PRIVACY POLICY

1. External Links

The website contains so-called “external links” to other websites, over whose content Miles GmbH has no influence. For this reason, Miles GmbH cannot accept any liability for these contents.

The respective provider of the linked website is solely responsible for the content and accuracy of the information provided. At the time of linking, no legal violations were apparent. Upon notification of such a violation, the link will be removed immediately.

 

  1. Copyright/Ancillary Copyright Law
    The content, works, and information published on this website are subject to German copyright and ancillary copyright law. Any reproduction, processing, distribution, storage, or any form of exploitation outside the limits of copyright law requires the prior written consent of the respective rights holder. Unauthorized copying or storing of the information provided on this website is prohibited and punishable by law.

 

  1. Data protection declaration according to the GDPR
    I. Name and address of the responsible party
    The responsible party within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

Miles GmbH
Harckesheyde 91-93
22844 Norderstedt
Deutschland
Tel.: +49-40-943 64 0
E-Mail: info@milesgroup.eu
Website: www.milesgroup.eu

II. Name and address of the data protection officer

Our data protection officer, Mr. Marcel Helmcke from Hanseatic Datenschutz, can be contacted by email at datenschutzbeauftragter@ha-ds.de or by telephone on +49 (0)40 88 21 581 – 31.

 

General information on data processing
1. Scope of processing of personal data

We generally only collect and use our users’ personal data to the extent necessary to provide a functional website and our content and services. The collection and use of our users’ personal data generally only occurs with the user’s consent. An exception applies in cases where prior consent cannot be obtained for practical reasons and the processing of the data is permitted by law.

  1. Legal basis for the processing of personal data

If we obtain the consent of the data subject for the processing of personal data, Art. 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. For the processing of personal data that is necessary to fulfill a contract to which the data subject is a party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

If the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 (1) (c) GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (d) GDPR serves as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 (1) (f) GDPR serves as the legal basis for processing.

 

Data deletion and storage period
The personal data of the data subject will be deleted or blocked as soon as the purpose for which it was stored no longer applies. Storage may also occur if this has been provided for by European or national legislators in EU regulations, laws, or other provisions to which the controller is subject. Blocking or deletion of data will also occur if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

 

III. Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically records data and information from the computer system of the accessing computer. The following data is collected:

(1) Information about the browser type and version used
(2) The user’s operating system

(3) The user’s Internet service provider

(4) The user’s IP address

(5) Date and time of access

(6) Websites from which the user’s system accesses our website

(7) Websites accessed by the user’s system via our website

The data is also stored in our system’s log files. This data is not stored together with other personal user data.

 

  1. Legal basis for data processing
    The legal basis for the temporary storage of data and log files is Art. 6 (1) (f) GDPR.

 

  1. Purpose of data processing
    The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session.

The data is stored in log files to ensure the functionality of the website. Furthermore, we use the data to optimize the website and ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context.

These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 (1) (f) GDPR.

 

  1. Duration of storage:
    The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected to provide the website, this is the case when the respective session ends.

If data is stored in log files, this occurs after a maximum of seven days. Longer storage is possible. In this case, the users’ IP addresses are deleted or distorted, making it impossible to identify the accessing client.

 

  1. Possibility of objection and removal
    The collection of data for the provision of the website and the storage of the data in log files is necessary for the operation of the website. Therefore, the user has no possibility of objection.

 

  1. Use of cookies
    a) Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string that enables unique identification of the browser when the website is visited again. We use cookies on our website that enable analysis of user surfing behavior. In this way, the following data can be transmitted:

  • Search terms entered
  • Frequency of page views
  • Use of website functions

The user data collected in this way is pseudonymized using technical precautions. Therefore, it is no longer possible to assign the data to the accessing user. The data is not stored together with other personal data of the users.
When accessing our website, an information banner informs users about the use of cookies for analysis purposes and refers them to this privacy policy. In this context, information is also provided on how to prevent the storage of cookies in the browser settings.

 

OTHER COOKIES (VIMEO, YOUTUBE)
b) Legal basis for data processing
The legal basis for the processing of personal data using cookies is Art. 6 (1) (f) GDPR.

  1. c) Purpose of data processing

Analysis cookies are used to improve the quality of our website and its content. Analysis cookies tell us how the website is used and can thus continuously optimize our offering. These purposes also constitute our legitimate interest in processing personal data in accordance with Art. 6 (1) (f) GDPR.

  1. d) Duration of storage, right of objection and removal

Cookies are stored on the user’s computer and transmitted from there to our site. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also happen automatically. If cookies are deactivated for our website, it may no longer be possible to fully use all of the website’s functions.

  

YouTube integrations

1.Description, purpose and scope of data processing

We provide YouTube links from Google Inc., USA, at various points on this website so that you can watch vivid visual presentations via videos. YouTube offers the option to register for user accounts and thus join a Google network.

When you visit the page in which it is embedded, the YouTube plug-in determines at least the user’s IP address and the page address from which it was activated. As long as you are logged into a YouTube account at the same time, YouTube can monitor your usage behavior and link it to your account. This allows personal profiles to be created that are available to Google.

 

2.Legal basis for data processing

The use of YouTube is based on your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TDDDG.

We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. In cases where no adequacy decision by the European Commission exists (e.g., in the USA), we have agreed on other appropriate safeguards with the data recipients within the meaning of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission pursuant to Implementing Decision (EU) 2021/914 of June 4, 2021. A copy of these standard contractual clauses can be viewed at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE .

In addition, prior to such a third-country transfer, we will obtain your consent in accordance with Art. 49 (1) Sentence 1 (a) GDPR, which you grant via the consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that transfers to third countries may involve risks that are unknown in detail (e.g., data processing by security authorities in the third country, the exact scope of which and the consequences for you that we do not know, over which we have no influence, and of which you may not be aware).

When using data for YouTube, Google acts independently and is not bound by our instructions.

 

  1. Duration of storage, possibility of objection and removal

The detailed processing by Google and the possibilities of influencing it are beyond our knowledge. Detailed information can be found in the privacy center at google.de: Google Privacy Policy and in the terms of use at www.youtube.com (https://www.youtube.com/t/terms).

If you do not want Google to monitor your usage behavior, please log out of your YouTube account before accessing this page.

 

Vimeo

  1. Type and scope of processing
    We have integrated Vimeo Video on our website. Vimeo Video is a component of the video platform from Vimeo, LLC, on which users can upload content, share it over the internet and receive detailed statistics.
    Vimeo Video enables us to integrate content from the platform into our website.

Vimeo Video uses cookies and other browser technologies to evaluate user behavior, recognize users and create user profiles. This information is used, among other things, to analyze the activity of the content listened to and to create reports. When you access this content, you establish a connection to servers of Vimeo, LLC, 555 W 18th St, New York, New York 10011, whereby your IP address and possibly browser data such as your user agent are transmitted.

 

  1. Purpose and legal basis
    The use of the service is based on our legitimate interests, i.e. interest in a platform-independent provision of content in accordance with Art. 6 (1) (f) GDPR.

 

  1. Storage period:
    We have no control over the specific storage period for the processed data; it is determined by Vimeo, LLC. Further information can be found in the Vimeo Video privacy policy: https://vimeo.com/privacy.

 

Google Analytics

  1. Type and scope of processing
    We use Google Analytics from Google LLC, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our online offering. This includes, for example, the number of visits to our online offering, subpages visited, and the length of time visitors stay on our website.
    Google Analytics uses cookies and other browser technologies to evaluate user behavior and recognize users. This information is used, among other things, to compile reports on website activity.

 

  1. Purpose and legal basis
    We process data with the help of Google Analytics for the purpose of optimizing our website and for marketing purposes based on your consent in accordance with Art. 6 (1) (a) GDPR.

 

  1. Storage period:
    We have no control over the specific storage period for the processed data; it is determined by Google LLC. Further information can be found in the Google Analytics privacy policy: https://policies.google.com/privacy?hl=de-DE.

 

Google Maps

  1. Type and scope of processing

We use the Google Maps service to create directions. Google Maps is a service provided by Google Ireland Limited, which displays a map on our website.

When you access this content on our website, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Your IP address and, if applicable, browser data such as your user agent are transmitted. This data is processed exclusively for the purposes stated above and to maintain the security and functionality of Google Maps.

  1. Purpose and legal basis

The use of Google Maps is based on your consent in accordance with Art. 6 (1) (a) GDPR.

 

  1. Storage period

 We have no control over the specific storage period of the processed data; it is determined by Google Ireland Limited. Further information can be found in the Google Maps privacy policy: https://policies.google.com/privacy .

 

  1. Contact form and email contact
    1. Description and scope of data processing
    Our website contains a contact form that can be used for electronic contact. If a user uses this option, the data entered in the input form will be transmitted to us and stored. This data includes:
  • Title*
  • First name*
  • Last name*
  • Company name
  • Email*
  • Phone

 At the time the message is sent, the following data is also stored:

  • The user’s IP address
  • Date and time of the contact request

Your consent to the processing of your data will be obtained during the sending process and reference will be made to this privacy policy.

Alternatively, you can contact us via the email address provided. In this case, the user’s personal data transmitted with the email will be stored.

In this context, the data will not be shared with third parties. The data will be used exclusively for processing the conversation.

 

  1. Legal basis for data processing
    If the user has given his consent, the legal basis for processing the data is Article 6 (1) (a) GDPR.

The legal basis for processing data transmitted when sending an email is Art. 6 (1) (f) GDPR. If the email contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.

 

  1. Purpose of data processing:
    The processing of personal data from the input form serves solely to process the contact. In the case of contact via email, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

 

  1. Duration of storage:
    The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data from the contact form input mask and data sent via email, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively resolved.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

 

  1. Possibility of objection and removal
    The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

Any objection to the storage of personal data must be made in writing, by email or fax.

In this case, all personal data stored during the contact process will be deleted.

 

  1. Rights of the data subject
    If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
    to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data, if it was not collected from us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information on its details; in accordance with Art. 16 GDPR, to immediately request the rectification of incorrect or incomplete personal data stored by us; in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims; in accordance with Art. 18 GDPR, to request the restriction of the processing of your personal data, if you dispute the accuracy of the data, the processing is unlawful, but you request its erasure reject and we no longer need the data, but you require it to assert, exercise or defend legal claims or you have objected to the processing pursuant to Art. 21 GDPR; to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another controller pursuant to Art. 20 GDPR; to revoke your consent at any time pursuant to Art. 7 Para. 3 GDPR.

This means that we may no longer continue the data processing based on this consent in the future and to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our office headquarters.

 

Right of objection:
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided there are reasons for doing so that arise from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.

If you wish to exercise your right of withdrawal or objection, simply send an email to datenschutz@milesgroup.eu

 

VII. Data protection declaration for applicants

Preamble
Miles GmbH attaches particular importance to the protection and confidentiality of your data. Therefore, your data will, of course, be processed exclusively in accordance with the applicable data protection regulations, in particular the German Federal Data Protection Act (BDSG) and the German Digital Dienste Act (DDG).

This privacy policy also complies with all legal requirements that will become mandatory with the entry into force of the European General Data Protection Regulation (GDPR). The GDPR applies from May 25, 2018. Under no circumstances will your personal data be passed on to third parties for advertising, marketing, or other purposes without authorization. If you have any questions about this privacy policy, please feel free to contact us by email at datenschutz@milesgroup.eu.

 

  1. What are personal data?
    Personal data is all information from which conclusions can be drawn about your personal or factual circumstances or from which you can be identified.

 What data is collected?

The following data is collected and processed to process your application:

1. First name, last name, email address, and if applicable, address/city, date of birth, title, telephone number, nationality.

  1. 2. Additional questions depending on the specific job posting (e.g., driver’s license).
  2. CV, especially information on professional experience and education. 4. Professional experience and education.
  3. Skills (e.g., MS Office, Photoshop).
  4. Application photo.
  5. Qualifications, awards, and language skills.
  6. Cover letter.
  7. Files and documents you may upload.

 

  1. We store the written and electronic communication that takes place between you and the company you are applying to. We also process comments and evaluations about you during your application process.

 

  1. Purpose of data collection
    Miles GmbH processes and uses the collected personal data for the purpose of registration on the company websites and for the purpose of exchanging information between applicants and companies.

 

  1. Use of cookies
    Further information on the use of cookies can be found under point IV in our general data protection declaration.

 

  1. Will data be shared with or collected by third parties?
    The data collected as part of your application will neither be published nor shared with third parties without authorization, especially without your consent. Apart from our employees who process your data as part of the application process, we will not share your personal data with third parties.

 

  1. Storage periods
    1. Personal data of rejected applicants will be stored for a maximum period of six months, beginning on the day the application is rejected. If you prefer a longer storage period during your application process (e.g., to continue your application process later), we ask you to make these settings accordingly during registration. 2. Longer storage periods may also arise if the data is required to assert, exercise, or defend legal claims before an authority, or if statutory retention periods exist. The data will be stored for as long as necessary to fulfill these purposes.

 

  1. Your rights regarding stored data
    1. You have the right to free information about which of your personal data we process, as well as the right to rectification, erasure, restriction of data processing, and data portability. To assert these rights or obtain additional information, please send an email to datenschutz@milesgroup.eu2. Our privacy policy and our responsibility and liability in this regard do not extend to third-party websites to which we link or to which you are redirected. Furthermore, we are also not responsible for data processing carried out by the operators of these websites in these cases.

 

  1. Right of revocation
    1. You can revoke any consent you have given under data protection law at any time with future effect. To exercise your right to revoke your consent, please send an email to datenschutz@milesgroup.eu.
  2. Our privacy policy and our responsibility and liability in this regard do not extend to third-party websites to which we link or to which you are redirected. Furthermore, we are not responsible for data processing carried out in these cases by the operators of these websites.
  3. If we use cookies on our website that require your consent and you have also consented to their use, you can revoke this consent by sending an email to datenschutz@milesgroup.eu.

 

  1. General information on presence in social networks

In order to present our company in the best possible way and to communicate with you as a user, customer or interested party and to inform you about the services we offer, we use our presence in social networks.

You can find us on the following platforms or social networks

  • Meta Platforms, Inc (Instagram)
  • YouTube
  • LinkedIn

 When using social networks, data is processed outside the European Union (EU) and the European Economic Area (EEA). A level of data protection equivalent to that found in the EU cannot be guaranteed in all countries outside the EU.

In this context, there may be risks for you as a user if the transmitted data is processed in so-called third countries with an inadequate level of data protection.

This makes it more difficult to enforce known user rights. In addition, it may happen that your data is not processed in your interest by the provider in the third country.  In the USA, there is no level of data protection comparable to the requirements of the GDPR. It is possible that government agencies may access personal data without us or you knowing about it. It is probably not possible to enforce your rights in the USA. The processing purposes pursued by social networks generally differ from ours. This means that the data you collect from social networks is usually processed for the purposes of market research, advertising and the creation of user profiles for personalized advertising (e.g. Facebook, Google, Instagram, etc.).

To achieve this, cookies are used that record user behavior and enable user profiling. In the case of Facebook, user profiles are also created for people who do not have a registered Facebook account.  A specific list of the purposes for which user data is processed can be found in the privacy policies of the respective providers. By making the appropriate settings in your user account, you can limit the creation of your profile, at least to a certain extent. For the exact procedure, please read the relevant privacy policies of the respective provider.

Rights of those affected

The Facebook Page Controller Addendum  outlines the rights and obligations to be observed in conjunction with Facebook. You can find these at the following link: https://www.facebook.com/legal/terms/page_controller_addendum

If you request information, we will forward it to Facebook and ask you to fill out the corresponding contact form at https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact%2F308592359910928.

Below you will find a detailed description of the respective data processing by the providers and their options for objection (so-called opt-out) via the corresponding links to the providers’ websites:

  • Meta Platforms, Inc. (1 Hacker Way, Menlo Park, California 94025) – Privacy Policy: https://www.facebook.com/about/privacy/
  • Instagram (• Meta Platforms, Inc (1 Hacker Way Menlo Park, California 94025) – Privacy Policy: http://instagram.com/about/legal/privacy/
  • Google/YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – Privacy Policy: https://policies.google.com/privacy , Opt-Out: https://adssettings.google.com/authenticated , Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

 

  1. Validity of the agreement (severability clause)
    The illegality, ineffectiveness, invalidity or unenforceability of any part of these data protection provisions and terms of use shall not affect the validity and effectiveness of the remaining provisions.

 

  1. Complaint to the data protection authority
    If you believe that we are processing your data in violation of applicable law, you can lodge a complaint with the German data protection authority or with the otherwise competent supervisory authority (in particular in the Member State in which you live or work).

 

  1. Contact details of the data protection officer

    Our data protection officer, Mr. Marcel Helmcke from Hanseatic Datenschutz, can be contacted by email at datenschutzbeauftragter@ha-ds.de or by telephone on +49 (0)40 88 21 581 – 31.

                                                                                                                                               

As of February 2026