your browser transmits to the website server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

- The website we visited

- Date and time of access

- Amount of data sent in bytes

- Source/link that brought you to this page

- Browser used

- Operating system used

- IP address used (if applicable: in anonymized form)

The processing is carried out in accordance with Article 6(1)(f) of the GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be disclosed or used for any other purpose. However, we reserve the right to review the server log files retrospectively if there are concrete indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential information (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the "https://" prefix and the padlock icon in your browser address bar.

3) Hosting & Content Delivery Network

3.1 Webflow

We use the system provided by the following company to host our website and display its content: Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA

All data collected on our website is processed on the provider’s servers. We have entered into a data processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits its unauthorized disclosure to third parties.

For data transfers to the United States, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards based on an adequacy decision by the European Commission.

3.2 Cloudflare

We use a content delivery network provided by the following company: Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA

This service enables us to deliver large media files, such as graphics, page content, or scripts, more quickly via a network of regionally distributed servers. This processing is carried out to safeguard our legitimate interest in improving the stability and functionality of our website in accordance with Article 6(1)(f) of the GDPR. We have entered into a data processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

4) Cookies

To make your visit to our website more enjoyable and to enable the use of certain features, we use cookies—small text files that are stored on your device. Some of these cookies are automatically deleted when you close your browser (so-called “session cookies”), while others remain on your device for a longer period and allow page settings to be saved (so-called “persistent cookies”). In the latter case, you can find the storage duration in the overview of your web browser’s cookie settings.

If personal data is processed through individual cookies we use, such processing is carried out in accordance with Article 6(1)(b) of the GDPR for the purpose of performing the contract, pursuant to Article 6(1)(a) of the GDPR in the event that consent has been given, or pursuant to Article 6(1)(f) of the GDPR to safeguard our legitimate interests in ensuring the best possible functionality of the website as well as a user-friendly and effective design of the site visit.

You can configure your browser to notify you when cookies are set, allowing you to decide on a case-by-case basis whether to accept them, or to block cookies in specific cases or generally.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Getting in touch

When you contact us (e.g., via the contact form or email), we collect personal data. The specific data collected when using a contact form is indicated on the form itself. This data is stored and used exclusively for the purpose of responding to your inquiry, establishing contact, and handling the associated technical administration.

The legal basis for processing this data is our legitimate interest in responding to your inquiry pursuant to Article 6(1)(f) of the GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Article 6(1)(b) of the GDPR. Your data will be deleted after your inquiry has been fully processed. This is the case when it can be inferred from the circumstances that the matter in question has been conclusively resolved and provided that no statutory retention obligations preclude this.

6) Page features

6.1 Google Maps

This website uses an online map service provided by the following provider: Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Google Maps is a web service that displays interactive maps to visually present geographic information. By using this service, our location is displayed to you, making it easier for you to find us.

As soon as you visit any subpages that include a Google Maps map, information about your use of our website (such as your IP address) is transmitted to Google’s servers and stored there; this may also involve a transfer to the servers of Google LLC in the United States. This occurs regardless of whether Google provides a user account through which you are logged in or whether a user account exists. If you are logged in to Google, your data will be directly associated with your account. If you do not wish for this association with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and analyzes them.

The collection, storage, and analysis of data are carried out in accordance with Article 6(1)(f) of the GDPR, based on Google’s legitimate interest in displaying personalized advertising, conducting market research, and/or tailoring Google websites to user needs. You have the right to object to the creation of these user profiles; to exercise this right, you must contact Google. If you do not consent to the future transmission of your data to Google in connection with the use of Google Maps, you also have the option of completely disabling the Google Maps web service by turning off JavaScript in your browser. Google Maps and, consequently, the map display on this website will then no longer be available.

To the extent required by law, we have obtained your consent to the processing of your data described above in accordance with Article 6(1)(a) of the GDPR. You may withdraw your consent at any time with future effect. To withdraw your consent, please follow the procedure for objecting described above.

For more information about Google's privacy policy, click here: https://business.safety.google/intl/de/privacy/

6.2 Adobe Fonts (Typekit)

This site uses web fonts from the following provider to ensure consistent font display: Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA

When you visit a page, your browser loads the necessary web fonts into its cache to display text and fonts correctly, and establishes a direct connection to the provider’s servers. In the process, certain browser information, including your IP address, is transmitted to the provider.

The processing of personal data when establishing a connection with the font provider will only take place if you have given us your explicit consent in accordance with Article 6(1)(a) of the GDPR. You may revoke your consent at any time with future effect by deactivating this service via the “Cookie Consent Tool” provided on the website. If your browser does not support web fonts, a standard font from your computer will be used.

6.3 Cloudflare Turnstile

On this website, we use the CAPTCHA service provided by the following company: Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA

The service checks whether an input is made by a human or is the result of abusive automated processing, and blocks spam, DDoS attacks, and similar automated malicious access attempts. To ensure that an action is performed by a human and not by an automated bot, Cloudflare Turnstile collects the IP address of the device used, identification data regarding the browser and operating system type, as well as the date and duration of the visit, and transmits this information to the provider’s servers for evaluation.

The processing described above will only take place if you have given us your explicit consent in accordance with Article 6(1)(a) of the GDPR. You may revoke your consent at any time with future effect by deactivating this service in the “Cookie Consent Tool” provided on the website.

We have entered into a data processing agreement with the service provider that ensures the protection of our website visitors' data and prohibits its unauthorized disclosure to third parties.

6.4 Applications for job postings via email

On our website, we post current job openings in a separate section; interested candidates can apply by emailing the contact address provided.

Applicants must provide all personal information necessary for a thorough evaluation, including general information such as name, address, and contact details, as well as evidence of qualifications and, if applicable, health-related information. Details regarding the application can be found in the job posting.

Once we receive your application via email, your data will be stored and processed solely for the purpose of reviewing your application. If we have any questions, we will contact the applicant via email or phone. This processing is based on Article 6(1)(b) of the GDPR (or Section 26(1) of the BDSG), under which the application process is considered a preliminary step toward an employment contract.

To the extent that special categories of personal data within the meaning of Article 9(1) of the GDPR (e.g., health data such as information regarding severe disability status), processing is carried out in accordance with Article 9(2)(b) of the GDPR so that we may exercise the rights arising from labor law and the law on social security and social protection and fulfill our obligations in this regard.

Cumulatively or alternatively, the processing of special categories of data may also be based on Article 9(1)(h) of the GDPR if it is carried out for the purposes of preventive healthcare or occupational medicine, for the assessment of the applicant’s fitness for work, for medical diagnosis, care, or treatment in the health or social sector, or for the administration of systems and services in the health or social sector.

If the applicant is not selected or withdraws their application early, the data they submitted and all electronic correspondence—including the application email—will be deleted no later than six months after notification. This period is determined by our legitimate interest in answering any follow-up questions regarding the application and, if necessary, in fulfilling our obligations to provide evidence under the regulations on the equal treatment of applicants.

If your application is successful, the data you provide will be processed on the basis of Article 6(1)(b) of the GDPR (in the case of processing in Germany, in conjunction with Section 26(1) of the BDSG) for the purpose of carrying out the employment relationship.

7) Tools and Miscellaneous

Cookie Consent Tool

This website uses a so-called “cookie consent tool” to obtain valid user consent for cookies and cookie-based applications that require consent. The "Cookie Consent Tool" is displayed to users when they visit the site in the form of an interactive user interface, where they can grant consent for specific cookies and/or cookie-based applications by checking the appropriate boxes. When using the tool, all cookies/services requiring consent are loaded only if the respective user grants the corresponding consent by checking the boxes. This ensures that such cookies are set on the user’s respective device only if consent has been granted.

The tool uses technically necessary cookies to save your cookie preferences. No personal user data is processed in this process.

If, in individual cases, the storage, assigning, or logging cookie settings, this processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in legally compliant, user-specific, and user-friendly consent management for cookies and, consequently, in the legally compliant design of our website.

Another legal basis for the processing is Article 6(1)(c) of the GDPR. As the data controller, we are legally required to make the use of non-technically necessary cookies contingent upon the user’s consent.

Where necessary, we have entered into a data processing agreement with the service provider to ensure the protection of our website visitors’ data and to prohibit its unauthorized disclosure to third parties.

For more information about the operator and the settings options for the cookie consent tool, please refer directly to the relevant user interface on our website.

8) Rights of the Data Subject

8.1 Under applicable data protection law, you have the following rights as a data subject (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data; please refer to the cited legal basis for the respective conditions for exercising these rights:

- Right of access pursuant to Article 15 of the GDPR;

- Right to rectification under Article 16 of the GDPR;

- Right to erasure under Article 17 of the GDPR;

- Right to restriction of processing pursuant to Article 18 of the GDPR;

- Right to be informed pursuant to Article 19 of the GDPR;

- Right to data portability pursuant to Article 20 of the GDPR;

- Right to withdraw consent pursuant to Article 7(3) of the GDPR;

- Right to lodge a complaint under Article 77 of the GDPR.

8.2 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA AS PART OF A BALANCING OF INTERESTS BASED ON OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO SUCH PROCESSING ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA IN QUESTION. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, fundamental rights and freedoms, or if the processing serves to assert, exercise, or defend legal claims.

IF WE PROCESS YOUR PERSONAL DATA FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING. YOU MAY EXERCISE THIS RIGHT AS DESCRIBED ABOVE.

EXERCISE YOUR RIGHT TO OBJECT, AND WE WILL STOP PROCESSING THE RELEVANT DATA FOR DIRECT MARKETING PURPOSES.

9) Retention period for personal data

The duration of the storage of personal data is determined by the applicable legal basis, the purpose of processing, and—where applicable—the relevant statutory retention period (e.g., retention periods under commercial and tax law).

When processing personal data based on explicit consent pursuant to Article 6(1)(a) of the GDPR, the data in question will be stored until you withdraw your consent.

If there are statutory retention periods for data processed in connection with contractual or quasi-contractual obligations pursuant to Article 6(1)(b) of the GDPR, such data will be routinely deleted upon the expiration of the retention periods, provided that it is no longer necessary for the performance or initiation of a contract and/or we no longer have a legitimate interest in continuing to store it.

When processing personal data on the basis of Article 6(1)(f) of the GDPR, this data will be stored until you exercise your right to object under Article 21(1) of the GDPR, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.

When processing personal data for the purpose of direct marketing pursuant to Article 6(1)(f) of the GDPR, this data will be stored until you exercise your right to object under Article 21(2) of the GDPR.

Unless otherwise specified in the other information contained in this statement regarding specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Copyright Notice: This Privacy Policy was prepared by the specialized attorneys at IT-Recht Kanzlei and is protected by copyright (https://www.it-recht-kanzlei.de)

As of: September 25, 2025, 8:44:28 a.m.

‍

Our partners