We appreciate your visit on our website and your interest in our offer. We want you to feel comfortable and safe with regards to how we process your personal data. Data protection and transparency are very important to us. This Privacy Notice is meant to help you understand our privacy practices, including which Personal Data we collect, why we collect it, what we do with it, and how we protect it, as well as knowing your individual rights. This information will enable you to always be in full control of your personal data.
Controller legally responsible for data processing:
Mahlo GmbH + Co. KG
D-93342 Saal / Donau
Categories of data, purpose and legal basis
It´s possible to visit our website without disclosing any personal data besides the technical data provided for the operation of the website itself. For transparency reasons, our privacy notice can be found on every page.
Personal data is data about an identified or identifiable person. This means any information about you, information that could be used to identify you or that is directly associated with you. We use personal data like your IP address or technical data of your device (e.g. service provider and operating system), only to run and improve our website. We never save this data beyond the fulfilling of its purpose or legal retention periods.
We need this data to run our website. If you object to processing, you won´t be able to use our online offer. We evaluate this kind of information statistically in order to make using our website ever more comfortable. We don´t connect this information to any other data we have collected previously. It´s only meant to improve the performance and attractiveness of our website and its content. Data collected when using our website will be deleted at the latest after 14 months. In some cases, we might be allowed to save data in order to enforce or defend any legal claims.
In any data processing we strictly adhere to the requirements of the EU General Data Protection Regulation (GDPR). This includes collecting, saving and using your personal data. We will never use your data for marketing purposes, and we will never sell, rent or leave your personal data to third parties.
Art. 6. 1 b and 1 f are legal basis for processing data in order to take care of information and network security. According to these articles processing of personal data is legal if necessary for the performance of a contract or for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.
According to Art. 13 2 e GDPR you are not obliged to provide us with your personal data when using our website. Nevertheless it´s just not possible to run a website without this kind of data.
Recipients of data
We only share personal data within our organization if and when necessary for the purposes specified in this privacy notice. We don´t share personal data with any third party outside of our organization unless one of the following circumstances applies.
Art 6 1c GDPR
Processing is necessary for compliance with a legal obligation to which the controller is subject.
Recipients of your personal data may be public offices as well as processors, processing the data collected online in our behalf. (Google, Webhosts, etc.)
Data processors are
Processing of personal data for contact
contact form / service form / application form / order for remote maintenance, spare parts, repair and return
We process information that you enter on our Website or communicate to us in some other way so that we can advise and supervise you following your request. This includes data you fill in a contact form or send us via e-mail. We will use this information only for your particular claims or requests. In order to protect your data, the transmission/transfer is coded by a common encryption method.
Data that you give us using our contact form, service form and form for ordering spare parts will stay encrypted until we have received the double opt-in confirmation. In case we don’t receive the confirmation, the data will be deleted after 30 days.
Your personal data will be deleted after we have answered your request or clarified your claim. Art. 6 1 a GDPR is legal basis for processing your data that you transmit by using the contact form, the service form and the application form. By transmitting your data, you give your consent to data processing for the described purposes. You may withdraw your consent with effect for the future in case you don’t want your data to be processed any more.
Art. 6 1b GDPR is legal basis for processing your data that you transmit by using the form for ordering remote maintenance, spare parts and repair and return.
If you subscribe to our newsletter, we collect your e-mail address and other information which allow us to confirm that this e-mail address belongs to you and that you agree to receiving our newsletter. Further data are not or are only collected voluntarily. We will only use these data for the transmission of the required information, and we will never pass them on to third parties.
Legal basis for the processing of your data that you gave to us by your subscription is your prior consent according to Art. 6 1 a) GDPR. You can at any time revoke your consent with effect for the future, e. g. by clicking the unsubscribe link that you can find in every newsletter.
We will store your data that you gave to us by subscribing to our newsletter until you unsubscribe and will delete them afterwards. Data that have been stored for other purposes remain unaffected.
Our newsletters are delivered by CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede. CleverReach is a service that allows us to organize and analyze the newsletter delivery. The data you provided for the purpose of receiving the newsletter (e. g. e-mail address) are stored on servers of CleverReach in Germany or in Ireland.
Newsletters delivered by CleverReach allow us to analyze the behavior of the newsletter receivers. We can analyze among other things how many receivers have opened the Newsletter and how often they clicked what link in the Newsletter. By means of the so-called conversion tracking we can also analyze if a predefined action was taken after clicking a link (e. g. Purchase of a product on our Website).
You can find further information about the data analysis by CleverReach here:
Legal basis for processing is your prior consent according to Art. 6 1 a) GDPR. You can at any time revoke your consent with effect for the future by unsubscribing the newsletter. If you do not agree to the analysis by CleverReach, you have to unsubscribe the newsletter. Therefore, we provide you with an unsubscribe link in every newsletter message.
We will store your data that you gave to us by subscribing to our newsletter until you unsubscribe. Your data will be deleted by us as well as by CleverReach after you unsubscribed our newsletter. Data that have been stored for other purposes remain unaffected.
For more information we refer to the CleverReach data protection information:
When visiting our stand, our marketing staff will collect meeting and contact information. Those will be used for the purpose of the preparation of a business connection and our legitimate interests based on Art. 6 1 b) and f). The fair protocols will be digitized and stored within our ERP-system. We will delete your contact information as well as the fair protocols after 5 years in case we did not enter into a business relationship with each other. With your prior consent we will send you information requested or contact you via telephone.
Legal basis is Art. 6 1 a GDPR.
We use two types of cookies: session cookies and persistent cookies. Cookies are small text files that we place on your computer. Cookies cannot execute any commands and therefore, they pose no security risk.
This Website uses Google Analytics, a web analysis service by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses so-called “Cookies” – small text files that are placed on your computer and which allow an analysis of the use of our website by you. You can find more detailed information about how Google uses those data here: https://policies.google.com/privacy/partners?hl=de
We will only use Google Analytics with your prior permission. Legal basis for processing is Art. 6(1) a GDPR.
We use the lead generation service provided by Leadinfo B.V., Rotterdam, The Netherlands, which recognizes visits of companies to our website based on IP-addresses and shows us related publicly available information, such as company names or addresses. In addition, Leadinfo places two first-party cookies for providing transparency on how our visitors use our website and the tool processes domains from provided form inputs (e.g. “leadinfo.com”) to correlate IP addresses with companies and to enhance its services. For additional information, please visit www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out option. In the event of an opt-out, your data will no longer be used by Leadinfo.
Purpose of data processing is identifying businesses that visited our website in order to conduct effective direct marketing or to optimize the use of the traffic on our website.
Legal basis for processing is our legitimate interest according to Art. 6(1) f GDPR.
You can object to the use of your data for direct marketing at any time, without costs arising by virtue thereof, other than transmission costs pursuant to the basic rates.
In particular the following data can be processed: IP-Address, name of the business, LinkedIn profile URL, business e-mail address, contact data of key decision makers that have pro-actively visited our website.
We will store any personal data as long as needed in order to fulfill the purpose. After fulfillment of the purpose any personal data will be deleted as long as they are not suspect to legal retention periods.
We will only use Leadinfo with your prior permission. Legal basis is Art. 6(1) a GDPR.
We have entered into a data processing agreement with Leadinfo.
We use Hotjar, a web analysis service by
Hotjar Limited Dragonara Business Centre
5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta, Europe
For further details, please see the ‘about Hotjar’ section of Hotjar’s support site."
Legal basis für processing is your prior permission (Art. 6 (1) a GDPR). We will store your data after the fulfillment of the purpose only within the scope of legal obligations.
We have entered into a data processing agreement with Hotjar.
This Website uses the remarketing function of Google Inc. This function is used to present users within the Google advertising network interest-based advertisement. It is placed a so-called “Cookie” on the browser of the website visitor which allows recognizing the visitor in case he calls up a webpage that belongs to the Google advertising network. On those pages, users can be presented advertisements that relate to content on websites that have been called up by the visitor before and which use the Google remarketing function. We only place the Google remarketing cookie with your prior consent to cookies. Legal basis is Art. 6(1) a GDPR.
According to Google’s own statement, Google does not collect personal data during this process. In case you still don’t want the Google Remarketing to be active, you can deactivate it by modifying the settings here: http://www.google.com/settings/ads
Social Media profiles
Facebook and Instagram
We have a profile at Facebook and Instagram. Supplier respectively is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. We entered a Joint-Controllership-Agreement with Facebook. This agreement states for which data processing operations we or Facebook are responsible when you visit our Facebook-Fanpage. Facebook-Ireland is primarily responsible according to GDPR for the processing of Insight data. You can view this agreement here:
You can modify your advertising preferences in your profile by yourself. Therefore, click on the following link and log in.
You can find detailed information within the data protection notice of Facebook:
We use a Xing account operated by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.
The data protection notice of Xing can be found here:
We use a LinkedIn account operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. In order to modify your settings concerning advertising measures in your profile at LinkedIn, please use the following link:
The data protection notice of LinkedIn can be found here:
For embedding Videos from Youtube we use the so-called privacy-enhanced mode. Operator is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
According to GDPR you have the following rights with regard to your personal data. You can find more detailed information in Art. 15 to 21 GDPR as well as in §§ 32 to 37 German Federal Data Protection Act.
You have the right to access your personal data. You may also request the rectification of inaccurate data. Under certain conditions you have the right to erasure, the right to restriction and the right to data portability. Further, you have the right to object to processing of personal data which is based on point (e), (f) of Art. 6(1), including profiling based on those provisions. You may withdraw your consent at any time and without giving reasons with effect for the future.
You may assert these rights directly with the controller. Therefore, informal contact is sufficient. You may send an Email or a letter.
You also have the right to lodge a complaint with a supervisory authority if you find our processing of your personal data to be inconsistent with applicable data protection law. A list of federal Data Protection Commissioner and contact data can be found here:
Do you have questions?
In case of any further questions please feel free to contact our officer for data protection:
David Gabel - Email: david.gabel(at)dsgvo-support.de
General information concerning data protection and processing of personal data can be found at https://www.dsgvo-support.de