top of page

MONA data protection

Data protection

We have written this data protection declaration (version 15.11.2022) in order to provide you withGeneral Data Protection Regulation (EU) 2016/679  to explain what information we collect, how we use data and the choices you have as a visitor to this website.

 

Automatic data storage

When you visit websites today, certain information is automatically created and stored, including on this website.

If you visit our website as you are right now, our web server (computer on which this website is stored) automatically saves data such as

  • the address (URL) of the accessed website

  • Browser and browser version

  • the operating system used

  • the address (URL) of the previously visited page (referrer URL)

  • the hostname and IP address of the device from which access is being made

  • Date and Time

in files (web server log files).

As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but cannot rule out that this data will be viewed in the event of illegal behavior.

cookies

Our website uses HTTP cookies to store user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.

What exactly are cookies

Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, which is basically the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data from you, such as language or personal page settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to the cookies, our website knows who you are and offers you your usual default setting. In some browsers each cookie has its own file, in others such as Firefox all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, since each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other "pests". Cookies also cannot access information on your PC.

For example, cookie data can look like this:

  • Name: _ga

  • Expiry time: 2 years

  • Use: Differentiation of website visitors

  • Example value: GA1.2.1326744211.152311219615

A browser should support the following minimum sizes:

  • A cookie should contain at least 4096 bytes

  • At least 50 cookies should be stored per domain

  • A total of at least 3000 cookies should be able to be stored

What kind of cookies are there?

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies.

There are 4 types of cookies:

Strictly Necessary Cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed if a user puts a product in the shopping cart, then continues surfing on other pages and only goes to the checkout later. These cookies do not delete the shopping cart, even if the user closes their browser window.

Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and behavior of the website in different browsers.

Targeting cookies
These cookies ensure a better user experience. For example, entered locations, font sizes or form data are saved.

advertising cookies
These cookies are also called targeting cookies. They are used to provide the user with individually tailored advertising. This can be very useful, but also very annoying.

Usually, when you visit a website for the first time, you will be asked which of these types of cookies you would like to allow. And of course this decision is also stored in a cookie.

How can I delete cookies

You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting cookies, only partially allowing them or deactivating them. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Managing Cookies and Website Data with Safari

Firefox: Clear cookies to remove data websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want any cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether you allow the cookie or not. The procedure differs depending on the browser. It is best to search the instructions in Google with the search term “delete cookies Chrome” or “disable cookies Chrome” in case of a Chrome browser or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.

What about my data protection?

The so-called “Cookie Guidelines” have been in place since 2009. It states that the storage of cookies requires your consent. Within the EU countries, however, there are still very different reactions to these directives. In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 (3) of the Telemedia Act (TMG).

If you want to know more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Internet Engineering Task Force (IETF) Request for Comments called “HTTP State Management Mechanism”.

storage of personal data

Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information when submitting a form or comments on the blog, will be stored by us together with the time and the IP Address used only for the purpose stated, kept safe and not passed on to third parties.

We therefore only use your personal data for communication with those visitors who expressly request contact and for the processing of the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior.

If you send us personal data by e-mail - thus outside of this website - we cannot guarantee a secure transmission and the protection of your data. We recommend that you never send confidential data unencrypted by e-mail.

The legal basis is after Article 6  paragraph 1 a GDPR  (lawfulness of processing) in that you give us consent to process the data you have entered. You can revoke this consent at any time - an informal e-mail is sufficient, you will find our contact details in the imprint.

Rights under the General Data Protection Regulation

According to the provisions of the GDPR, you have the following rights:

  • Right to rectification (Article 16 GDPR)

  • Right to erasure (“right to be forgotten”) (Article 17 GDPR)

  • Right to restriction of processing (Article 18 GDPR)

  • Right to notification – obligation to notify in connection with rectification or erasure of personal data or restriction of processing (Article 19 GDPR)

  • Right to data portability (Article 20 GDPR)

  • Right to object (Article 21 GDPR)

  • Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)

If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can contact die Federal Commissioner for Data Protection and Freedom of Information (BfDI) contact.

Evaluation of visitor behavior

In the following data protection declaration we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is usually anonymous and we cannot draw any conclusions about your person from your behavior on this website.

You can find out more about the possibilities of objecting to this evaluation of visit data in the following data protection declaration.

TLS encryption with https

We use https to transmit data securely on the Internet (data protection by Technikgestaltung Article 25 paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this protection of data transmission by the small lock symbol in the top left corner of the browser and the use of the https scheme (instead of http) as part of our Internet address.

Embedded Social Media Elements Privacy Policy

We integrate elements of social media services on our website to display images, videos and texts.
By visiting pages that display these elements, data is transferred from your browser to the respective social media service and stored there. We have no access to this data.
The following links take you to the pages of the respective social media services, where it is explained how they handle your data:

YouTube privacy policy

We have embedded YouTube videos on our website. This allows us to present you with interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you call up a page on our website that has an embedded YouTube video, your browser automatically connects to the YouTube or Google servers. Various data are transmitted (depending on the settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in Europe.

In the following we would like to explain to you in more detail which data is processed, why we have integrated YouTube videos and how you can manage or delete your data.

what is youtube

On YouTube, users can view videos, rate them, comment on them and upload them themselves free of charge. Over the past few years, YouTube has become one of the most important social media channels worldwide. In order for us to be able to display videos on our website, YouTube provides a code snippet that we have embedded on our site.

 

Why do we use Youtube videos on our website?

YouTube is the video platform with the most visitors and the best content. We strive to offer you the best possible user experience on our website. And of course interesting videos should not be missing. With the help of our embedded videos, we provide you with additional helpful content in addition to our texts and images. In addition, our website can be found more easily on the Google search engine thanks to the embedded videos. Even if we place advertisements via Google Ads, thanks to the data collected, Google can really only show these advertisements to people who are interested in our offers.

Which data is stored by Youtube?

As soon as you visit one of our pages that has a YouTube video installed, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, YouTube can mostly use cookies to associate your interactions on our website with your profile. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your Internet provider. Other data can be contact details, any ratings, sharing content via social media or adding it to your favorites on YouTube.

If you are not signed into a Google account or a Youtube account, Google stores data with a unique identifier associated with your device, browser or app. For example, your preferred language setting is retained. But a lot of interaction data cannot be saved because fewer cookies are set.

In the following list we show cookies that were set in a test in the browser. On the one hand, we show cookies that are set without a registered YouTube account. On the other hand, we show cookies that are set with a logged-in account. The list cannot claim to be complete because the user data always depends on the interactions on YouTube.

Name: YSC
Value: b9-CV6ojI5Y311219615-1
Purpose: This cookie registers a unique ID to save statistics of the video viewed.
Expiry date: after the end of the session

Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google receives statistics from PREF on how you use YouTube videos on our website.
Expiry date: after 8 months

Name: GPS
value: 1
Purpose: This cookie registers your unique ID on mobile devices to track GPS location.
Expiry date: after 30 minutes

Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose: This cookie tries to estimate the bandwidth of the user on our websites (with built-in YouTube video).
Expiry date: after 8 months

Other cookies that are set when you are logged in to your YouTube account:

Name: APISID
Value: zILlvClZSkqGsSwI/AU1aZI6HY7311219615-
Purpose: This cookie is used to create a profile of your interests. The data is used for personalized advertisements.
Expiry date: after 2 years

Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: The cookie stores the status of a user's consent to the use of various Google services. CONSENT is also used for security, to check users and protect user data from unauthorized attacks.
Expiry date: after 19 years

Name: HSID
Value: AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile of your interests. This data helps to display personalized advertising.
Expiry date: after 2 years

Name: LOGIN_INFO
Value: AFmmF2swRQIhALLl6aL…
Purpose: This cookie stores information about your login data.
Expiry date: after 2 years

Name: SAPISID
Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Purpose: This cookie works by uniquely identifying your browser and device. It is used to build a profile of your interests.
Expiry date: after 2 years

Name: SID
Value: oQfNKjAsI311219615-
Purpose: This cookie stores your Google account ID and your last login time in digitally signed and encrypted form.
Expiry date: after 2 years

Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information on how you use the website and which advertisements you may have seen before visiting our site.
Expiry date: after 3 months

How long and where is the data stored?

The data that YouTube receives from you and processes is stored on the Google servers. Most of these servers are located in America. Unter https://www.google.com/about/datacenters/inside/locations/?hl=de  you can see exactly where the Google data centers are located. Your data is distributed on the servers. This means that the data can be called up more quickly and is better protected against manipulation.

Google stores the collected data for different lengths of time. You can delete some data at any time, others are automatically deleted after a limited period of time and others are stored by Google for a longer period of time. Some data (such as My Activity items, photos or documents, products) stored in your Google Account will remain stored until you delete it. Even if you're not signed into a Google Account, you can delete some data associated with your device, browser, or app.

How can I delete my data or prevent data storage?

In principle, you can delete data in the Google account manually. With the automatic deletion of location and activity data introduced in 2019, information is stored for either 3 or 18 months and then deleted, depending on your decision.

Regardless of whether you have a Google account or not, you can configure your browser in such a way that Google cookies are deleted or deactivated. Depending on which browser you use, this works in different ways. The following instructions show how to manage cookies in your browser:

Chrome: Delete, enable and manage cookies in Chrome

Safari: Managing Cookies and Website Data with Safari

Firefox: Clear cookies to remove data websites have placed on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Deleting and managing cookies

If you generally do not want any cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether you allow it or not. Since YouTube is a subsidiary of Google, there is a common privacy policy. If you want to learn more about how your data is handled, we recommend the data protection declaration under https://policies.google.com/privacy?hl=en.

bottom of page