Privacy Policy
We take data protection seriously
The protection of your privacy when processing personal data is an important concern for us. When you visit our website, our web servers automatically save the IP address of your internet service provider, the website from which you visit us, the websites you visit on our site and the date and duration of your visit. This information is absolutely necessary for the technical transmission of the websites and the secure server operation. A personalised evaluation of this data does not take place.
If you send us data via contact form, this data is stored on our servers in the course of data backup. Your data will be used by us to process your request and to contact you further for advertising and information purposes. Your data will be treated strictly confidential.
The responsible body within the meaning of the law is:
Myra Security GmbH
Landsberger Str. 187
80687 München
Phone: +49 89 41 41 41 – 345
E-Mail: info@myrasecurity.com
Personal Data
Personal data are data about your person. This includes your name, your address and your email address. You do not have to disclose any personal data to visit our website. In some cases we need your name and address and other information in order to provide you with the requested service.
The same applies if we supply you with information material on request, if we answer your enquiries or if you apply for a job with us. In these cases we will always point this out to you. Furthermore, we only store the data that you have automatically or voluntarily provided us with.
If you use one of our services, we generally only collect the data that is necessary to offer you our service. It is possible that we may ask you for further information, but this is voluntary. Whenever we process personal data, we do so in order to provide you with our service or to pursue our commercial goals.
Information obligations according to Art. 13 GDPR
We process your personal data (in short "data") exclusively on the basis of the statutory provisions. With this Privacy Policy we want to comprehensively inform you about the processing of your data in our company and the data protection rights and remedies to which you are entitled within the meaning of Art. 13 of the European Data Protection Regulation (EU GDPR). Learn more.
Automatically stored data
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Date and time of the request
- Name of the requested file
- Page from which the file was requested
- Access status (file transferred, file not found, etc.)
- Web browser and operating system used
- Complete IP address of the requesting computer
- Data volume transferred
This data is not merged with other data sources. Processing is carried out in accordance with Art. 6 Para. 1 letter f GDPR on the basis of our justified interest in improving the stability and functionality of our website.
For reasons of technical security, in particular to ward off attempts to attack our web server, this data is stored by us for a short period. It is not possible for us to draw conclusions about individual persons on the basis of this data. After seven days at the latest, the data is anonymised by shortening the IP address at domain level, so that it is no longer possible to establish a link to the individual user. In anonymised form, the data is also processed for statistical purposes; it is not compared with other data sets or passed on to third parties, even in part. Only in the context of our server statistics, which we publish every two years in our activity report, is a presentation of the number of page views.
Cookies
When you visit our website, we may store information on your computer in the form of cookies. Cookies are small files that are transferred from an internet server to your browser and stored on its hard disk. Only the internet protocol address is stored – no personal data. This information, which is stored in the cookies, allows us to automatically recognize you the next time you visit our website, which makes it easier for you to use our website. The legal basis for the use of cookies is the legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.
Of course you can also visit our website without accepting cookies. If you do not want your computer to be recognised on your next visit, you can also refuse the use of cookies by changing the settings in your browser to "refuse cookies". You will find the respective procedure in the operating instructions of your browser. If you refuse the use of cookies, however, there may be restrictions in the use of some areas of our website.
Matomo (On-Premise)
This website uses the open-source web analytics service Matomo. Matomo uses technologies that enable the recognition of the user across pages to analyze user behavior (e.g., device fingerprinting). The information collected by Matomo about using this website is stored on our server. The IP address is anonymized before storage.
With the help of Matomo, we can collect and analyze data about the use of our website by website visitors. This enables us to find out, among other things, when which page views were made and from which region they came. We also collect various log files (e.g., IP address, referrer, browsers, and operating systems used) and can measure whether our website visitors perform specific actions (e.g., clicks, purchases, and the like).
The use of this analysis tool is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the anonymized analysis of user behavior to optimize both its website and its advertising.
When analyzing with Matomo, we use IP anonymization. Your IP address is shortened before the analysis so that it can no longer be clearly assigned to you.
We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on.
This is a Technically Necessary cookie.
Matomo Tag Manager
This website uses the Matomo Tag Manager. It does not collect any personal data. It is used to run small programs ("tags" or "snippets") on the website, which in turn may collect data. Matomo Tag Manager itself does not collect data, does not share data with third parties, and does not access data collected by tags triggered by Matomo Tag Manager.
This is a Technically Necessary cookie.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising programme from Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display adverts in the Google search engine or on third-party websites when the user enters certain search terms into Google (keyword targeting). Furthermore, targeted adverts can be displayed based on the user data available at Google (e.g. location data and interests). We as the website operator can evaluate this data quantitatively, for example by analysing which search terms have led to the display of our advertisements and how many advertisements have led to corresponding clicks.
The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and 25 para. 1 TTDSG. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:
EU CAPTCHA
To protect our website from malicious automated access (e.g., by bots), spam, and attacks such as credential stuffing, we use EU CAPTCHA, a security service we developed, on our website.
EU CAPTCHA is designed to distinguish automated requests from legitimate user requests, thereby ensuring the security and functionality of our website. When certain pages are accessed or forms are submitted, technical information required for this security check is processed. This includes, in particular, log data and device data. The end user's personal data is not stored. Data that could identify the end user is anonymized, for example, using one-way hashing.
Processing is carried out exclusively for the purpose of ensuring the security of our website and preventing abusive or automated access. The legal basis for processing is Article 6(1)(f) of the GDPR. Our legitimate interest lies in protecting our IT systems and ensuring the functionality of our online services.
Data processing takes place in data centers within the European Union. The data is stored only for as long as is necessary to perform the security check and to prevent misuse.
Stripe
We use the payment service provider Stripe, a service provided by Stripe Payments Europe, Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland, or its affiliated Stripe companies, to process payments. Payment processing is carried out directly by Stripe; this involves, among other things, the transmission of payment data (e.g., credit card number, IBAN, BIC, invoice amount), technical usage data, and other order data are transmitted to Stripe in order to execute the payment and prevent any attempts at misuse or fraud. The legal basis for this processing is Art. 6 (1) (b) GDPR, as the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures with you; in the case of credit checks and fraud prevention, Art. 6 (1) lit. f GDPR (legitimate interest in preventing payment fraud and ensuring smooth payment transactions) may also be relevant. Stripe may transfer personal data to countries outside the EU/EEA, in particular to the USA; According to its own statements, Stripe relies on appropriate safeguards such as the EU Commission's standard contractual clauses and participation in the EU-US Data Privacy Framework. For more information on data processing by Stripe, please refer to Stripe's privacy policy at https://stripe.com/privacy or the Stripe Privacy Center at https://stripe.com/legal/privacy-center.
Userpilot
Userpilot is a product of Userpilot Inc., 2035 Sunset Lake Road, Suite B-2, Newark, DE 19702, USA. This tool is used to provide interactive product tours, context-sensitive help, and in-app explanations. In addition, data about the use of the application (e.g., session replays, click behavior, page views) can be collected and feedback can be gathered to improve the user-friendliness and onboarding experience of our users. The legal basis for the use of Userpilot is your consent in accordance with Art. 6 (1) (a) GDPR in conjunction with Art. 5 (3) ePrivacy Directive. Data will only be collected if you have given your express prior consent. You can revoke your consent at any time with future effect. Pseudonymized usage data may be processed in the context of using Userpilot. The processing may also include the transfer of data to the USA. Userpilot is certified under the EU-U.S. Data Privacy Framework (Art. 45 GDPR). Where necessary, standard contractual clauses of the EU Commission (Art. 46 GDPR) are used to ensure an adequate level of data protection.
Mailjet
This website uses Mailjet to send newsletters. The provider is Mailgun Technologies Inc, 112 E Pecan Sr #1135, San Antonio, Texas 78205, USA.
Mailjet is a service with which, among other things, the sending of newsletters can be organized and analyzed. The data you enter for the purpose of receiving newsletters is stored on Mailjet's servers.
With the help of Mailjet, it is possible for us to analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links, if any, were clicked. In this way, we can determine, among other things, which links were clicked on particularly often.
In addition, we can see whether certain previously defined actions were performed after opening/clicking (conversion rate). We can thus recognize, for example, whether you have made a purchase after clicking on the newsletter.
Mailjet also allows us to subdivide ("cluster") newsletter recipients based on various categories. For example, newsletter recipients can be subdivided according to age, gender or place of residence. In this way, the newsletters can be better adapted to the respective target groups. If you do not want any analysis by Mailjet, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.
For detailed information on Mailjet's functions, please refer to the following link: https://www.mailjet.com/products/
Mailjet's privacy policy can be found at: https://www.mailjet.com/legal/security-privacy/
The data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://sinch.com/legal/terms-and-conditions/other-sinch-terms-conditions/data-protection-agreement/
The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe. Data that has been stored by us for other purposes remains unaffected by this.
After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) lit. f GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
We have concluded a contract on order processing (AV) pursuant to Art. 28 GDPR with the above-mentioned provider. This is a contract required by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Security
We have taken technical and administrative security measures to protect your personal data against loss, destruction, manipulation and unauthorized access. All our employees as well as service providers working for us are obliged to comply with the applicable data protection laws.
Whenever we collect and process personal data, it is encrypted before it is transferred. This means that your data cannot be misused by third parties. Our security precautions are subject to a continuous improvement process and our privacy policy is constantly being revised. Please make sure that you have the latest version.
Rights of data subjects
You have the right to information, correction, deletion or restriction of the processing of your stored data, a right to object to the processing as well as a right to data transferability and to complain in accordance with the requirements of data protection law at any time.
Right to information
You can demand information from us as to whether and to what extent we process your data.
Right of rectification:
If we process your data that are incomplete or incorrect, you can demand that we correct or complete them at any time.
Right to deletion:
You can demand that we delete your data if we process them unlawfully or if the processing interferes disproportionately with your legitimate protection interests. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated storage obligations.
Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, provided that there is no legal obligation to retain them.
Right to limitation of processing:
You can demand that we restrict the processing of your data if:
- you dispute the accuracy of the data, for a period of time that allows us to verify the accuracy of the data
- the processing of the data is unlawful, but you refuse to have it deleted and instead demand a restriction on the use of the data
- we no longer need the data for the intended purpose, but you still need the data to assert or defend legal claims, or
- you have lodged an objection to the processing of the data.
Right to data transferability:
You can demand that we provide you with your data that you have provided us with in a structured, common and machine-readable format and that you can transfer this data to another responsible person without hindrance from us, provided that
- we process this data on the basis of a revocable consent given by you or for the fulfilment of a contract between us, and
- such processing is carried out by means of automated procedures.
If technically feasible, you can request us to transfer your data directly to another responsible party.
Right of objection:
If we process your data out of a legitimate interest, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling reasons for processing that are worthy of protection, which outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons.
Right of appeal:
If you are of the opinion that we are processing your data in violation of German or European data protection law, please contact us so that we can clarify any questions you may have. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.
If you wish to assert any of the above rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.
Changes to our privacy policy
We reserve the right to change our privacy policy if new technologies make this necessary. Please make sure that you have the latest version. If fundamental changes are made to this data protection declaration, we will announce these on our website.
All interested parties and visitors to our website can contact us regarding data protection issues at:
Mr. Christian Volkmer
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
Phone: 0941 2986930
Fax: 0941 29869316
Mail: anfragen@projekt29.de
Internet: www.projekt29.de