Legal

Privacy Policy

1. Privacy at a Glance

General Notes

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data by which you can be personally identified. Detailed information on data protection can be found in our full privacy policy below.

Data Collection on this Website

Data processing on this website is carried out by the website operator, whose contact details can be found in the legal notice. Your data is collected partly because you provide it to us (e.g. data you enter in a contact form) and partly because our IT systems collect it automatically when you visit the website (in particular technical data such as your internet browser, operating system or the time of the page request).

2. Controller

The controller responsible for data processing on this website within the meaning of the GDPR is:

MTM Medizin Technik Mauk GmbH
An der Bahn 10 · D–22844 Norderstedt · Germany
Phone: +49 (0)40 28533770
Email: info@mtm-medizintechnik.de

3. Data Protection Officer

We are not required to appoint a Data Protection Officer under Section 38 para. 1 of the German Federal Data Protection Act (BDSG), as fewer than 20 persons are regularly engaged in automated personal data processing at our company. For any data protection queries, please contact us directly at info@mtm-medizintechnik.de.

4. Data Collection on this Website

Cookies

This website uses only technically necessary cookies required for the operation of the website (e.g. session cookies set by the CMS). These are automatically deleted when you close your browser. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in the technically correct display of the website). Additionally, we store your consent decision for optional services (e.g. Google Maps) exclusively in your browser's local storage without transmitting this data to any server.

Server Log Files

The hosting provider of these pages (all-inkl.com, all-inkl GmbH, Hauptstraße 68, 02742 Friedersdorf, Germany) automatically collects and stores information in server log files that your browser transmits automatically. This includes: browser type and version, operating system, referrer URL, hostname of the accessing computer, time of the server request and IP address. This data is not merged with other data sources. Collection is based on Art. 6(1)(f) GDPR — our legitimate interest is the technically error-free display and optimisation of the website. The data is automatically deleted within 7 days at the latest.

Contact Form and Email Contact

If you send us enquiries via the contact form or by e-mail, your details including the contact information you provide will be stored for the purpose of processing your enquiry and will not be passed on without your consent. The legal basis is Art. 6(1)(b) GDPR (contract initiation) or Art. 6(1)(f) GDPR (legitimate interest in responding to your enquiry). The data will be deleted once your enquiry has been conclusively processed and there are no statutory retention obligations preventing this.

Web Fonts (Hosted Locally)

This website uses the “Montserrat” font, which is stored exclusively on our own web server and delivered from there. No connection to external font servers (e.g. Google Fonts) takes place; no data is transmitted to third parties.

Google Maps (Embedded Map)

We use Google Maps on our contact page to display an interactive map. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).

The map is only loaded after your active consent (“two-click solution”). Only when you click “Show map” does your browser establish a connection to Google’s servers, transmitting your IP address and potentially other browser information. Processing takes place in the USA; Google is certified under the EU-US Data Privacy Framework (adequate level of protection pursuant to Art. 45 GDPR).

The legal basis for data transmission following your consent is Art. 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future by reloading the page and not activating the map again. Further information on data processing by Google: https://policies.google.com/privacy.

Social Media – Links Only

This website contains links to our profiles on Instagram (Meta Platforms Ireland Ltd.), LinkedIn (LinkedIn Ireland Unlimited Company) and XING (New Work SE). These are plain hyperlinks only; no social media plugins are used that automatically transmit data to these platforms when the page loads. Only when you click a link and visit the respective platform do its privacy policies apply. We recommend consulting the privacy notices provided there.

Analytics (Matomo)

This website optionally uses the open-source software Matomo to analyse visitor traffic. Matomo is operated on our own server in Germany; no data is transferred to third parties.

Matomo is used only with your explicit consent (Art. 6(1)(a) GDPR). It is configured as follows:

  • No cookies – no tracking cookie is set.
  • IP anonymisation – your IP address is shortened before storage.
  • No fingerprinting – no cross-device identification.
  • Self-hosted – Matomo runs exclusively on our own server (Germany).

You may withdraw your consent at any time with effect for the future by clearing your browser cache (which resets the consent notice) and selecting “Technical only”. In that case no analytics data will be collected.

5. Retention Periods

Personal data is deleted once the purpose of storage no longer applies. Longer retention may be required where provided for by statutory provisions (e.g. tax retention obligations under Section 147 AO: 10 years; commercial retention obligations under Section 257 HGB: 6–10 years). After expiry of these periods, the corresponding data is routinely deleted.

6. Your Rights as a Data Subject

You have the following rights with respect to the controller:

  • Access (Art. 15 GDPR): You may request information about the personal data we hold about you.
  • Rectification (Art. 16 GDPR): You may request the correction of inaccurate data.
  • Erasure (Art. 17 GDPR): You may request the deletion of your data, provided no retention obligation applies.
  • Restriction of processing (Art. 18 GDPR): You may request restriction of processing under certain conditions.
  • Data portability (Art. 20 GDPR): You may receive your data in a common, machine-readable format or request transfer to another controller.
  • Withdrawal of consent (Art. 7(3) GDPR): You may withdraw any consent given at any time with effect for the future.
  • Complaint (Art. 77 GDPR): You may lodge a complaint with a supervisory authority at any time.

To exercise your rights, please contact: info@mtm-medizintechnik.de

7. Right to Object (Art. 21 GDPR)

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6(1)(f) GDPR (legitimate interests). In the event of an objection, we will no longer process the data concerned unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms.

8. Automated Decision-Making

No automated decision-making including profiling within the meaning of Art. 22 GDPR takes place.

9. Supervisory Authority

The competent data protection supervisory authority is:
Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD)
Holstenstraße 98, 24103 Kiel, Germany
www.datenschutzzentrum.de

Last updated: April 2026