Privacy Notice

Privacy Notice

Information concerning the processing of your data in accordance with Art. 13 of the European General Data Protection Regulation (GDPR).

1 General and Mandatory Information

1.1 Content and Definitions

This Privacy Notice (“the Privacy Notice”) describes how and why we collect, store and use personal data and provides information on the data subjects’ rights.

In this Privacy Notice, we will use the following terms:

“We”, “us” and “our” (and similar terms) mean Miller Leasing Miete GmbH (also referred to as “MLM” or “the Controller”);

“Personal Data” means any information relating to an identified or identifiable natural person;

“You” and similar terms mean our customers, any persons connected with them, prospective customers, suppliers and visitors to our website,

Any reference herein to provisions of the law is a reference to the European Data Protection Regulation (GDPR).

When you use this website, certain personal data will be processed. Personal data are data that can be used to identify you personally. This notice concerning the processing of your personal data (in the following, “the Data Protection Declaration”) describes which data we process. It also explains how and for which purpose such processing occurs. Lastly, this Data Protection Notice sets out the legal basis for such processing.

1.2 Controller

The controller responsible for the processing of personal data on this website is:

Miller Leasing Miete GmbH

Louisenstr. 145

D–61348 Bad Homburg

Telephone: +49 6172 4863 0


If you have any questions concerning our processing of personal data or the exercise of your rights, please do not hesitate to contact us or our Data Protection Officer (see Sec. 4).

2 Types and Purposes of Processing and Legal Basis

2.1 Website

2.1.1 Server Log Files

We use so-called server log files to automatically collect and store information which your browser routinely transmits to us. These are the following:

  • type and version of browser
  • operating system used
  • referrer URL
  • hostname of the computer accessing the site
  • time of server request
  • IP address

This data will usually be deleted after 7 days. Where there is reason to suspect that a security-related incident has occurred, the relevant data will be retained until the incident has been fully resolved, and will be forwarded to the competent authorities. These data will not be merged with any other data sources except in order to resolve such security-related issues.

This type of processing is based on our legitimate interest in the public presentation of our company (Article 6(1)(f) of the GDPR) as well as our legal obligation to protect visitors to our website from potential security threats on the site (Article 6(1)(c) of the GDPR).

2.1.2 Cookies

This website does not use cookies.

2.1.3 SSL and TLS Encryption

This website uses SSL or TSL encryption for security reasons and in order to protect the transmission of confidential data such as, for example, orders or enquiries that you direct to us as the site operators. You can identify an encrypted connection by the presence of the text “https://” instead of “http://” in your browser address bar and a padlock icon next to it.

When SSL or TLS encryption is active, data that you transmit to us can not be easily read by third parties.

2.1.4 Hosting

This website is hosted by an external web hosting service provider on our behalf and according to our specifications. The personal data collected on this website is stored on the service provider’s servers in Germany.

2.1.5 Google Web Fonts (Local Hosting)

This site uses so-called web fonts provided by Google for the uniform display of fonts. These Google fonts are installed locally on our respectively our web hosting service provider’s servers. This means that no connection to Google’s servers is established when you access our website. You can find additional information on Google Web Fonts here:

2.2 Initiation and Performance of Contracts

2.2.1 Contract Data

When contemplating new contracts or performing existing ones, we process the following personal data for the following purposes:

Business contacts: Name, e-mail address, professional/job title, telephone number, messenger ID, line of business, position, language, and other business contact information. We use this data to communicate with you in connection with a contract. We will store business contact information for as long as this is required to achieve the objectives named above (i.e. for the duration of the business relationship but no shorter than the legal retention period of six years for business correspondence). When you demand that we delete your business contact data, we will comply with this request to the extent this is legally permitted, i.e. we will delete your business contact data unless we are obliged by law to retain them.

Customers or persons connected with customers: We would ask the data subjects to only state those personal data that are required for us to perform our services. We will let you know in each case which personal data we require. Usually, we collect personal data from our customers and from third parties acting on behalf of your customers. We use this data for the following purposes:

Creating a new contract: As required by law, we undertake certain background checks when we create a new contract (anti-money laundering checks, sanctions lists) in order to identify obstacles to cooperation in good time and avoid potential risks to our reputation.

  • Financing contracts: We process personal data in a manner we deem to be reasonably required in order to properly perform our services, for instance when we engage a service provider or supplier following consultation with you.
  • Accounting: We use your personal data to agree on payment terms and to invoice and collect our remuneration and expenses, where applicable.
  • Customer relationship management: Providing information regarding our services; organizing and holding events; determining how we can improve our services. We only send out newsletters when we have been requested to do so, see Sec. 2.6 below.

Our general storage period for contract data is the duration of the contract plus three years (standard limitation period); however, our storage period for business records is ten years including for contracts of a shorter duration, and for business correspondence and similar communication, the storage period is six years. In some cases, the law or certain authorities may stipulate exceptions requiring a longer or shorter storage period. Please do not hesitate to contact us if you require any additional information.

Suppliers: We will collect personal data including name, e-mail address, telephone number and other business contact information in order to obtain services from suppliers, pay for such services and pass them on to our customers where applicable, manage the relationship with the supplier and offer services to our customers. The storage period corresponds to the duration of the contract but will not be shorter than the legal retention period. Please do not hesitate to contact us if you require any additional information.

2.2.2 Legal Basis of Data Processing

The legal basis for our processing of personal data in connection with any contract will always be one of the following:

  • processing is necessary for the performance of a contract to which you are a party or in order to take preliminary steps at your request prior to entering into a contract (Article 6(1)(b) of the GDPR);
  • processing is necessary for compliance with a legal obligation to which we are subject (such as compliance with anti-money laundering laws) (Article 6(1)(c) of the GDPR);
  • processing is necessary for the purpose of safeguarding our legitimate business interests, except where such processing affects your interests (including the continued development of our services, for instance by means of internal training courses) (Article 6(1)(f) of the GDPR); or
  • the data subject has given consent to the processing of the personal data specified for one or more purposes (Article 6(1)(a) of the GDPR).

2.2.3 Data Transmission on the Conclusion of a Contract and Shipping of Goods

The following third parties will be given access to your personal data:

We only transmit personal data to the following recipients as provided for by law:

  • credit rating agencies for creditworthiness checks (only where required and only after you have been separately notified thereof);
  • service providers: we must pass on your personal data to our service providers in order to be able to offer our services to you. Our contracts with external service providers currently cover the provision of operating and support services such as IT, accounting/tax, mail/logistics and translation services;
  • disclosure on the basis of laws and regulations: under certain circumstances, we may be required by applicable laws , regulations or regulatory orders to disclose personal data to authorities including supervisory authorities (BaFin,) criminal prosecution authorities or in connection with proposed or actual legal proceedings.

2.3 International Transmission of Personal Data

Your personal data will be processed exclusively inside the EEA. This does not apply, however, if we agree otherwise in an individual case or if the contract requires, for example, that we communicate with a supplier located outside the EEA. In such an exceptional case, we will safeguard you by means of appropriate warranties, of which we will notify you separately in such case.

2.4 Automated Individual Decisions

We do not perform any automated individual decisions as defined in Art. 22 of the GDPR.

2.5 Technical and Organizational Measures

When processing your personal data, we implement technical and organizational measures to ensure the integrity, availability, authenticity and confidentiality of your data in accordance with Article 32 of the GDPR. We also require our service providers to implement the relevant measures and safety precautions and regularly review these.

2.6 Newsletter

2.6.1 Newsletter Data

If you wish to receive our newsletter, we require your e-mail address as well as information permitting us to verify whether you are indeed the owner of the e-mail address stated, and whether you consent to receiving the newsletter. No further data is collected, or  is purely collected on a voluntary basis . We use such data solely for sending out the requested information and do not pass them on to any third parties.

The data entered into the newsletter subscription form is processed solely on the basis of the consent you have given (Article 6(1)(a) of the GDPR). You may at any time withdraw any consent you have granted to the storage of your data and e-mail address and the use thereof for the purpose of receiving the newsletter, for example by using the “unsubscribe”/”Austragen” link in the newsletter. The lawfulness of the data processing operations that have already been carried out remains unaffected by the withdrawal.

We will store the data you have provided to us for the purpose of receiving the newsletter until such time as you unsubscribe from the newsletter, and will delete them once you have unsubscribed from the newsletter. Data that we have stored for other purposes (for instance, e-mail addresses in our customer database) will not be affected thereby.

2.6.2 Newsletter2Go

Newsletters are sent out on our behalf and in accordance with our specifications by Newsletter2Go GmbH, Nürnberger Straße 8, 10787 Berlin, Germany.

Newsletter2Go is a service that can be used to organize and analyze the mailing of newsletters, among other things. The data you entered for the purpose of receiving the newsletter will be stored for us on the servers of Newsletter2Go in Germany.

If you do not wish to permit the analyses performed by Newsletter2Go as described below, you must cancel your newsletter subscription. We provide a link for this in every newsletter that you receive.

Newsletter2Go enables us to analyze our newsletter campaigns. We can see, for instance, whether a newsletter message was opened and which links, if any, were clicked on. This way, we can see, among other things, which links were clicked on particularly often.

In addition, we can see whether certain previously defined actions were performed after opening the newsletter/clicking on the link (conversion rate). This will show us, for example, whether you concluded a contract after clicking on the newsletter.

Newsletter2Go also enables us to “cluster” the newsletter recipients into groups based on a number of categories. By this means, the newsletter recipients may be classified, for example, according to age, gender or place of residence. This way, newsletters can be better adapted to the respective target audience.

3 Your rights

3.1 Withdrawal of your Consent to Data Processing

Many data processing operations may only be performed with your express consent. You may withdraw your consent at any time with future effect; there will be no charge for this. For this withdrawal, an informal notice to us via e-mail to will suffice.

When we obtain your consent, we will provide information to you regarding further withdrawal options. The lawfulness of the data processing operations carried out until the time of said withdrawal remains unaffected thereby.

3.2 Right to Complain to the Responsible Supervisory Authority

In the event of a breach of any data protection regulations, you have a right to lodge a complaint with the responsible data protection authority, for example at your permanent place of residence.

3.3 Right to Data Transferability

You have the right to have any data you have provided to us transferred to yourself or to any third party in a commonly used, machine-readable format.

3.4 Information, Correction, Deletion, Restriction of Processing

You have the right, under the applicable provisions of the law, to demand at any time that we provide information to you regarding the personal data that we process, including a copy thereof, and, where applicable, you have the right to have such personal data corrected, to have the processing of the data restricted, or to have them deleted.

3.5 Objection to Processing based on Legitimate Interest

You may object to the processing of your personal data to the extent that we process such data on the basis of our legitimate interest

4 Data Protection Officer

We have appointed a Data Protection Officer for our company, who may be contacted as follows:

Miller Leasing Miete GmbH

- Data Protection Office –

Louisenstr. 145

D-61348 Bad Homburg

Telephone: +49 6172 4863 0


The Data Protection Officer is bound to impartiality and secrecy and will be pleased to assist you as an alternative to the Controller stated as a contact person in Sec. 1 above.

Last updated:  January 1, 2024

You would like to know more