Data protection declaration according to GDPR and BDSG, milon Group
References on use and protection of your data and your rights – information according to Articles 13, 14 and 21 of the European General Data Protection Regulation (hereinafter referred to as GDPR)
Below, we, milon Holding GmbH, are informing you about how we process, collect and use your personal data within the framework of the use of our offers and services in the group of companies, hereinafter referred to as milon Group, comprising milon CARE GmbH, milon industries GmbH, Physio Aktiv GmbH, BEN GmbH, milon austria GmbH, milon alpine AG.
If you access and use the offers and services of the milon Group, various information about your PC or other terminal device such as Smartphone (hereinafter: your “system”) will be transmitted to us, depending upon the nature of your use. The majority of the information transmitted within the framework of the use is not personal. In the following data protection declaration, we explain the information and personal data in question and also how we make use of them.
The most important thing first: Sensitive and responsible dealings with your personal data is an elementary integral part of serious and customer-orientated entrepreneurial activity for us. As early as data processing, the principle of data thriftiness has great importance. We only collect and process your personal data to the extent that you have granted consent to us for this, legislation expressly permits or prescribes it or you allow us to do so. We guarantee that no personal data are forwarded to third parties without authorisation.
We point out that the European General Data Protection Regulation and also a new version of the Federal Data Protection Act (BDSG) have been in force since 25.5.2018.
Personal data are all information about the personal and factual situation of a specific or determinable natural entity (§ 3 subsection 1 BDSG) or a user. Examples of personal data are information such as your name, your address, localisation, online identifications or your telephone number.
2.1 milon Services
2.1.1 Websites of the milon Group
What are personal data?
Personal data are all information about personal and factual circumstances of a specific or identifiable natural person (Art. 3 (1) General Data Protection Regulation (GDPR)) or a user. Examples of personal data include your name, address, location, online identifiers or you telephone number.
Data collection on our website
Who is responsible for the data collection on this website?
The data processing on this website is carried out by the website operator. You can find his contact details in the legal notice this website.
How do we collect your information?
On the one hand, your data is collected when you communicate it to us. This may be data that you enter in a contact form, for example.
Other data is automatically collected by our IT systems when you visit our website. These are mainly technical data (e.g. Internet browser, operating system or time of page visit). These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected in order to ensure error-free provision of the website. Other data can be used to analyse your user behaviour.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right of appeal to the competent supervisory authority.
Analysis tools and third-party tools
General notes and mandatory information
We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.
Note about the responsible body
The responsible body for data processing on this website is:
milon industries GmbH
An der Laugna 2
86494 Emersacker, Germany
Phone: +49 (0)8293 / 965 50-0
Responsible body is the natural or legal person who alone or together with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).
Revocation of your consent to data processing
Many data processing processes are only possible with your express consent. You can revoke your consent at any time. All you need to do is send us an informal e-mail. The legality of the data processing up until the revocation remains unaffected by the revocation.
Right of appeal to the competent supervisory authority
In the event of data protection violations, the person concerned has a right of appeal to the competent supervisory authority. The responsible supervisory authority for data protection issues is the data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found on the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/addresses_links-node.html.
Right to data transferability
You have the right to have data which we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only take place if it is technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transfer of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Information, blocking, deletion
You have the right to free information about your stored personal data, their origin and recipients and the purpose of data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the scope of the applicable legal provisions. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of personal data.
Objection to advertising mails
I herewith object to the use of contact data, published within the scope of the obligatory legal notice, to send unsolicited advertising and information material. The operators of these pages expressly reserve the right to take legal action in the event of unsolicited advertising information, such as spam e-mails.
Data protection officer
Statutory data protection officer
We have appointed a data protection officer for our company.
milon industries GmbH
An der Laugna 2
86494 Emersacker, Germany
Phone: +49 (0)8293 / 965 50-0
Data collection on our website
Some of the Internet pages use so-called cookies. Cookies do not cause any damage to your computer and do not contain any viruses. Cookies serve to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your terminal until you delete them. These cookies enable us to recognize your browser the next time you visit our website.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally, and activate the automatic deletion of cookies when closing the browser. When cookies are deactivated, the functionality of this website may be limited.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These include:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data are not combined with other data sources.
The basis for data processing is Art. 6 para. 1 lit. f DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
If you send us enquiries using the contact form, your details from the enquiry form, including the contact data you provided there, will be stored for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.
The data entered in the contact form is therefore processed exclusively on the basis of your consent (Art. 6 (1) point (a) GDPR). You can revoke this consent at any time. All you need to do is send us an informal e-mail. The legality of the data processing processes carried out up until the revocation remains unaffected by the revocation.
The data entered by you in the contact form will remain with us until you request us to delete it, until you revoke your consent for storage, or until the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.
Analysis Tools and Advertising
This website uses functions of the web analysis service Google Analytics. Service provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored on the basis of Art. 6 (1) point (f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both his website and his advertising.
We have activated the IP anonymisation function on this website. This will cause your IP address to be truncated by Google within Member States of the European Union or in other countries party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website and Internet use. The IP address transmitted by your browser in connection with Google Analytics will not be merged with other Google data.
Objection to data collection
You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie is set which prevents the collection of your data on future visits to this website: Disable Google Analytics.
Contract data processing
We have concluded a contract with Google for commissioned data processing and fully implement the strict requirements of the German data protection authorities for the use of Google Analytics.
After registration for a newsletter in one of the enterprises of the milon Group by a customer/interested party, we use the e-mail address in order to inform about milon innovations and actions and topics to do with our products.
If you would like to subscribe to the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data will not be collected or will only be collected on a voluntary basis. We use these data exclusively to send the requested information and do not pass these on to third parties.
The data entered in the newsletter registration form will be processed exclusively on the basis of your consent (Art. 6 (1) point (a) GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing processes already carried out remains unaffected by the revocation.
The data you provide us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.
This website uses the services of MailChimp for sending newsletters. Service provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service with which the dispatch of newsletters can be organised and analysed. If you enter data for the purpose of newsletter subscription (e.g. e-mail address), these are stored on the servers of MailChimp in the USA.
MailChimp is certified according to the “EU-US-Privacy-Shield”. The “Privacy Shield” is an agreement between the European Union (EU) and the USA to ensure compliance with European data protection standards in the USA.
With the help of MailChimp we can analyse our newsletter campaigns. When you open an e-mail sent with MailChimp, a file contained in the e-mail (so-called web beacon) connects to the MailChimp servers in the USA. This allows us to determine whether a newsletter message has been opened and which links have been clicked on. In addition, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. They are used exclusively for statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you do not want MailChimp to analyse your data, you must unsubscribe from the newsletter. For this purpose, we provide an appropriate link in every newsletter message. You can also unsubscribe from the newsletter directly on the website.
The data are processed on the basis of your consent (Art. 6 (1) point (a) GDPR). You can revoke this consent at any time by cancelling the newsletter. The legality of the data processing processes already carried out remains unaffected by the revocation.
The data stored by you for the purpose of newsletter subscription will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of MailChimp after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.
Conclusion of a data processing agreement
We have a so-called “Data-Processing-Agreement” with MailChimp, in which we obligate MailChimp to protect the data of our customers and not to pass it on to third parties. This contract can be viewed under the following link: https://mailchimp.com/legal/forms/data-processing-agreement/sample-agreement/.
2.1.3. Plug-ins and Tools
Our website uses plug-ins from Google’s YouTube site. This website is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plug-in, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited.
If you are logged into your YouTube account, you allow YouTube to associate your surfing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) point (f) GDPR.
Google Web Fonts
This site uses so-called web fonts provided by Google to uniformly display fonts. When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
To do this, the browser you are using must connect to Google’s servers. This gives Google knowledge that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) point (f) GDPR.
If your browser does not support web fonts, a default font is used by your computer.
For more information about Google Web Fonts, please visit https://developers.google.com/fonts/faq and read Google’s privacy statement: https://www.google.com/policies/privacy/.
This page uses the map service Google Maps via an API. Service provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.
We use of Google Maps to make the layout of our online offers more appealing and to make it easier to find the places indicated by us on the website. This represents a legitimate interest within the meaning of Art. 6 (1) point (f) GDPR.
2.1.3 milon Services
milon Services are used to enable optimum support and care for the business relations in our customer relationship. In this context, the following personal data are collected via milon Services:
- Date/time of day
- Address of dispatcher and recipient (IP address)
- Start and duration of the connection
- Data quantities
- Telephone number
- Your position in the company
- Your company
- Bank account
- Facebook sites
- Postcode & address & town of the company (milon brand store) // only if the invitation mail is dispatched repeatedly
2.1.4 milon Brandstore
- The milon partner portal is a free service for our customers through which we provide marketing materials (photos, videos and files) as well as information about the respective products. The visibility of the respective materials depends on the milon products you have purchased from us.
The service provider for the implementation of the milon partner portal is called “Bynder b.v”.
This is a digital asset management software for the creation, management and release of media. With the help of this software you can still create, share and release collections with colleagues and external agencies.
To protect the files, it is possible to store a categorization (groups and profiles), time control (expiration of the visibility of the medium at the end of the year) as well as further restrictions (the placement of a watermark or the download option of only on confirmation by us).
For each file, you can see who downloaded it and when.
You may use the materials subject to these conditions as long as they are provided in milo partner portal.
Access to the milon partner portal:
To release a user account in the milon partner portal, to must register at https://www.milon.com/fuer-ihr-business/services/marketing-support-branding/.
We retrieve the following information during this application:
milon customer or service provider of a customer:
We need this information because you as a service provider are of course not stored in our system. We can thus assign you to the respective customer and set the correct visibilities in milon partner portal .
We will send you an activation link to this address to make sure you want to become part of the milon partner portal.
With this information we will continue to create your user profile in the milon partner portal and send you, for example, important updates of our terms.
First name and last name as well as information about your institution (name, postcode and city):
We need this information in order to verify you in our system as a milon customer and subsequently provide you with the relevant materials.
Which milon products do you own?
This enables us to assign the visibility relevant to you.
We will then send you an e-mail with the activation link.
After you have confirmed that you want to be included in the milon partner portal, you can assign yourself a password for the login.
Activate the user profile:
After registration on the website you will receive an activation link. The following data is requested here during activation:
- User name = e-mail address (required field)
We request this information in order to contact you.
- First name (required field)
We request this information in order to address you by your first name (if desired). In addition, the first name serves us for further verification within the portal.
- Add-on/Infix (optional)
We request this information in order to address you officially and with your entire name.
- Last name (required field)
We request this information in order to address you by your last name (if desired). In addition, the first name is used by us for further verification within the portal.
- User name = e-mail address (required field)
We request this information in order to contact you. You can log in to the milon partner portal via the e-mail address.
- Phone number (optional)
We request this information in order to contact you.
- Postcode/address/town (required field)
We retrieve these data in order that we can assign you to the responsible consultant in your area.
- Company name (required field)
We retrieve these data in order to be able to distinguish our customers exactly within the partner portal.
- Department (optional)
We retrieve these data in order to know which department we are cooperating with.
- Job title (required field)
We request this information in order to know whether we working together with an operator, a trainer or a marketing manager.
If we activate this feature in the future, we will notify you by e-mail or on the homepage of the milon partner portal.
Deletion of the account:
In case you no longer need your access to the milon partner portal, you can simply send an informal e-mail to us at email@example.com requesting that delete your account.
We then implement the deletion directly in house, since we maintain the platform and the user database ourselves via two administrator profiles.
2.2 Products of the milon Group
2.2.1. Milon CARE
- Master data collected by the fitness studio (name, date of birth, address and contact data, term of my training contract)
- Training data (settings of the training devices and data recorded in the use of the devices such as time and scope of the training)
- If applicable, health-related data collected within the framework of health examinations or which I have notified to the fitness studio (height, weight, blood pressure, injuries, medication and similar)
2.2.2 Milon ME
If a “Milon Me” user account is created, the following data are collected:
- In addition to the master data, in any case height, weight, maximum pulse (mandatory information)
- Voluntary information which I give about myself (e.g. contact data, trainer’s name, training targets)
- I can also input further information at my own discretion at any time: I can include free exercises (without milon devices) in my training plan, record the results of free training and also assess my current emotional state (voluntary information, is not inquired by Milon Me).
- Information in my public user profile which other “Milon Me” users can see (e.g. photo).
2.2.3 milon training devices and training on devices from other manufacturers via milon CARE
To be able to undertake training, registration under 2.2.1 is necessary. To the extent necessary, the device settings are done by the trainer before the first training session. These settings (master data radius of movement, weights) are stored so that the devices automatically adapt to the users in all subsequent training sessions. To make an analysis of the training session on the devices by milon CARE possible, the training data (training devices), weights, repetitions, distance and duration) are stored. In addition, training results can also be documented manually.
milonizer records body segment lengths for the setting of radii of movement on the training device. At your own discretion, it is possible to record your body weight via the integrated scales from Version 3.0 upwards. If a test offered is selected by the training staff or the person training, test results are recorded and transmitted to milon CARE.
2.2.5 milon studio finder
The studio finder is a service provided on the milon.com website in order to show location-related information about a facility on a cartographic display. The personal data are actively transmitted to us by the listed operator for the purpose of the aforementioned display.
2.2.6 Physio Aktiv “Train all over Germany”
We use the personal data transmitted by you exclusively for the purpose of displaying your studio on the physioaktiv.de website. This acts as an orientation for people interested in Physio Aktiv or Physio Aktiv members as to where Physio Aktiv partners are located, in order to agree trial training there or possibly to participate in the “Train all over Germany” programme. We assure you that your information is treated in accordance with the valid data protection law directives.
A cookie is a small text file which a website or a web server sends to your browser in order to identify your system – but not you personally. When you use milon Services, cookies are used for the following purposes:
- set-up and holding of a session between a client and a server
- analyses of users’ behaviour within applications and services
- simplified and secure login
The websites of the milon Group use Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files which are stored on your computer and make an analysis of the use of the website by you possible. As a rule, the information generated by the cookie about your use of this website is transmitted to a Google server in the USA and stored there. In the event of activation of the IP anonymisation on this website, your IP address is however curtailed beforehand by Google within the member states of the European Union or in other contracting states of the European Economic Area Treaty.
Only in exceptional cases is the full IP address transmitted to a Google server in the USA and curtailed there. By order of the operator of this website, Google will use this information in order to evaluate your use of the website, to collate reports about the website activities and to render further services for the website operator connected with the use of the website and the internet. The IP address transmitted by your browser within the framework of Google Analytics is not put together with other data by Google.
You can prevent storage of the cookies by a matching setting in your browser software; however, we draw your attention to the fact that you will possibly not be able to use all the functions of the website in this case. In addition, you can prevent recording of the data generated by the cookie relative to your use of the website (incl. your IP address) and processing of these data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
Note: On this website, Google Analytics has been extended by the „gat._anonymizeIp();“ code in order to guarantee anonymised recording of IP addresses.
As a matter of principle, the milon Group only uses your personal data itself. They are only transmitted to third parties in specific cases. We possibly forward your personal data to members of the group of companies or to third parties in order to make access to our services and products possible for them, to assert T&Cs and also to carry out marketing and advertising activities. Transmission might additionally be possible in order to recognise and to examine fraud. We do not forward your data to third parties for marketing or advertising purposes without your consent.
milon secures its services and website against loss, destruction, access, amendment or propagation of your data by unauthorised persons by technical and organisational measures, but nobody can guarantee absolute protection. All the servers on which customer data of the milon Group are stored are located within the European Union.
As a matter of principle, milon only transmits personal data in an encrypted form.
We only store your data as long as necessary, as long as we have to comply with our contractual duties and we have your consent. Otherwise, your data are deleted.
As a matter of principle, the milon Group does not transmit any data to third countries, and if so, then only to countries deemed a country with “suitable data protection level” according to § 4b subsection 2 sentence 2 BDSG.
Each person concerned has the right to information according to Art. 15 of the GDPR, the right to correction according to Art. 16, the right to deletion according to Art. 17, the right to limitation of the processing according to Art. 18 and the right to transferability of data from Art. 20. For the right to information and to deletion, the limitations according to §§ 34 and 35 of the Federal Data Protection Act apply. In addition, there is a right to complain to a data protection authority (Art. 77 in conjunction with § 19 BDSG).
There is currently no profiling in the milon Group.
a) to fulfil contractual duties (Art. 6 subsection 1b, GDPR)
b) within the framework of weighing of interests (Art. 6 subsection 1f) (e.g. Schufa, etc).
c) on the basis of your consent (Art. 6 subsection 1a)
d) on the basis of statutory requirements (Art. 6, subsection 1c)
e) for analysis and correction of technical errors
f) to guarantee system security
g) to optimise the systems
h) for control of misuse
milon CARE: As a customer or member of the milon Group, you can change (i.e. update, correct and/or supplement) your personal data at any time in the My Account area (milon care) and also partly delete them. There, you can also choose how we inform you and subscribe to or unsubscribe from newsletters. If amendment or deletion of your data in the My Account area is not possible, you can contact us at the following e-mail address: firstname.lastname@example.org
If you ask us to delete your personal data, we will comply with this request without delay. However, this might require the end of your use in individual cases. Further, we can merely block data to the extent that this is legally admissible (e.g. because we are obliged to archive them by law).
Physio Aktiv Newsletter and Services: you can change or delete your data by sending us a mail to: email@example.com
Unsubscribing from the milon newsletter: you can unsubscribe from the newsletter free of charge at any time by following the instructions at the end of the e-mail dispatched to you or changing the settings in your account under “Account Settings”. In addition, unsubscribing is possible by sending an e-mail to: firstname.lastname@example.org.
milon brandstore: write an informal e-mail to email@example.com with the request for deletion of the account.
Please address further questions on the subject of data protection to the responsible person named in the imprint.
You can contact our data protection commissioner via the e-mail address firstname.lastname@example.org or by post to the address stated in the legal notice.
For reasons resulting from your specific situation, you have the right to object to the processing of your personal data at any time.
If you make an objection, we shall no longer process your personal data, unless we can prove cogent reasons for the processing which are worthy of protection and prevail over your interests, rights and liberties or the processing is necessary for claiming, exercising or defending legal claims.