LicenseJapan.com

Privacy Policy

Preamble

With the following privacy policy, we want to inform you about the types of your personal data (hereinafter also referred to as "data") that we process for which purposes and to what extent. This privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and especially on our websites, in mobile applications, and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offer").

The terms used are not gender-specific.

As of: June 11, 2024

Table of Contents

Responsible Party

Christian Mittler
Am Schießstand 41
26122 Oldenburg

Email: info@mittlus.de

Imprint: https://licensejapan.com/imprint

Overview of Processing

The following overview summarizes the types of processed data and the purposes of their processing, and refers to the affected persons.

Types of Processed Data

Categories of Affected Persons

Purposes of Processing

Relevant Legal Basis

Relevant Legal Basis under the GDPR: The following is an overview of the legal bases of the GDPR on which we process personal data. Please note that in addition to the regulations of the GDPR, national data protection regulations may apply in your or our country of residence. If more specific legal bases are relevant in individual cases, we will inform you of these in the privacy policy.

National Data Protection Regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations on data protection apply in Germany. This includes, in particular, the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). The BDSG contains special regulations on the right to access, the right to deletion, the right to object, the processing of special categories of personal data, the processing for other purposes, and the transfer and automated decision-making in individual cases, including profiling. Additionally, the data protection laws of the individual federal states may apply.

Note on the Applicability of GDPR and Swiss DSG: These privacy notices are intended to provide information under both the Swiss DSG and the General Data Protection Regulation (GDPR). For this reason, please note that the terms of the GDPR are used due to their broader spatial application and comprehensibility. Specifically, instead of the terms "processing" of "personal data", "overriding interest", and "special categories of personal data" used in the Swiss DSG, the terms "processing" of "personal data" and "legitimate interest" and "special categories of data" used in the GDPR are used. However, the legal significance of the terms remains determined by the Swiss DSG within the framework of its applicability.

Security Measures

We take appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, implementation costs, and the nature, scope, context, and purposes of processing, as well as the varying likelihood and severity of the risks to the rights and freedoms of natural persons.

The measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data as well as access, input, transmission, securing availability, and separation of the data. We have also established procedures to ensure the exercise of data subject rights, deletion of data, and response to data threats. Furthermore, we consider the protection of personal data already during the development or selection of hardware, software, and procedures, according to the principle of data protection by design and by default.

Securing online connections using TLS/SSL encryption technology (HTTPS): To protect user data transmitted via our online services from unauthorized access, we use TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the Internet. These technologies encrypt the information transmitted between the website or app and the user's browser (or between two servers), protecting the data from unauthorized access. TLS, as the more advanced and secure version of SSL, ensures that all data transmissions meet the highest security standards. If a website is secured by an SSL/TLS certificate, this is signaled by the display of HTTPS in the URL. This serves as an indicator to users that their data is being transmitted securely and encrypted.

Transfer of personal data

When we process personal data, it may be transferred to other bodies, companies, legally independent organizational units or persons or disclosed to them. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude corresponding contracts or agreements with the recipients of your data that serve to protect your data.

International Data Transfers

Data processing in third countries: If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if the processing occurs as part of the use of third-party services or the disclosure or transfer of data to other persons, entities, or companies, this is done only in accordance with legal requirements. If the level of data protection in the third country has been recognized by an adequacy decision (Art. 45 GDPR), this serves as the basis for the data transfer. Otherwise, data transfers occur only when the level of data protection is otherwise ensured, particularly through standard contractual clauses (Art. 46 para. 2 lit. c) GDPR), explicit consent, or in the case of contractual or legally required transfers (Art. 49 para. 1 GDPR). Additionally, we will inform you of the basis for third-country transfers for each provider from the third country, with adequacy decisions being the primary basis. Information on third-country transfers and existing adequacy decisions can be found on the information portal of the EU Commission: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en?prefLang=de.

EU-US Trans-Atlantic Data Privacy Framework: As part of the so-called "Data Privacy Framework" (DPF), the EU Commission has also recognized the level of data protection for certain companies from the USA as secure under the adequacy decision of 10.07.2023. You can find the list of certified companies as well as further information on the DPF on the website of the US Department of Commerce at https://www.dataprivacyframework.gov/ (in English). We inform you in our data protection notices which service providers we use are certified under the Data Privacy Framework.

General Information on Data Storage and Deletion

We delete personal data that we process in accordance with legal requirements as soon as the underlying consents are revoked or there are no further legal grounds for processing. This applies to cases where the original purpose for processing ceases to exist or the data is no longer needed. Exceptions to this rule exist if legal obligations or special interests require longer retention or archiving of the data.

In particular, data that must be retained for commercial or tax law reasons, or data that needs to be stored for legal prosecution or to protect the rights of other natural or legal persons, must be archived accordingly.

Our data protection notices contain additional information on the retention and deletion of data that specifically apply to certain processing activities.

If multiple retention periods or deletion deadlines for a datum are specified, the longest period is always decisive.

If a period does not explicitly start on a specific date and lasts at least one year, it automatically begins at the end of the calendar year in which the triggering event occurred. In the case of ongoing contractual relationships in which data is stored, the triggering event is the time the termination becomes effective or the legal relationship otherwise ends.

Data that is no longer needed for the originally intended purpose but is retained due to legal requirements or other reasons is processed exclusively for the reasons that justify its retention.

Further information on processing activities, procedures, and services:

Rights of Data Subjects

Rights of data subjects under the GDPR: As a data subject, you have various rights under the GDPR, particularly arising from Articles 15 to 21 GDPR:

Business Services

We process data from our contractual and business partners, such as customers and prospects (collectively referred to as "contractual partners"), in the context of contractual and similar legal relationships, as well as associated measures and in terms of communication with the contractual partners (or pre-contractually), such as to respond to inquiries.

We use this data to fulfill our contractual obligations. This includes, in particular, obligations to provide the agreed services, any updating obligations, and remedies for warranty and other service disruptions. Furthermore, we use the data to safeguard our rights and for administrative tasks related to these obligations, as well as for company organization. We also process the data based on our legitimate interests in proper and economical business management, as well as in security measures to protect our contractual partners and our business operations from misuse, threats to their data, secrets, information, and rights (e.g., involving telecommunications, transport, and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers, or tax authorities). Within the scope of applicable law, we only pass on the data of contractual partners to third parties to the extent necessary for the aforementioned purposes or to fulfill legal obligations. Contractual partners are informed about further forms of processing, such as for marketing purposes, within the framework of this data protection declaration.

Which data is necessary for the aforementioned purposes is communicated to the contractual partners before or during data collection, e.g., in online forms, through special markings (e.g., colors) or symbols (e.g., asterisks), or personally.

We delete the data after the expiration of legal warranty and comparable obligations, i.e., generally after four years, unless the data is stored in a customer account, e.g., as long as it must be retained for legal reasons (e.g., usually ten years for tax purposes). Data disclosed to us by the contractual partner as part of an order is deleted in accordance with the specifications and generally after the end of the order.

Further Information on Processing Activities, Procedures, and Services:

Business Processes and Procedures

Personal data of service recipients and clients – including customers, clients, or in special cases clients, patients, or business partners as well as other third parties – are processed in the context of contractual and comparable legal relationships and pre-contractual measures such as the initiation of business relationships. This data processing supports and facilitates economic operations in areas such as customer management, sales, payments, accounting, and project management.

The collected data serves to fulfill contractual obligations and to design operational processes efficiently. This includes handling business transactions, managing customer relationships, optimizing sales strategies, and ensuring internal accounting and financial processes. Additionally, the data supports the safeguarding of the rights of the controller and promotes administrative tasks and the organization of the company.

Payment Procedures

In the context of contractual and other legal relationships, due to legal obligations, or otherwise based on our legitimate interests, we offer the affected individuals efficient and secure payment options and use additional service providers alongside banks and credit institutions (collectively "payment service providers").

The data processed by the payment service providers includes inventory data, such as the name and address, bank data, such as account numbers or credit card numbers, passwords, TANs, and checksums, as well as the contract, total, and recipient-related information. The information is required to carry out the transactions. The entered data is processed only by the payment service providers and stored by them. This means that we do not receive any account or credit card information but only information with confirmation or negative information about the payment. Under certain circumstances, the data may be transmitted by the payment service providers to credit agencies. This transmission is intended to verify identity and creditworthiness. For this, we refer to the terms and conditions and the data protection notices of the payment service providers.

For payment transactions, the terms and conditions and data protection notices of the respective payment service providers apply, which can be accessed within the respective websites or transaction applications. We also refer to these for further information and the assertion of revocation, information, and other data subject rights.

Business Services

We process data from our contractual and business partners, such as customers and prospects (collectively referred to as "contractual partners"), within the framework of contractual and comparable legal relationships as well as related measures and in regard to communication with the contractual partners (or pre-contractually), for instance, to respond to inquiries.

We use this data to fulfill our contractual obligations. This includes, in particular, the duties to provide the agreed services, any update obligations, and remedy in case of warranty and other performance disruptions. Furthermore, we use the data to protect our rights and for the purposes of the administrative tasks associated with these obligations and corporate organization. We also process the data based on our legitimate interests in proper and economic business management as well as security measures to protect our contractual partners and our business operations from misuse, threats to their data, secrets, information, and rights (e.g., through the involvement of telecommunications, transport, and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers, or tax authorities). In accordance with applicable law, we only transfer the data of contractual partners to third parties to the extent that it is necessary for the aforementioned purposes or to fulfill legal obligations. Contractual partners are informed about further forms of processing, such as for marketing purposes, within the framework of this data protection declaration.

We inform the contractual partners about which data is required for the aforementioned purposes before or during data collection, e.g., in online forms, through special markings (e.g., colors) or symbols (e.g., asterisks), or personally.

We delete the data after the expiration of statutory warranty and comparable obligations, generally after four years, unless the data is stored in a customer account, e.g., as long as it must be retained for legal archiving reasons (typically ten years for tax purposes). Data disclosed to us by the contractual partner in the course of an order is deleted in accordance with the order specifications and generally after the order ends.

Further notes on processing procedures, processes, and services:

Business Processes and Procedures

Personal data of service recipients and clients – including customers, clients, or in specific cases, mandators, patients, or business partners as well as other third parties – are processed within the framework of contractual and comparable legal relationships and pre-contractual measures such as the initiation of business relationships. This data processing supports and facilitates economic processes in areas like customer management, sales, payments, accounting, and project management.

The collected data serves to fulfill contractual obligations and make business processes efficient. This includes handling business transactions, managing customer relationships, optimizing sales strategies, and ensuring internal billing and financial processes. Additionally, the data supports the protection of the controller's rights and promotes administrative tasks and corporate organization.

Personal data may be disclosed to third parties if necessary for the fulfillment of the aforementioned purposes or legal obligations

Payment Procedures

In the context of contractual and other legal relationships, due to legal obligations or otherwise based on our legitimate interests, we offer the affected individuals efficient and secure payment options and employ additional service providers besides banks and credit institutions (collectively "payment service providers").

Payment Processing

The data processed by payment service providers includes inventory data such as name and address, bank data such as account or credit card numbers, passwords, TANs, and checksums, as well as contract, sum, and recipient-related information. These details are necessary to conduct transactions. The entered data is processed solely by the payment service providers and stored by them. This means we do not receive any account or credit card information but only information confirming or rejecting the payment. In some cases, the payment service providers may forward the data to credit agencies to verify identity and creditworthiness. We refer you to the terms and conditions and the data privacy policies of the payment service providers for more details.

The business terms and data privacy policies of the respective payment service providers apply to the payment transactions and can be accessed within their websites or transaction applications. We also refer to these for further information and the assertion of rights to withdraw consent, request information, and other rights of affected individuals.

Further Information on Processing, Procedures, and Services:

Provision of Online Services and Web Hosting

We process the data of users to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to deliver the content and functions of our online services to the user's browser or device.

Further Information on Processing, Procedures, and Services:

Use of Cookies

Cookies are small text files or other storage markers that store and retrieve information on devices. For example, to save the login status in a user account, the contents of a shopping cart in an e-shop, the accessed content, or used functions of an online service. Cookies can also be used for various purposes, such as for the functionality, security, and convenience of online services, as well as for analyzing visitor traffic.

Notes on consent: We use cookies in accordance with legal regulations. Therefore, we obtain prior consent from users unless it is not required by law. Permission is not necessary in particular if the storage and retrieval of information, including cookies, is absolutely necessary to provide users with a telemedia service (i.e., our online service) they expressly request. The revocable consent is clearly communicated to them and includes information on the respective cookie usage.

Notes on data protection legal bases: The legal basis on which we process the personal data of users using cookies depends on whether we ask them for consent. If users agree, the legal basis for processing their data is the declared consent. Otherwise, the data processed using cookies is based on our legitimate interests (e.g., in the economic operation of our online service and the improvement of its usability) or, if this is necessary to fulfill our contractual obligations, when the use of cookies is required to meet our contractual obligations. We clarify the purposes for which cookies are used in the course of this privacy policy or in the context of our consent and processing processes.

Storage duration: In terms of storage duration, the following types of cookies are distinguished:

General notes on withdrawal and objection (opt-out): Users can withdraw their given consents at any time and also object to processing according to legal requirements, including through the privacy settings of their browser.

Further notes on processing procedures, methods, and services:

Contact and Inquiry Management

When contacting us (e.g., by mail, contact form, email, phone, or via social media) and within the framework of existing user and business relationships, the information of the inquiring persons is processed to the extent necessary to respond to contact inquiries and any requested actions.

Further Notes on Processing Procedures, Methods, and Services:

Newsletters and Electronic Notifications

We send newsletters, emails, and other electronic notifications (hereinafter "newsletters") only with the consent of the recipients or based on a legal basis. If the contents of the newsletter are specified within the scope of registration, they are decisive for the consent of the users. For subscribing to our newsletter, it is usually sufficient to provide your email address. However, to offer you a personalized service, we may ask for your name for personal address in the newsletter or for additional information if necessary for the purpose of the newsletter.

Deletion and restriction of processing: We can store the unsubscribed email addresses based on our legitimate interests for up to three years before deleting them to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual deletion request is possible at any time, provided that the former existence of consent is confirmed at the same time. In the case of obligations to permanently observe objections, we reserve the right to store the email address solely for this purpose in a blocklist (so-called "blocklist").

The logging of the registration process is based on our legitimate interests to prove its proper course. If we commission a service provider to send emails, this is done based on our legitimate interests in an efficient and secure dispatch system.

Contents:

Information about us, our services, actions, and offers.

Promotional Communication via Email, Mail, Fax, or Phone

We process personal data for the purposes of promotional communication, which can be carried out through various channels, such as email, phone, mail, or fax, in accordance with legal requirements.

Recipients have the right to revoke consents given at any time or to object to promotional communication at any time.

After revocation or objection, we store the data necessary to prove the previous authorization to contact or send for up to three years after the end of the year of revocation or objection based on our legitimate interests. The processing of this data is limited to the purpose of possible defense against claims. Based on the legitimate interest to permanently observe the revocation or objection of users, we also store the data required to prevent further contact (e.g., depending on the communication channel, the email address, phone number, name).

Online Marketing

We process personal data for the purpose of online marketing, which may include marketing advertising space or displaying advertising and other content (collectively referred to as "content") based on potential user interests and measuring their effectiveness.

For these purposes, user profiles are created and stored in a file (the so-called "cookie") or similar procedures are used to store information relevant to the display of the aforementioned content. This may include viewed content, visited websites, used online networks, as well as communication partners and technical information such as the browser used, the computer system used, and information on usage times and functions used. If users have consented to the collection of their location data, this can also be processed.

Additionally, the IP addresses of users are stored. However, we use available IP masking procedures (i.e., pseudonymization by shortening the IP address) to protect users. In general, no clear data of users (such as email addresses or names) are stored within the online marketing process, but rather pseudonyms. This means that we and the providers of the online marketing procedures do not know the actual identity of the users, only the information stored in their profiles.

The statements in the profiles are usually stored in the cookies or by similar procedures. These cookies can generally also be read later on other websites that use the same online marketing procedure, analyzed for the purpose of displaying content, and supplemented with other data stored on the server of the online marketing procedure provider.

In exceptional cases, it is possible to assign clear data to the profiles, primarily if users are, for example, members of a social network whose online marketing procedure we use, and the network connects the user profiles with the aforementioned information. We ask users to note that they may make additional agreements with the providers, such as consenting during registration.

We generally only have access to aggregated information about the success of our advertisements. However, within the scope of so-called conversion measurements, we can determine which of our online marketing procedures have led to a so-called conversion, i.e., for example, to the conclusion of a contract with us. Conversion measurement is used solely for the purpose of analyzing the success of our marketing measures.

Unless otherwise indicated, please assume that the cookies used are stored for a period of two years.

Notes on Legal Bases: If we ask users for their consent to use third-party providers, the legal basis for data processing is consent. Otherwise, user data is processed based on our legitimate interests (i.e., interest in efficient, economical, and recipient-friendly services). In this context, we also refer you to the information on the use of cookies in this privacy policy.

Notes on Revocation and Objection:

We refer to the privacy notices of the respective providers and the opt-out options provided to the providers (so-called "opt-out"). If no explicit opt-out option has been provided, you can disable cookies in your browser settings. However, this may limit the functionality of our online offering. Therefore, we additionally recommend the following opt-out options, which are offered collectively for specific areas:

a) Europe: https://www.youronlinechoices.eu

b) Canada: https://www.youradchoices.ca/choices

c) USA: https://www.aboutads.info/choices

d) Cross-border: https://optout.aboutads.info

Further information on processing procedures, methods, and services:

Offering an Affiliate Program

We offer an affiliate program, i.e., commissions or other benefits (collectively referred to as "commission") for users (referred to as "affiliates") who refer to our offers and services. The referral is made via a link assigned to the respective affiliate or other methods (e.g., discount codes) that allow us to recognize that the use of our services was based on the referral (collectively referred to as "affiliate links").

In order to track whether users have used our services due to the affiliate links used by the affiliates, it is necessary for us to know that users followed an affiliate link. The assignment of affiliate links to the respective business transactions or the use of our services serves only the purpose of commission settlement and is removed once it is no longer necessary for this purpose.

For the purposes of the aforementioned assignment of affiliate links, the affiliate links can be supplemented with certain values that are part of the link or otherwise stored, e.g., in a cookie. These values may include the originating website (referrer), the time, an online identifier of the operators of the website where the affiliate link was located, or an online identifier.

Customer Reviews and Rating Procedures

We participate in review and rating procedures to evaluate, optimize, and promote our services. When users rate us or provide feedback through the involved rating platforms or procedures, the general terms or usage conditions and the privacy notices of the providers also apply. Generally, the review also requires registration with the respective providers.

To ensure that the reviewing persons have actually used our services, we transmit the necessary data regarding the customer and the used service to the respective rating platform (including name, email address, and order number or item number) with the customer's consent. These data are used solely to verify the authenticity of the user.

Further information on processing procedures, methods, and services:

Plugins and Embedded Functions and Content

We embed functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These may include graphics, videos, or maps (hereinafter collectively referred to as "content").

The embedding always requires that the third-party providers of this content process the IP address of the users, as they could not send the content to their browser without the IP address. The IP address is thus necessary for the display of this content or functions. We strive to use only such content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic to the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visit time, and other information about the use of our online offering, as well as be linked to such information from other sources.

Notes on Legal Bases: If we ask users for their consent to the use of third-party providers, the legal basis for data processing is consent. Otherwise, user data will be processed on the basis of our legitimate interests (i.e., interest in efficient, economic, and user-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this privacy policy.

Further Information on Processing Procedures, Methods, and Services:

Created with the free privacy policy generator from Dr. Thomas Schwenke

© LicenseJapan.comImprintPrivacy PolicyTerms of ServiceContactSupport

    We use cookies

    We use cookies to ensure you get the best experience on our website. For more information on how we use cookies, please see our Privacy Policy.

    By clicking "Accept", you agree to our use of cookies.