• Privacy policy

Welcome to our website and thank you for your interest in our company. We take the protection of your personal data very seriously. We process your data in accordance with applicable personal data protection legislation, in particular the GDPR and our country-specific implementation laws, which provide comprehensive information about the processing of your personal data by Mayer Sitzmöbel GmbH & Co. KG and your rights.

Personal data is any information that makes it possible to identify a natural person. This includes, in particular, your name, date of birth, address, telephone number, email address and IP address. Anonymous data is available if no personal reference to the individual/user can be made.

Responsible body and data protection officer

Mayer Sitzmöbel GmbH & Co.KG (hereinafter „Mayer“), Am Brunnen 7, 96257 Redwitz, Germany

Company’s contact information:
Web address: www.mayersitzmoebel.de
E-mail address: mensch@mayersitzmoebel.de
Phone: +49 9264 800-0, Fax: +49 9264 80 253
Contact info of the data protection officer:

Your rights as a data subject

We would first like to notify you of your rights as a data subject. These rights are set out in Articles 15 - 22 GDPR, and include:

  • the right of access (Art. 15 GDPR),
  • the right to rectification (Art. 16 GDPR),
  • the right to data portability (Art. 20 GDPR),
  • the right to object to data processing (Art. 21 GDPR),
  • the right to erasure / right to be forgotten (Art. 17 GDPR),
  • the right to restriction of data processing (Art. 18 GDPR).

To exercise these rights, please contact datenschutz@mayersitzmoebel.de. The same applies if you have any questions regarding data processing in our company or when you withdraw your consent. You also have a right of appeal to the relevant data protection supervisory authority.

Right to object

Please note the following with respect to your right to object:
When we process your personal data for the purpose of direct marketing, you have the right to object to this data processing at any time without providing the reasons for such objection. This also applies to profiling insofar as it is associated with direct marketing.
If you object to the processing for direct marketing, we will no longer process your personal data for such purposes. The objection is free of charge and can be made informally, where appropriate to: mensch@mayersitzmoebel.de.
Should we process your data to protect legitimate interests, you may object to such processing at any time for reasons that arise from your specific situation; this also applies to profiling based on these provisions. We will then cease to process your personal information unless we can demonstrate compelling legitimate grounds for processing such information that outweigh your interests, rights and freedoms, or the processing is intended to assert, exercise or defend legal claims.

Purposes and legal bases of data processing

The processing of your personal data complies with the provisions of the GDPR and all other applicable data protection regulations. Legal bases for data processing arise in particular from Art. 6 GDPR.
We use your data to initiate business, to fulfil contractual and legal obligations, to conduct the contractual relationship, to offer products and services and to consolidate customer relationships, which may include marketing and direct marketing. Your consent also constitutes a data protection regulation. In this respect, we will inform you of the purposes of data processing and the right to withdraw your consent. If the consent also relates to the processing of special categories of personal data, we will explicitly notify you in the consent process. Processing of special categories of personal data within the meaning of Art. 9 (1) GDPR may only take place where necessary on the grounds of legal regulations and there is no reason to assume that your legitimate interests should prevail to the exclusion of processing such data.

Data transfers / Disclosure to third parties

We will only transmit your data to third parties within the scope of given statutory provisions or based on consent. In all other cases, information will not be transferred to third parties unless we are obliged to do so owing to mandatory legal regulations (disclosure to external bodies, including the supervisory authorities or law enforcement authorities).

Data recipients / categories of recipients

In our organisation, we ensure that only individuals who are required to process the relevant data to fulfil their contractual and legal obligations are authorised to handle personal data. In many cases, service providers (e.g. webhosting agencies, newsletter providers) assist our specialist departments to fulfil their tasks. The necessary data protection contracts have been concluded with all service providers.

Transfers of personal data to third countries

A transfer of data to third countries (outside the European Union or the European Economic Area) shall only take place if required by law or if you have provided your consent for such a transfer. In order to provide our customers with a digital newsletter we transfer your personal data to a company outside the European Economic Area in the USA. Compliance with the level of data protection is ensured by a EU standard contractual clause.

Period of data storage

We store your data for as long as such is required for the relevant processing purposes. Please note that numerous retention statutory periods require that data must be stored for a specific period of time. This relates in particular to retention obligations for commercial or fiscal purposes (e.g. commercial code, tax code, etc.). The data will be routinely deleted after use unless a further period of retention is required. We may also retain data if you have given us your permission to do so, or in the event of any legal disputes and we use the evidence within the statutory limitation period, which may be up to 30 years; the standard limitation period is 3 years.

Secure transfer of data

We implement the appropriate technical and organisational security measures to ensure the optimal protection of the data stored by us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. The security levels are continuously reviewed in collaboration with security experts and adapted to new security standards. The data exchange to and from our website and our ownCloud is both encrypted. We provide https as a transfer protocol for our website and our ownCloud, and always use the current encryption protocols. In addition, we offer our users content encryption in our contact forms and applications. We alone can decrypt this data. It is also possible to use alternative communication channels (e.g. mail).

Obligation to provide data

A range of personal data is required to provide you with our dealer newsletter. The same applies to the use of our website and our ownCloud and the various functions which they provide. We have summarised the relevant details in the above point. In some cases, legal regulations require data to be collected or made available. Please note that it will not be possible to process your request or execute the underlying contractual obligation without this information.

Data categories, sources and origin of data

The data we process is defined by the relevant context: it depends on whether, for example, you send us a contact request by E-mail or submit a registration request for our ownCloud or our dealer newsletter. Please note that we may also provide information at specific points for specific processing situations separately where appropriate, e.g. when you send a contact request by E-mail.

Provision of this website

We collect and process the following data when you visit our website:

  • Name of the Internet service provider
  • Information on the website you are visiting us from
  • Web browser and operating system used
  • Information on the website from which you visited us
  • The IP address by your allocated Internet service provider
  • Files accessed, volume of data transferred, downloads/file export
  • Information on websites accessed on our site, including date and time
  • For reasons of technical security (in particular to safeguard against attempts to attack of our web server), this data is stored in accordance with Article 6 (1) lit f GDPR. Anonymisation takes place no later than after seven days by abbreviating the IP address so that no reference is made to the user.

We collect and process the following data for our dealer newsletter service:

  • Company
  • E-mail address
  • Name
  • Dealer number

We collect and process the following data for our “Mayer ownCloud” image database (hereinafter “ownCloud”) for dealers:

  • Company
  • E-mail address
  • Dealer number

Dealing with data of customers, suppliers, contractual partners, interested parties

Categories / Origin of data

Within the framework of the contractual relationship and for the contract initiation we process the following personal data:

  • contact details (e.g. first name / surname of the current and, if applicable, previous contact persons as well as name additions, company name and address of the customer (employer), telephone number with extension, business e-mail address)
  • Occupational data (e.g. company function, department)

In principle, we will receive your personal data from you or your employer as part of the initiation of the contract or during the current contractual relationship. By way of exception, in certain circumstances your personal data will also be collected from other sources. This includes occasion-related queries on relevant information with credit bureaus, in particular on creditworthiness and credit behaviour.

Purposes and legal bases of data processing

When processing your personal data, the provisions of the EU DS-GVO, the BDSG (new) and other relevant legal provisions are always observed.

Your personal data will be used exclusively for the execution of pre-contractual measures (e.g. for the preparation of offers for products or services) and for the fulfillment of contractual obligations (e.g. for the performance of our services or for order / order / payment processing), (Art. 6 para. 1 lit. b EU-DS-GMO) or if there is a legal obligation to process it (e.g. due to tax regulations) (Article 6 (1) (c) of the EU-DS-BER). For these purposes, the personal data were originally collected.

Of course, a data protection regulation may also constitute your consent to the processing of data (Article 6 (1) (a) EU-DS-BER). Before grant, we will inform you about the purpose of the data processing and about your right of withdrawal according to Art. 7 (3) EU-DS-GVO. If the consent also relates to the processing of special categories of personal data pursuant to Art. 9 EU-DS-GVO, we will explicitly inform you in advance.

To detect crimes your personal data will be processed only under the conditions of Art. 10 EU-DS-GVO.

Handling applicant data

Categories / Origin of data

As part of the application process, we process the following personal data:

  • Your master data (name, first name, name additions)
  • contact details (address, telephone number, e-mail address)
  • Qualification data (CV, cover letter, degrees)
  • If applicable, photo / work permit / residence permit / date of birth
  • If necessary, criminal record / certificate of good conduct

Your personal data will generally be collected directly from you during the application process.

Purposes and legal bases of data processing

When processing your personal data, the provisions of the EU DS-GVO, the BDSG (new) and all other (labor) legal provisions are always complied with. We are aware of the importance of your data. Your personal data will be processed solely for the purpose of the effective and correct handling of the application process and for establishing contact during the application process.

In addition, we process your data if we have a legal obligation to do so, in particular from employment law. For special categories of personal data acc. Art. 9 (1) EU-DS-GVO also provides for a balance of interests, ie data processing only takes place if your interests worthy of protection do not predominate (Art. 88 (1) EU-DS-GVO in conjunction with § 26 (1), 3 BDSG (new)).

Your consent also constitutes a license for data processing. If you have given us your consent (e.g. for the longer storage of the application documents in our pool of applicants), we also process your data for this purpose (Art. 88 (1) EU-DS- GMO in connection with § 26 Abs. 2 BDSG (new)). Of course, if we obtain your consent, we will inform you about the specific purpose of the data processing and your right of withdrawal. Should the consent also apply to the processing of special categories of personal data pursuant to Art. Article 9 EU-DS-GVO, we will explicitly inform you in advance.

Storage duration of applications

We save your application data until the application process is completed or we no longer need your data for the above purposes or you have revoked your consent. If we enter into an employment relationship with you, the relevant applicant data will be stored with us if they are still relevant for the employment relationship.

If we unfortunately have to reject your application, we will delete your application documents at the latest 6 months later.

Unless you have given us your consent to be included in our pool of applicants and the associated longer storage of your application documents. In this case, we delete your data after a maximum of 12 months or if you should revoke your consent.

Cookies (Art. 6 (1) lit a GDPR)

Our website uses “cookies” at various locations, which serve to make our offer more user-friendly, effective and secure and help us to present our website correctly. A further analysis of our website visitors or so-called “webtracking” does not take place. Cookies are small text files that are stored on your computer and stored by your browser (locally on your hard drive). All cookies we use are so-called "session cookies". These will be automatically deleted when the browser is closed. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Furthermore, already set cookies can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers.

Please note: If you deactivate the setting of cookies, not all functions of our website may be fully usable.

Newsletter (Article 6 (1) lit a GDPR)

You can subscribe to a free newsletter on our website. We send newsletters with advertising information (hereinafter “newsletter”) only with the consent of the recipient or a legal permission. The principle of data minimisation and data avoidance is observed here, as only the email address and the company name are mandatory. Name and dealer number are voluntary.

Double Opt-in and logging
The registration for our newsletter takes place in a so-called double opt-in procedure. That after registration, you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with external e-mail addresses. The registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes the storage of the login and the confirmation time, as well as the IP address. Similarly, the changes to your data stored with MailChimp will be logged.

Use of the shipping service provider “MAILCHIMP”
The newsletter is distributed via “MailChimp”, a newsletter shipping platform of Rocket Science Group, LLC, 675 Ponce De Leon Ave # 5000, Atlanta, GA 30308, USA. The e-mail addresses of our Newsletter recipients, as well as their other information described in these notes, are stored on the servers of MailChimp in the USA. MailChimp uses this information to send and evaluate the newsletters on our behalf. Furthermore, MailChimp may, according to its own information, use this data to optimize or improve its own services, e.g. for the technical optimization of the shipping and the presentation of the newsletter or for economic purposes, to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write them down or to pass them on to third parties. We rely on the reliability, IT and data security of MailChimp. MailChimp is certified under the US-EU privacy shield “Privacy Shield” and is committed to complying with EU data protection requirements. Furthermore, we have concluded a data processing agreement with MailChimp. This is a contract in which MailChimp pledges to protect the data of our users, to process it in accordance with its privacy policy on our behalf and, in particular, not to disclose it to third parties. The privacy policy of MailChimp can be viewed here.

Statistical survey and analysis
The newsletters contain a so-called “web-beacon”, i. a pixel-sized file that is retrieved from the MailChimp server when the newsletter is opened. This call will initially collect technical information, such as information about the browser and your system, as well as your IP address and time of retrieval. This information is used to improve the technical performance of services based on their specifications or audience and their reading habits, based on their locations (which can be determined using the IP address) or access times.
Statistical surveys also include determining if the newsletters will be opened, when they will be opened and which links will be clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our desire nor that of MailChimp to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

Online and data management
There are cases in which we direct the newsletter recipients to the MailChimp websites. For example, Our newsletters contain a link that allows newsletter recipients to retrieve newsletters online (for example, in the case of display problems in the e-mail program). Furthermore, newsletter recipients can store their data, such as correct the e-mail address later. Similarly, the privacy policy of MailChimp is only available on their page. In this context, we pointed out that on the websites of MailChimp cookies are used and thus personal data processed by MailChimp, their partners and service providers used (such as Google Analytics). We have no influence on this data collection. For more information, see the privacy policy of MailChimp. Please also refer to the possibility of objecting to the data collection for advertising purposes on the websites http://www.aboutads.info/choices/ and http://www.youronlinechoices.com/ (for the European area).

Termination / Revocation
You can terminate the receipt of our newsletter at any time, ie. revoke your consent. At the same time, your consent to sending it via MailChimp and the statistical analyzes will lapse. A separate revocation of the dispatch via MailChimp or the statistical evaluation is unfortunately not possible. A link to cancel the newsletter can be found at the end of each newsletter.

„Mayer ownCloud“ / Dealer-Login

On our website, we offer our dealers the opportunity to register for our ownCloud by submitting personal data in order to download digital communication media and image data free of charge. The principle of data minimisation and data avoidance is observed here, as only the data necessary for the registration are interrogated. These are at the first time the e-mail address, dealer number and company. By registering on our ownCloud, the user's IP address is stored in the ownCloud error log. Date and time are automatically removed after successful registration / activation. By activating the button "OK" you give the consent to the processing of your data.
Please note: The automatically by our ownCloud generated password will be "hashed" and can therefore no longer be decrypted. Employees of our company can not read this password. They can therefore give you no information, in case you should have forgotten your password. In this case, please contact mensch@mayersitzmoebel.de by e-mail to have your password reset. No employee is entitled to request your password by telephone or in writing. Please never mention your password if you receive such requests. Upon completion of the registration process, your data will be stored in our ownCloud platform for use within the protected customer area. Once you log in to our ownCloud with your e-mail address as username and password, this information will be provided to you on our ownCloud for any actions you have performed (such as downloading digital imagery, digital advertising material). Of course, you can cancel or delete the registration or your customer account at any time. In this case, please send a message to mensch@mayersitzmoebel.de.

Marketing purposes (Article 6 (1) lit f GDPR)

Mayer Sitzmöbel GmbH & Co. KG is keen to nurture the customer relationship with you and to send you information and offers about our product / services (e.g. promotional offers, information on new product introductions, trade fairs). We therefore process your data to send you the relevant information and offers via mail or email. You may object to the use of your personal data for the purpose of direct marketing at any time; this also applies to profiling insofar as it is associated with direct marketing. If you object, we will cease processing your personal information for this purpose.
You can withdraw your consent at any time free of charge and informally without stating the reasons for such and should be addressed to phone +49 9264 / 800-0 or sent via E-mail to mensch@mayersitzmoebel.de or via mail to Mayer Sitzmöbel GmbH & Co.KG, Am Brunnen 7, D - 96257 Redwitz-Mannsgereuth, Germany.

Links to other providers

Our website also contains clearly identifiable links to the Internet sites of other companies. Although we provide links to websites of other providers, we have no influence on their content, and no guarantee or liability can therefore be assumed for such. The content of these pages is always the responsibility of the respective provider or operator of the pages. The linked pages were checked at the time of linking for potential legal violations and identifiable infringements. No illegal content was identified at the time of linking. However, a permanent content control of the linked pages is not reasonable without concrete evidence of an infringement and, upon notification of a violation of rights, such links will be promptly removed.

Automated decisions in individual cases

We do not use purely automated processing to make decisions.