Privacy Policy

Information on data processing when using MIRACLE Online.

We, ChemServe GmbH, have taken technical and organisational measures to ensure that the regulations on data protection are observed both by us and by external service providers. In the following, we inform you about the data processing in the context of the use of MIRACLE Online. 

1. name and address of the company in charge

ChemServe GmbH
Hubertuskamp 8
21521 Dassendorf

Phone +49 4135 808630


2. subject matter of data protection

The subject of data protection is personal data. According to Art. 4 No. 1 GDPR, these are all information relating to an identified or identifiable person. This includes, for example, information such as name, email address or telephone number, but also usage data such as the IP address.

3. scope and purpose of data processing and storage

In the following, we provide information on the scope of data collection and storage as well as use (hereinafter "data processing", used in the sense of Art. 4 No. 2 GDPR) and the purpose of the respective data processing within the scope of our webshop.

4. data processing in the context of the use of MIRACLE Online

To use MIRACLE Online, you need an IP address and log-in credentials. We require these at short notice (see also the following section). There is also the option of e-learning.

4.1 IP addresses

Web servers and end devices actually need the IP address as an address. Only then does the web server know to which device it can transmit the page you have called up. Consequently, the web server must process your IP address at the moment of the data request. 

The legal basis for this data processing is regularly Art. 6 para. 1 lit. b GDPR, as we need your IP address in order to be able to send you the contents of MIRACLE Online and the information contained therein at all.

The IP address is stored for four weeks. This gives us the opportunity to analyze attacks on the server and take appropriate measures. In this case, the data processing is based on our legitimate interest according to Art. 6 (1) lit. f GDPR. 

4.2 Cookies 

MIRACLE Online uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the end user's device. When a user calls up a website, a cookie may be stored on the user's operating system.

Within the scope of MIRACLE Online, we set necessary cookies so that we can display the service to you and provide essential basic functions as you have requested. The legal basis for this is Art. 6 para. 1 lit. b GDPR. In addition, we optionally use cookies from third-party providers. You can exclude these from use if you wish.

4.2 Use of Google Analytics

We use Google Analytics to analyze website usage. The data obtained from this is used to optimize our website and advertising measures. 

Google Analytics is a web analytics service operated and provided by Google, Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States). Google processes website usage data on our behalf and is contractually committed to measures to ensure the confidentiality of the data processed.

During your visit to the website, the following data, among others, is recorded:

  • Pages accessed
  • The achievement of "website goals" (e.g. contact enquiries and newsletter sign-ups).
  • Your behaviour on the pages (for example clicks, scrolling behaviour and dwell time)
  • Your approximate location (country and city)
  • Your IP address (in shortened form, so that no clear assignment is possible)
  • Technical information such as browser, internet provider, terminal device and screen resolution
  • Source of origin of your visit (i.e. via which website or via which advertising medium you came to us)

This data is transferred to a Google server in the USA. 

Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID that can be used to recognize you on future visits to the website.

The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remain stored in aggregated form indefinitely.

If you do not agree to the collection of data, you can prevent this by installing the browser add-on to deactivate Google Analytics or by rejecting cookies via our cookie settings dialogue.

4.3 Login / User account

A login is required to use MIRACLE Online. To create the login, we store the following data from each user

  • First name and surname
  • E-mail address
  • Password
  • Company name
  • Country
  • Telephone number
  • Ship name, if applicable
  • If applicable, comments that a user inserts in MIRACLE Online.
  • If applicable, notes on cleaning instructions that a user inserts in MIRACLE Online.

The processing of this data serves the fulfilment of the contract, therefore the legal basis is Art. 6 para. 1 lit. b GDPR. If data is added voluntarily, the legal basis is your consent according to Art. 6 para. 1 lit. a GDPR.

4.4 Data processing in the context of e-learning 

If a user uses the e-learning, we process the following data

  • First name and surname
  • E-mail address
  • Company name
  • Test results
  • Job title, if applicable
  • Department, if applicable
  • Ship name, if applicable

The e-learning is part of the contract, the processing of the data is therefore carried out in accordance with Art. 6 para. 1 lit. b GDPR. 

4.5 Data processing for enquiries via e-mail

If you contact us as a customer or interested party by e-mail, you usually provide us with the following personal data:

  • E-mail address
  • First name and surname
  • Telephone number, if applicable
  • Your concern
  • Attached documents, if applicable

We process this data in order to respond to your request. 

We use this data exclusively to process your request. This data processing is regularly based on Art. 6 para. 1 lit. b GDPR. 

5. use of data for specific purposes, recipients of data, disclosure of data,data transfers to third countries

We observe the principle of purpose-related data use. We process all of the aforementioned data only for the purposes and on the basis of the legal grounds already mentioned. 

Of course, we use various service providers for the operation of MIRACLE Online. These include service providers for the hosting of the databases, the hosting of the application and the e-learning. For IT security reasons, however, we do not wish to publicly name all our IT service providers here. Of course, you can obtain a list of all the service providers we work with at any time on request. You can request this - if you take note of this information as an employee of an existing client - from your employer or client.

Where necessary, we have concluded a contract processing agreement with all service providers in accordance with Article 28 of the GDPR. With those service providers who carry out data processing in so-called unsafe third countries such as the USA, standard contract clauses have been concluded in accordance with Article 46 (2) c) of the GDPR and further guarantees for the protection of personal data have been assured, such as processing in accordance with the principles of the Privacy Shield. 

Your personal data will only be passed on or transferred to state institutions entitled to receive information within the scope of the statutory duty to provide information or if we are obliged to provide information by a court decision. 

6. deletion periods / duration of storage of your data

6.1. deletion periods of IP addresses and cookies

The IP address is stored for 4 weeks in order to be able to analyse and defend against possible attacks on the site. 

Persistent cookies are automatically deleted after a predefined duration, which may differ depending on the cookie. You can view the duration of storage in your browser settings in the cookies section. You can also delete the cookies yourself at any time via your browser settings.

6.2 Deletion periods for contact via e-mail

If you contact us via the contact form or e-mail, we check at the end of each year whether further storage is necessary or whether there are storage obligations for the e-mails (we also receive enquiries via the contact form as e-mails). Depending on this, the data will then be stored or deleted. 

6.3 Deletion periods for the login/user account

Account data of customers and employees will be deleted after 3 years following termination of the contractual relationship. The period begins with the end of the calendar year in which the respective data was collected. 

6.4 Deletion periods in other respects

After complete processing of the contract or deletion of the customer account, the personal data will be blocked with regard to tax and commercial law retention periods and deleted after 10 years. The period begins with the end of the year in which the last purchase was made and the invoice was issued. 

7. data subject rights (including rights of access, revocation, objection and deletion)

As a data subject, you have the following rights vis-à-vis ChemServe GmbH as the data controller:

You have the right to request information regarding the data we process about you.

You can object to the processing of your data at any time, insofar as the requirements of Art. 21 GDPR are met, and revoke any consent to the processing of the data given in addition at any time. If the consent to data processing is revoked or the use of the data is objected to, this does not affect the lawfulness of the data processing until the time of the revocation or objection.

Furthermore, you can have the data processed by us corrected, restricted or deleted at any time. We expressly point out that there may be legal obligations - such as retention obligations - to continue to store data. In this case, the data can only be restricted. This means that the data will only be processed for the purpose of complying with the legal obligations and will not be used for any other purpose.

In addition, you also have the right to data portability in accordance with Art. 20 GDPR and the right to complain to a supervisory authority in accordance with Art. 77 GDPR.

If you have any questions, please contact us at any time at

8. supervisory authority

If you have reason to complain, you can contact a data protection supervisory authority at any time, e.g. also the data protection supervisory authority responsible for us, the „Unabhängige Landeszentrum für Datenschutz Schleswig-Holstein“ ‚ Schleswig-Holstein (PO Box 7116, 24171 Kiel).

ChemServe GmbH

This privacy policy was updated on 23 September 2021.