Privacy Policy

1. Responsible party

This privacy policy informs you about the processing of personal data on the website of

MARV1N GmbH
Hintern Brüdern 23
38100 Braunschweig
Tel.: +49 711 728 46 600
Fax: +49 531 80110 18444
contact@marv1n.de

The protection of your personal data is our top priority.

Data protection inquiries:
Please send any questions regarding data protection by email to contact@marv1n.de or to the postal address as above.

2. What data we process

We process personal data. This may include:

2.1. Data that you actively provide to us

Name, contact details (e.g., email, phone number, address)
Information from contact forms or inquiries
Application data, if you apply by email for a job with us

2.2. Data collected automatically when you visit the website

IP address
Browser type and version
Date and time of accessing the website
Pages visited / content clicked on
Device information

This data is technically necessary to provide our website and ensure its security.

2.3 Automated decision-making

Automated decision-making, including profiling, does not take place.

3. Purposes of data processing

We process your data for the following purposes:

Provision of our website
Processing of contact requests
Contractual communication and processing of services
Fulfilment of legal obligations

4. Legal basis

This website uses only technically necessary cookies. Processing is carried out in accordance with the GDPR on the basis of:

Art. 6 (1) lit. f GDPR – legitimate interest (e.g., website operation, IT security)
Art. 6 (1) lit. c GDPR – legal obligations

Further legal bases:

6 (1) lit. b GDPR – implementation of pre-contractual measures (e.g. contact requests)

5. Disclosure of data

We only disclose personal data if this is necessary.

5.1 Information on applying by emailIf you apply to us by email, the personal data you provide will be processed exclusively for the purpose of carrying out the application process. Processing takes place outside this website and is based on § 26 BDSG in conjunction with Art. 6 (1) lit. b GDPR.

5.2 Internal recipients

Employees of MARV1N GmbH who are involved in the respective processing.

5.3 External service providers

5.3.1 Webhosting (IONOS SE)
Our website is hosted by IONOS SE, Elgendorfer Straße 57, 56410 Montabaur, Germany. IONOS processes the following data:

IP address of the website visitor
Date and time of access
Requested URL/file
Browser type and version
Operating system
Referrer URL
Device information

IONOS processes this data exclusively in accordance with our instructions and within the framework of a data processing agreement in accordance with Art. 28 GDPR for the purpose of providing the website, ensuring stable and secure server operation, and defending against and analyzing attacks (e.g., DDoS attacks).

The storage and processing of log files is based on our legitimate interest in the secure operation of the website (Art. 6 (1) lit. f GDPR). The service provider was selected according to strict technical and organizational security criteria.

5.4 Authorities

Authorities and public bodies, if we are legally obliged to do so.

6. Google Fonts (local integration)

Our website uses fonts from Google Fonts. These are provided exclusively locally on our server. There is no connection to Google LLC servers. Due to local integration, no personal data, in particular no IP addresses, is transmitted to Google.

Use is based on our legitimate interest in a uniform and appealing presentation of our website in accordance with Art. 6 (1) lit. f GDPR.

7. Map display with OpenStreetMap (tile.openstreetmap.org)

We use the OpenStreetMap (OSM) service on our website to display interactive maps. The map tiles are loaded directly from the servers of the OpenStreetMap Foundation (St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom) under the domain tile.openstreetmap.org.

For technical reasons, a connection is established between your browser and the OSM servers. This allows your IP address, information about your browser or device, and the time and type of request to be transmitted to the OpenStreetMap Foundation. This processing takes place outside our area of responsibility. To our knowledge, OpenStreetMap does not set any personal cookies, but may process server log data.

The use of OSM is based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR, as the map display is necessary for user guidance and location display. We would like to point out that direct communication between your device and the OSM servers may result in data being transferred to the United Kingdom. The United Kingdom is considered a safe third country in terms of data protection following an adequacy decision by the EU Commission.

Further information on data processing by OpenStreetMap can be found at: https://wiki.osmfoundation.org/wiki/Privacy_Policy

8. Data security

We take extensive technical and organizational measures (TOM) in accordance with Art. 32 GDPR to ensure a level of protection for personal data that is appropriate to the risk. These include in particular:

8.1 Technical measures

Access control: Use of role-based permissions; access to personal data exclusively by authorized persons
Network security: Use of firewalls, intrusion detection/prevention systems, and DDoS protection mechanisms provided by our hosting provider
Encryption
- Transport encryption using TLS (HTTPS) for all data transfers
- State-of-the-art encryption of stored data (where applicable)
Secure server infrastructure: Hosting in certified data centers (ISO 27001), redundant systems for fail-safety
Logging: Security-relevant accesses and processes are logged in log files and evaluated regularly
Backup and recovery concepts: Regular data backups, encrypted storage, and defined recovery procedures

8.2 Organizational measures

Confidentiality obligations: Employees and service providers are obliged to maintain confidentiality and handle data securely
Employee training: Our employees receive regular training on the secure handling of personal data
Rights and role management: Regular review and updating of access rights
Security guidelines and processes: Documented procedures for handling IT security incidents, data backups, and system maintenance
Regular security checks: Conducting internal and external audits, vulnerability analyses, and updates
Order processing: Selection of service providers according to strict security criteria; conclusion of order processing agreements in accordance with Art. 28 GDPR

9. Storage period

We only store personal data for as long as is necessary for the respective purpose:

Contact requests: until final processing
Contract data: in accordance with statutory retention periods
IONOS server logs: 7 to 30 days, depending on security requirements

After the deadlines have expired, data will be deleted or anonymized.

10. Your rights

You have the following rights at any time:

Information about your stored data
Correction of incorrect data
Deletion (“right to be forgotten”)
Restriction of processing
Objection, in particular to processing based on legitimate interests
Data portability
Revocation of consent given

Special note on the right to object (Art. 21 GDPR):

You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data based on Art. 6 para. 1 lit. f GDPR. You also have the right to lodge a complaint with a data protection authority.

To exercise your rights as a data subject, please contact us by email at contact@marv1n.de or by post at the address above.

11. Cookies & Tracking

Our website uses cookies and similar technologies to provide the website technically.

Legal basis in accordance with TTDSG:
Technically necessary cookies may be set without consent (§ 25 (2) TTDSG).

12. Changes to this privacy policy

We reserve the right to update this privacy policy if necessary due to technical, legal, or organizational changes. The current version is always available on our website.

Privacy Policy Version 1.0

18.12.2025