Privacy Notices

1 – Mimi Hearing Technologies Hearing Test Applications Privacy Notice

This notice provides you with information about the processing of your personal data for the use of the services provided to you as a result of your use of the Mimi Hearing Test applications.

2 – Mimi Hearing Technologies Privacy Notice

This notice describes how we collect and process users’ data through https://mimi.io website. 

 

Mimi Hearing Technologies Hearing Test Applications Privacy Notice​

Last updated: 01 August 2023

The terms “we”, “us”, “our”, “Mimi” or “MHT” refer to “Mimi Hearing Technologies GmbH”, a German company with limited liability. If you would like to access our Terms of Service, please visit the following link: https://www.mimi.io/en/terms

Mimi Hearing Technologies would like to provide you with information about the processing of your personal data for the use of the services provided to you as a result of your use of the Hearing Test applications. By your use of Mimi Hearing Test Services you consent to the processing of your personal data, if any, for the purposes set out in this Privacy Policy.

We are committed to safeguarding the privacy of our users. We will not misuse your data.

Who are we?

From the data protection perspective, we act as a data controller for the information collected through the Mimi Hearing Test App (“Mimi App”). 

You can contact us at:
Mimi Hearing Technologies GmbH
Registered address: Boxhagener Str. 82, 10245 Berlin, Germany
Contact email address: privacy@mimi.io

You may also contact our appointed Data Protection Officer:
Fresh Compliance GmbH
Philipp Heindorf
Fürbringerstr. 15
10961 Berlin
info@freshcompliance.de

Microphone Permission​

In order to take the Hearing test we need MICROPHONE PERMISSION from your device for capturing the sounds around you. 

1. Data we collect from you ​

1.1 Mimi’s APP

1.1.1 Hearing test without Account registration

When you access Mimi App you can take the hearing test without registering an account.

At this point, we will assign a randomly generated ID to you, which will allow us to distinguish your records from others, but this point does not allow us to understand who you are in any way. Therefore, we consider your test results to be anonymised unless you register the account.

1.1.2 Hearing test with Account registration

As soon as you create the account, we will be able to identify you and thus our activities will be considered personal data processing.
We use your account information to:

  • create and maintain your user account, including securing the access to it by password;
  • allow you to access your historical hearing tests, switch devices, delete and export your test results from Mimi Hearing test apps and other devices implementing Mimi SDK (such as headphones from other providers);
  • contact you regarding the work of Mimi and/or your account in regards to any data breaches or support on app instructions;
  • provide you with technical support;
  • based on your consent, to send you marketing emails.

You can register an account to keep, export and later access your hearing test results. For this purpose, we will collect your email address, password, and nickname to assign them to your user ID.

1.1.3 Data processed by taking hearing tests with a registered account

Processing activity

(data subject category)

Purpose

data points 

needed for that purpose

Requesting account registration*Verifying identity of the person through email ownership to connect (if available in the last 7 days) their anonymous data to a registered account.Email address
Creating an accountRestoring historical tests, switching devices, deleting and exporting data, sending transactional email.

Email address

Password

Nickname/ Pseudo

Historical

Sound personalisation Providing personalisation based on the hearing test results.hearing test result, sound calibration
Headphone correctionAllows MHT to provide more accurate test results.

Connection Type

Category

Name

Manufacturer

IP address (3/4 of IP address – not enough to deanonymize) & Timestamps (tracking analytics – Nginx & Mixpanel)

full list of Mixpanel data points collected

Delivering test results(via app)Delivering the results by the app to the user (account creation needed).

Hearing test results

– Ear

– Hearing Percentage

– Hearing Grade

– Audiogram

– DB Hearing Loss

– Errors

Conducting research on account-related dataUnderstanding how hearing decays over time and improvement of the product. 

Hearing test results

– Ear

– Hearing Percentage

– Hearing Grade

– Audiogram

– DB Hearing Loss

– Errors

Account data (LastLoginTimestamp)

Debugging analysisAllows MHT to collect (and analyse) aggregated crash logs from the Apple Store and Google Play store) for debugging purposes.

Host Device Type and Model

Host Operating System and Version

Host Region and Language

Host Device Audio Sample Rate

Runtime Headphones info (Connection Type (wired/Bluetooth/disconnected), Identification)

Runtime Ambient Noise information

Improving the AppImprovement of the app/product (device info).

Host Device Type and Model

Host Operating System and Version

Host Region and Language

Host Device Audio Sample Rate

Runtime Headphones info (Connection Type (wired/Bluetooth/disconnected), Identification)

Runtime Ambient Noise information

Improving the AppImprovement of the app/product using demographic data. User’s Year of Birth and Gender
Sending marketing emailsProviding marketing updates to interested PartiesFirst Name, Last Name, Email
Sharing data with partners (identified users)Analysis of the hearing test results taken within the partner integration.

Hearing test results (no raw HT data)

Timestamp of the HT

Versions of SDK, engine, OS

Displaying hearing test resultsDisplaying hearing test results within the Partner integration.Hearing test result
Giving test feedbackAllowing users to provide feedback about the hearing test and app.Age category, Operating system on user’s device
Providing user supportAllow end-users to communicate the issues they have with the app and to help resolve these issues.Name, email address, user ID, 
Gathering backend system and application logsMonitoring the performance, alerting on system misbehaviour, visualising analytics data, debugging individual problems, and business IntelligenceUser location, Country, City, Approximate user postal code, User year of birth, if provided, User nickname, if provided, User IP, only the first 3 octets. This identifies the network, not the individual user device, User unique identifier (anon_id), User device operating system and os version, HTTP referrer (the URL of the page that referred them to our API), Timestamps of app/backend interactions, Partner client unique identifier, this identifies the app they are using.
Gathering backend server, application and business metrics

Monitoring server, application and business performance using aggregated anonymous data.

Used for visualisation and alarms for maintenance purposes, and for Business Intelligence.

User calculated the “hearing age” (internal concept). It’s a rough representation of the user’s hearing ability, Partner client unique identifier, this identifies the app they are using, All backend metrics in our metrics database (influx) are not linked to any individual user, Data in our analytics database (ADA) are linked to the user’s internal unique id. This includes:

  • User’s hearing test result data
  • User’s email (encrypted)
  • User’s password (one-way hashed and salted)

Conducting analytics (Gathering mobile application events)

Maintenance of the Mimi solution. Debugging mobile SDK and backend services. Business intelligence based on analytics data.

User device and application information

1.1.4 Legal basis for processing

Processing activity

(adding a reference to section 2.3.4)

Legal base
(GDPR art. reference)

Available rights

you can exercise against the data processed in this processing activity

Requesting account registration

Performance of a contract 

GDPR art. 6.1.b. 

Access, rectification, erasure, restriction, portability and to object. 

Creating an account

Performance of a contract 

GDPR art. 6.1.b. 

Access, rectification, erasure, restriction, portability and to object. 

Sound personalisation 

Consent

GDPR Art. 6.1.a)

Access, rectification, erasure, restriction, portability and to object. 

Headphone correction

Performance of a contract 

GDPR art. 6.1.b. 

Access, rectification, erasure, restriction, portability and to object. 

Delivering test results (via app)

Performance of a contract 

GDPR art. 6.1.b. 

Access, rectification, erasure, restriction, portability and to object. 

Debugging analysis

Legitimate interest 

GDPR Art. 6.1.f.  

Access, rectification, erasure,  restriction and to object. 

Improving the App

Legitimate interest 

GDPR Art. 6.1.f.  

Access, rectification, erasure, restriction and to object. 

Improving the App (demographic data)

Legitimate interest 

GDPR Art. 6.1.f. 

Access, rectification, erasure, restriction and to object. 

Sending marketing emails

Consent

GDPR Art. 6.1.a)

Access, rectification, erasure, restriction, portability and to object. 

Sharing data with partners (identified users)

Consent

GDPR Art. 6.1.a)

Access, rectification, erasure, restriction, portability and to object. 

Displaying hearing test results

Consent

GDPR Art. 6.1.a)

Access, rectification, erasure, restriction, portability and to object. 

Giving test feedback

Consent

GDPR Art. 6.1.a)

Access, rectification, erasure, restriction, portability and to object. 

Providing user support

Performance of a contract 

GDPR art. 6.1.b. 

Access, rectification, erasure, restriction and to object. 

Gathering backend system and application logs

Legitimate interest 

GDPR Art. 6.1.f.  

Access, rectification, erasure, restriction, and to object. 

Gathering backend server, application and business metrics

Legitimate interest 

GDPR Art. 6.1.f.  

Access, rectification, erasure, restriction and to object. 

Analytics (Gathering mobile application events)

Legitimate interest 

GDPR Art. 6.1.f. 

Access, rectification, erasure, restriction and to object.

1.1.5 Storage periods and deletion

If not specified otherwise, we delete your data as soon as they are no longer required, e.g. your e-mail address after unsubscribing from our newsletter. Your personal data will be deleted as soon as the consent allowed us to process it is revoked or other permissions no longer apply (e.g. if the purpose of processing this data no longer applies or it is not required for the purpose). If the data is not deleted because it is required for other and legally permissible purposes, its processing is limited to these purposes. In other words, the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise or defence of legal claims or to protect the rights of another natural or legal person. 

To ensure the implementation of legal requirements, we have developed internal deletion processes and a deletion concept, which guarantees that personal data, for which no legal retention period exists, are deleted according to the requirements of the storage limitation pursuant to Art. 5 1 e) GDPR. If you would like more information about individual storage periods, you can request this at any time at the e-mail address mentioned above.

1.1.6 Communications with us

Occasionally, we collect user feedback and provide technical support if you have any inquiries regarding the work of our SDK or Mimi App. We use this information to provide you with the help you might need, fix and improve our services, and analyse our efficiency in marketing and product efforts, including by creating statistics of inquiries. We will store your communications with us for our legitimate interests and further analysis for the same period as for your account data. If you did not register the account, we will store the data for 365 days after the last communication with you. If we need to further use this information, we will fully anonymize it first.

2. Joint controllership

If not specified otherwise, we delete your data as soon as they are no longer required, e.g. your e-mail address after unsubscribing from our newsletter. Your personal data will be deleted as soon as the consent allowed us to process it is revoked or other permissions no longer apply (e.g. if the purpose of processing this data no longer applies or it is not required for the purpose). If the data is not deleted because it is required for other and legally permissible purposes, its processing is limited to these purposes. In other words, the data is blockWhen you create an account, the data is shared with our subsidiary company Mimi Health GmbH as a joint controller. The account you create through the Mimi App or non-medical SDK can in future be used as the account for HTS-01, a medical software device for taking hearing tests, provided by Mimi Health GmbH. The account data will also be used for joint research and improvement activities.

We are ultimately responsible for managing and administering the database with your account data. We ensure the technical and organisational measures for protecting the data, conclude agreements and manage relationships with service and software providers to maintain the database, and provide technical support to the users.

You can exercise your rights regarding the account by contacting us directly. Please note that you may also exercise your rights by contacting Mimi Health GmbH:

Mimi Health GmbH
Address: Boxhagener Str. 82, 10245 Berlin, Germany
Email address: hello@mimi.health

Jointly with Mimi Health GmbH, we will store your account data for as long as you use our services and have the account.

For all of our clients and partners, a Data Processing Agreement or a Joint Controllership Agreement is incorporated into our Master Service Agreement.

3. Third-party Access to Information

3.1 Third-party service providers

The following categories of third-party providers are used to enable the work of the Mimi App:

  • Email notification provider;
  • Client Relationship Management software provider, by means of which we manage our communications with users;
  • Cloud storage providers.

The involvement of email notification and cloud storage providers implies the transfer of personal data outside of the European Economic Area. To ensure compliance with data protection requirements on international transfers, the Standard Contractual Clauses (SCC) as adopted by the European Commission are signed with these providers. If you would like to obtain a copy of the SCC signed with the service providers, feel free to contact us by the means provided at the beginning of this document.

Please note, that the third-party providers can only process your data on our behalf and do not use it for their own purposes.

3.2 Apple Health and Health Kit

Mimi will not exchange any personal data with the Apple iOS Health app without the prior consent of the user. If the user has given their consent, the Mimi App can interact with the iOS Health app from Apple on the user’s iOS device and import data (age/gender) and export (hearing test data).

The user can currently import their age and gender from the Apple Health app into the Mimi App. Age and gender are only used to personalise our service. The user can also export their audiogram data from the Mimi hearing test app to the Apple iOS Health app.

3.3 Analytics

For the Mimi App, we use Mixpanel, a service offered by Mixpanel Inc. (www.mixpanel.com) (“Mixpanel”), to collect user data from the applications in order to better understand how users are using the application. Mixpanel is used to understand and improve activities within the app.

Further information on the Mixpanel data protection declaration can be found under the following link: https://mixpanel.com/privacy/. You can exclude tracking by Mixpanel here: https://mixpanel.com/optout/ or https://mixpanel.com/privacy/

3.4 Other Disclosures

In addition to the disclosures for the purposes identified before, we may disclose information about you:

  • if we are required to do so by law, in connection with any legal proceedings or to establish, exercise or defend our legal rights; and
  • in case we sell, licence or otherwise assign our company, corporate rights, Mimi or its separate parts or features to third parties.

Except as provided in this privacy notice, we will not sell, share or rent your information to third parties.

4. Local storage

The following information is processed from the devices and stored in local storage, based on the device’s operating system. 

iOS

For iOS Hearing Test App Version 5.5.0, using HealthSDK 5.2.0.

  1. User Auth Token and User Object stored in the Keychain.
  2. Images of loaded headphones are cached in the UserDefaults storage.
  3. Data persisted by the Mixpanel SDK.
  4. Cached MSDK Remote configuration data (available hearing test paradigms).
  5. MSDK Sound Personalization Processing Data, including the enabled, intensity and preset settings.
  1. If the user wishes, the Hearing Test Audiogram data can be exported to Apple Health Kit.
  2. If the user wishes, the Hearing Test Results PDF can be exported to other apps or to the file system. Note: The Hearing Test Results PDF file is stored in a temporary directory before it can be shared.

Android

For Android Hearing Test version: 5.0.1, using io.mimi:healthsdk:4.5.3

  1. User Auth Token, User Object stored in the app’s private local storage
  2. If the user wishes, the Hearing Test Results PDF can be exported to other apps or to the file system.
  1. Data persisted by the Mixpanel SDK (com.mixpanel.android:mixpanel-android:5.8.8), including app-generated analytics events queued to be sent.
  1. Note: The MSDK version `io.mimi:healthsdk:4.5.3` does not implement any tracking, this is only done in the Hearing Test app itself.
  1. Cached MSDK Remote configuration data (available hearing test paradigms)
  2. MSDK Sound Personalization Processing Data, including the enabled, intensity and preset settings.

This information is stored until the user logs out or deletes the mimi hearing ID (if the user has not created an account with Mimi). 

5. Your rights

To maintain control of your personal data, you may exercise certain rights regarding your information. In particular, you have the right to:

  • Object to the processing of your information. If we process your information in our legitimate interests, e.g., for our marketing purposes, you can object against it. We will consider your request and, if there are no compelling interests to refuse it, stop the processing for such purposes; 
  • Access your information. You have the right to know if we process your information; obtain disclosure regarding certain aspects of the processing; and obtain a copy of the information undergoing processing.
  • Verify your information and seek its rectification. If you find that we process inaccurate or out-of-date information, you can verify the accuracy of your information and/or ask for it to be updated or corrected;
  • Restrict the processing of your information. When you contest the accuracy of your information, believe we process it unlawfully or want to object against the processing, you have the right to temporarily stop the processing of your information to check if the processing was consistent. In this case, we will not process the information for any purpose other than storing it until the circumstances of restriction cease to exist; 
  • Ask us to delete/destroy/otherwise remove your information. If we are not obliged to keep the data for legal compliance, we will remove your information upon your request; and
  • Ask us to transfer your information to another organisation if we process the information based on your consent or on the necessity to perform the contract. 

 

You can complete the request to exercise your right by contacting us at privacy@mimi.io 

If you believe that our use of personal information violates your rights, you can lodge a complaint with the competent data protection authority which can be contacted here:  

Berliner Beauftragte für Datenschutz und Informationsfreiheit

Alt-Moabit 59-61, 10555 Berlin, Germany

Phone: +4930138890, Email: mailbox@datenschutz-berlin.de

6. Security of Information

We take necessary and sufficient measures to protect your information from unauthorised or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties. 

Internally, immediate access to the data is only allowed to our authorised employees involved in maintaining the Mimi App and conducting other processing activities. Those employees include our backend software developer and research employees, as well as our safety officer. Such employees keep strict confidentiality and prevent unauthorised third-party access to personal information.

7. Third-party services

The Mimi App may contain links to third-party services and platforms, including those posted by our partners and affiliate companies. Although we choose our partners thoroughly and diligently, we cannot be responsible for the content, terms and conditions or privacy policies of third-party services.

We encourage users to be aware when they leave the Mimi App and to read the privacy statements of the services that collect personally identifiable information. 

Third-party websites may contain their own cookies. We are not responsible for their usage of cookies.

8. Changes to This Notice ​

We may update this privacy notice from time-to-time by posting a new version on our website and/or Mimi App. We advise you to check this page occasionally to ensure you are happy with any changes. However, we will endeavour to provide you with an announcement about any significant changes.

Mimi Hearing Technologies Privacy Notice

Last updated: 01 August 2023

This notice describes how we collect and process users’ data through https://mimi.io website.  The terms “we”, “us”, “our”, “Mimi” or “MHT” refer to “Mimi Hearing Technologies GmbH”, a German company with limited liability. If you would like to access our Terms of Service, please visit the following link: https://www.mimi.io/en/terms We are committed to safeguarding the privacy of our users. We will not misuse your data.

Who are we?

From the data protection perspective, we act as a data controller for the information collected through the website. You can contact us at: Mimi Hearing Technologies GmbH Registered address: Boxhagener Str. 82, 10245 Berlin, Germany Contact email address: privacy@mimi.io You may also contact our appointed Data Protection Officer: Fresh Compliance GmbH Philipp Heindorff Fürbringerstr. 15 10961 Berlin info@freshcompliance.de 

1. Acceptable Age

We do not intend to collect nor process the data of individuals under 18 years old. Only individuals who are already 18 years old may use the Hearing Test and provide information to us. Minors require their parents’ or legal guardians’ approval. If we become aware that someone under the age of 18 has provided or attempted to provide us their personal data and/or registered an account, we will use our best efforts to remove the information permanently from our files and delete this account.

2. Data we collect from you

2.1. Website, sales and marketing activities

We can also use the content of your request to improve our products and services or analyze our marketing efficiency if it contains valuable information.

Processing activity

data subject category

purpose

data points 

needed for that purpose

Tracking website visitors

Allows MHT to provide website updates and track whether marketing campaigns and contact forms work. 

Country, Browser type, OS

Sending out newsletters to partners

Allows MHT to make announcements to the B2B community (news and product updates).

first name, last name, email address, company name 

 

*Optional: Job title, phone number, website URL 

Sending out newsletters to customers

Sending data subjects them further material (if the data subject confirms their interest) in the first email.

E-mail address, possibly name

Downloading whitepapers and other materials

Providing the option to data subjects to download whitepapers and other material they are interested in and allowing Mimi to have an overview of people interested in this material and sends them further material (if the data subject confirms their interest).

first name, last name, e-mail address, job title, company name (if applicable)

Requesting a demo for integration 

Allows sales to communicate to customers or potential partners that contact Mimi through the contact form. 

First name, last name, email, and company role 

Customer support portal 

Allows Mimi to support customers and leads in their product integration process.

Email address 

Receiving contact requests 

Addressing enquiries 

First name, last name, Job title, Company, Email, Phone Number

Careers 

The website offers open positions for Mimi Hearing Technologies.

For EU citizens and citizens of the EEA:

first, last name and email, LinkedIn profile (optional), expected salary, available date, phone (optional), location (optional), resume, passport (optional)

 

For non-EU citizens:

first, last name and email, LinkedIn profile (optional), expected salary, available date, phone (optional), location (optional), and resume, passport, visa, and work permit

2.1.2 Legal basis for website processing activities

Processing activity

(adding reference to section 2.1)

Legal base
(GDPR art. reference)

Tracking website visitors

Consent

GDPR Art. 6.1.a

Sending out newsletters

Legitimate interest 

GDPR ARt 6.1.f

Sending out newsletters to website visitors

Consent, GDPR Art.6.1.a

Downloading whitepapers and other materials

Consent, GDPR Art.6.1a

Request a demo for integration 

Performance of a contract

GDPR ARt 6.1.b

Customer support portal 

Legitimate interest 

GDPR ARt 6.1.f

Receiving contact requests 

Legitimate Interest

GDPR Art.6.1.f

Careers 

Legitimate interest 

GDPR ARt 6.1.f

2.1.3. Storage periods and deletion

If not specified otherwise, we delete your data as soon as they are no longer required, e.g. your e-mail address after unsubscribing from our newsletter. Your personal data will be deleted as soon as the consent allowed us to process it is revoked or other permissions no longer apply (e.g. if the purpose of processing this data no longer applies or it is not required for the purpose). If the data is not deleted because it is required for other and legally permissible purposes, its processing is limited to these purposes. In other words, the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise or defense of legal claims or to protect the rights of another natural or legal person. 

To ensure the implementation of legal requirements, we have developed internal deletion processes and a deletion concept, which guarantees that personal data, for which no legal retention period exists, are deleted according to the requirements of the storage limitation pursuant to Art. 5 1 e) GDPR. For example, applications are deleted after 6 months. If you would like more information about individual storage periods, you can request this at any time at the e-mail address mentioned above.

2.1.4 Cookies on https://www.mimi.io/

We use cookies (strictly necessary cookies) to collect and store information about how our website, https://mimi.io, by understanding how visitors interact with the website, ensuring the website is functioning properly by connecting our website to our necessary social media or other platforms, advertising our products on our page, and monitoring the performance of the website overall. 

We use cookies to enable the work of our website (strictly necessary cookies) and performance (analytics) cookies. Strictly necessary cookies do not require user consent as they are always placed on your device by default. It allows us to recognize your device and store some information about your preferences or past actions. There are two main kinds of cookies: session cookies and persistent cookies. Session cookies are erased when you close your browser. Persistent cookies remain on your device for a predefined period.

However, you may manage your cookie settings in your browser settings at any time. Before placing performance cookies on your device, we will ensure the collection of your consent first.  Please keep in mind that simply disabling all cookies or all of our cookies in your browser settings may lead to certain sections or features of our Website not working. 

Cookie and Purpose

Type

data points 

needed for that purpose

duration

_gat_gtag_UA_*

Google Analytics sets this cookie to store a unique user ID.

Analytics

 

1 minute

_ga

 

Google Analytics sets this cookie to track visitors, sessions, user behaviors, traffic sources, and site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.

Analytics

 

1 year 1 month 4 days

_ga_<container_id>

 

Google Analytics sets this cookie to store and count page views.

Analytics

 

1 year 1 month 4 days

_gid

 

Google Analytics sets this cookie to store anonymous information on how visitors use a website while also creating an analytics report of the website’s performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.

Analytics

 

1 day

Wp-wpml_current_language

 

WordPress multilingual plugin sets this cookie to store the current language/language settings.

Functional 

 

session

Elementor

 

The website’s WordPress theme uses this cookie. It allows the website owner to implement or change the website’s content in real-time.

Necessary

 

never

2.1.5 Legal basis for cookies 

Processing activity

(adding a reference to section 2.1.3)

Legal base
(GDPR art. reference)

available rights

you can exercise against the data processed in this processing activity

Setting analytical cookies

Consent

GDPR Art. 6.1.a)

Data subject/ user to the website can consent to and  revoke consent of the cookie settings.

Setting functional cookies

Consent

GDPR Art. 6.1.a)

Data subject/ user to the website can consent to and  revoke consent of the cookie settings.

2.1.6 Third-party services

Our Website may contain links to third-party services and platforms, including those posted by our partners and affiliate companies. Although we choose our partners thoroughly and diligently, we cannot be responsible for the content, terms and conditions or privacy policies of third-party services.

When showing a video on our website to you, our website uses plugins from YouTube Youtube is operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages equipped with a YouTube plug-in, a connection to the YouTube servers will be established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

You can find more information on handling user data in YouTube’s privacy notice: https://www.google.de/intl/de/policies/privacy.

Third-party websites may contain their own cookies. We are not responsible for their usage of cookies.

3. International data transfers

Our Website and Services are hosted in the United States of America.

If you are accessing the Website and/or Services from the European Union, with laws or regulations governing personal data that differ from United States laws, please note neither EU law nor GDPR requires hosting data in the EU. Instead, what is required is that Mimi Hearing Technologies must provide “appropriate safeguards” for data that it hosts and processes on its US servers (see Art 46 of the GDPR). Mimi offers a Data Processing Addendum (DPA) to provide such adequate safeguards, which includes, where applicable, Standard Contractual Clauses implemented by Commission Implementing Decision (EU) 2021/914 of 4 June 2021 as an annex. 

For all of our clients and partners, a Data Processing Agreement or a Joint Controllership Agreement is incorporated into our Master Service Agreement. 

4. Your Rights

To maintain control of your personal data, you may exercise certain rights regarding your information. In particular, you have the right to:

  • Object to the processing of your information. If we process your information in our legitimate interests, e.g., for our marketing purposes, you can object against it. We will consider your request and, if there are no compelling interests to refuse it, stop the processing for such purposes; 
  • Access your information. You have the right to know if we process your information; obtain disclosure regarding certain aspects of the processing; and obtain a copy of the information undergoing processing.
  • Verify your information and seek its rectification. If you find that we process inaccurate or out-of-date information, you can verify the accuracy of your information and/or ask for it to be updated or corrected;
  • Restrict the processing of your information. When you contest the accuracy of your information, believe we process it unlawfully or want to object against the processing, you have the right to temporarily stop the processing of your information to check if the processing was consistent. In this case, we will not process the information for any purpose other than storing it until the circumstances of restriction cease to exist; 
  • Ask us to delete/destroy/otherwise remove your information. If we are not obliged to keep the data for legal compliance, we will remove your information upon your request; and
  • Ask us to transfer your information to another organization if we process the information based on your consent or on the necessity to perform the contract. 

You can complete the request to exercise your right by contacting us at privacy@mimi.io

  • Lodge a complaint with a supervisory authority: 

If you believe that our use of personal information violates your rights, or if you are dissatisfied with a response you received to a request you formulated to us, you have the right to lodge a complaint with the competent data protection authority of your choice. 

  • Available authorities in Europe can be found here: 

https://edpb.europa.eu/about-edpb/board/members_en. 

Mimi Hearing Technologies is registered with the Berliner Data Protection Authority, which can be contacted here:  

Berliner Beauftragte für Datenschutz und Informationsfreiheit

Alt-Moabit 59-61, 10555 Berlin, Germany

Phone: +4930138890, Email: mailbox@datenschutz-berlin.de

5. Security of Information

We take necessary and sufficient measures to protect your information from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties. 

Internally, immediate access to the data is only allowed to our authorized employees involved in maintaining Mimi SDK, and conducting other processing activities. Those employees include our backend software developer and research employees, as well as our safety officer. Such employees keep strict confidentiality and prevent unauthorized third-party access to personal information.

6. Changes to This Notice 

We may update this privacy notice from time-to-time by posting a new version. We advise you to check this page occasionally to ensure you are happy with any changes. However, we will endeavor to provide you with an announcement about any significant changes.

To ensure the implementation of legal requirements, we have developed internal deletion processes and a deletion concept, which guarantees that personal data, for which no legal retention period exists, are deleted according to the requirements of the storage limitation pursuant to Art. 5 1 e) GDPR. For example, applications are deleted after 6 months. If you would like more information about individual storage periods, you can request this at any time at the e-mail address mentioned above.

Help us shape the future

Take our 8-minute survey and win a $25 Amazon voucher