mondo_logo
Account

Privacy Policy

We appreciate your interest in our website and in our Saas. Protecting your personal data during its collection, processing, and use when you visit our website and use our SaaS is of great importance to us. Your data is protected in accordance with legal regulations.
Please take a moment to read the following information. It will inform you about how we handle your personal data, how and for what purpose this data is used, to whom we pass on this data, and how we protect your personal information.
Your rights to privacy are our top priority, and we strive to protect and ensure these rights to the best of our ability. We therefore process your data exclusively on the basis of the legal provisions of the General Data Protection Regulation (GDPR)

Person responsible

Netex GmbH,, Uhlandstr 30, 82256, Fürstenfeldbruck, Germany, processes personal data as a data controller within the meaning of the GDPR.

If you have any questions regarding data protection, our Data Protection Officer at the email adress dpo@netex.de or our postal address with the addition “Data Protection Officer”.

Categories of data subjects
• visitors to our website; and
• customers and potential customers as well as their employees who use or wish to use our service.

Collection and Processing of Data
Every access to our website and every retrieval of a file stored on the website is logged. The storage serves internal system-related and statistical purposes.
Logged data includes:

• IP Address
• Date and time of the request
• Time zone difference from Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status / HTTP status code
• Amount of data transmitted
• Website from which the request originates
• Browser
• Operating system and its interface
• Language and version of the browser software.

Additionally, the IP addresses of the requesting computers are logged. However, the party responsible does not draw any conclusions about an individual.
This data is only needed to correctly display the content of our website, to permanently optimize the content for you, and to support criminal prosecutions in the case of hacking attacks. The data is processed based on our legitimate interest according to Art. 6 Para. 1 S. 1 lit. f) GDPR. Processing this data is necessary for the operation of the website.
The data is stored as long as it is required for the purpose and is then automatically deleted.

Rights of the Data Subject

While processing your personal data, you have the following rights:

Right of access the personal data that are processed: you have the right to obtain confirmation that your personal data are processed or not, and if so, to have access to this type of personal data and the conditions under which they are processed, by addressing a request to that effect to the data controller;

Right to rectification and right to erasure of personal data: you have the possibility to request, by addressing an application to this effect to the data controller, the rectification of your inaccurate personal data, the supplementing of incomplete data or the erasure of your personal data if (i) the respective data is no longer required for the initial purpose (and there is no new legal purpose), (ii) the legal basis of the processing is the consent of data subject, the data subject withdraws its consent and there is no other legal basis, (iii) the data subject exercises his or her right to oppose and the controller has no legitimate grounds that prevail in order to continue processing, (iv) the data have been processed illegally, (v) the erasure is necessary for compliance with EU law or Romanian legislation or (vi) the data has been collected in connection with information society services provided to children (if any), when specific requirements for consent are applied;

Right to restriction of processing: You have the right to obtain restriction of processing in cases where: (i) you consider that personal data processed are inaccurate, for a period enabling the controller to verify the accuracy of personal data; (ii) processing is unlawful, but you do not wish to erase your personal data, but to restrict the use of such data; (iii) if the data controller no longer needs your personal data for the purposes mentioned above, but you need data to establish, exercise or defend a right in court; or (iv) you have objected to processing, pending the verification whether the legitimate grounds of the controller override those of the data subject.

Right to withdraw your consent regarding the processing, when the processing is based on consent, without affecting the legality of processing.

Right to object to personal data processing on grounds relating to your particular situation, at any time to processing of personal data concerning when the processing is based on the legitimate interest of the data controller (with observance of the applicable data protectiona dispositions) as well as to object to the processing for direct marketing and profiling purposes;

Right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you;

Right to data portability, which you provided to a controller, in a structured, commonly used and machine-readable format and the right to transmit those data to another controller processing, where the processing is based on your consent or an a contract and it is carried out by automated means;

Right to lodge a complaint with the Data Protection Authority and right to submit legal claims to the competent courts.

The rights abovementioned can be exercised at any time.

Protection of Stored Data
In order to maintain our organizational quality and, in particular, to comply with data protection requirements, we have established organizational and technical protective measures. These are evaluated and, if necessary, adapted to the changed conditions. Our security measures are continuously improved and adapted in line with technological advancements. It is possible that unencrypted data you transmit can be viewed by third parties during its transfer. We protect your data to the best of our knowledge and belief against loss, destruction, falsification, manipulation, unauthorized access and unauthorized disclosure. We point out that data transmission on the Internet can have security gaps and it is regrettable that in certain cases it is not possible to protect your data completely from access by third parties.
Sensitive data should either not be transmitted at all or only via a secure connection (SSL) over the Internet
By means of access controls, we ensure that your personal data is only viewed by authorized persons and that we are able to track and verify this. If this is possible during data processing, data is processed in pseudonymized form.

Protection of Minors
Consent to process personal data can only be given by an adult. For information society services, the consent of a child from the age of sixteen is permitted under Art. 8 GDPR.

Account Registration
To utilize our Product, begin by setting up an account and furnishing fundamental details such as your name, phone number, email, and a secure password. Ensure that the information in your Mondo account remains accurate and up-to-date.

All your personal data and other information that you provide to us during registration on our website and within the customer portal are collected and processed for the purpose of your registration and future login based on Article 6 paragraph 1, sub-paragraph 1, lit. b) GDPR. If you do not provide this information, unfortunately, you will not be able to register on our website or use the customer portal.
Automated decision-making is not carried out.

Your personal data will not be passed on to external third parties.
There is no transfer of the personal data you provide to a third country or an international organization, nor is such a transfer planned.

Your personal data that you provide to us during registration and in our customer portal will be stored by us until you log out, delete or have your user account deleted, and possibly in accordance with a legal retention period.

Email Contact and Phone
On our website, it is possible to make contact through the provided email address. Additionally, you can reach us through the telephone provided on the website. If you choose to use these means of communication, the personal data you transmit will be stored and processed solely for the purpose of handling and responding to your inquiry.

When you contact us, you grant your consent for data processing in accordance with Art. 6 Para. 1 Subpara. 1 lit. a) GDPR.
If you express interest in an offer, your personal data will be processed for the purpose of initiating a contract in accordance with Art. 6 Para. 1 Subpara. 1 lit. b) GDPR.
If you do not provide this data, we unfortunately will not be able to address your concerns. Automated decision-making is not employed.

Your personal data will not be shared with external third parties.
No transmission of your provided personal data to a third country or an international organization is planned or will occur.

You have the right to revoke your consent at any time, effective for the future. The legality of data processing carried out up to the point of revocation remains unaffected.
The personal data you share with us will be stored for the duration of handling your request and retained until the expiration of the relevant legal periods.

Chat Function
All your personal data and other information that you provide to us when using the chat function will be collected and processed solely for the purpose of handling your requests or concerns. By entering your personal data in the chat, you grant your consent for data processing in accordance with Art. 6 Para. 1 Subpara. 1 lit. a) GDPR.

Your personal data will not be shared with external third parties.
No transmission of your provided personal data to a third country or an international organization is planned or will occur.

You have the right to revoke your consent at any time, effective for the future. The legality of data processing carried out up to the point of revocation remains unaffected.
The personal data you share with us through the chat will be stored for the duration of handling your request and retained until the expiration of the relevant legal periods.

Payment Service Providers
We would like to offer you the opportunity to complete the payment process on our website quickly and conveniently. For this reason, we integrate external payment services on our website.

Typically, data that arises during a payment process is collected. Examples of such payment data include name, payment amount, bank account details, or credit card number. The payment service processes this data for the purpose of handling your payment.

When using such payment services, cookies might be set on your device. However, we would like to point out that we generally have no influence over which data is collected.

The legal basis for using the payment service providers is based on our legitimate interest according to Art. 6 para. 1 subpara. 1 lit. f) GDPR, and for contract processing according to Art. 6 para. 1 subpara. 1 lit. b) GDPR, in order to offer you a comfortable, reliable, and secure payment process. If you are asked for your consent, the legal basis is Art. 6 para. 1 subpara. 1 lit. a) GDPR. You can revoke the given consent at any time. If you revoke your consent, however, this revocation will not affect the validity of processing operations that took place in the past.

PayPal
We offer payment via PayPal. This is a service provided by PayPal (Europe) S.à.r.l. et Cie S.C.A. (22-24 Boulevard Royal, L-2449 Luxembourg; hereinafter referred to as “PayPal”).

Data transfer to the USA is based on the EU Standard Contractual Clauses, details of which you can view here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full
Please note that we do not receive any information about the content of the transmitted data or its use by PayPal. Further information can be found at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Changes to the Privacy Policy

We reserve the right to update this Policy on the basis of new legal developments or changed company procedures. The new version will apply from the time it is made available on our website. Please check our privacy agreement regularly.

The last change was made on 8th of November 2023.