Privacy Policy

We are delighted about your interest in our website and our company.

The protection of your personal data which is collected, processed and used during your visit on our webpage is important to us. Your data is protected within the scope of legal guidelines. Below you can find information about how data is collected while you browse our homepage and how it is recorded and used.

Data protection provisions



The function of these data protection provisions is to inform you about the processing of personal data in our company. Through these provisions we are meeting our obligations from the European General Data Protection Regulation (EU-GDPR, EU 2016/679), in particular Article 13 and 14, as well as Article 26 Paragraph 2 and the Telemedia Act (Telemediengesetz).

Please read these provisions carefully. If you have any questions, please contact us.

For Mortimer English Club the protection of your privacy and therefore your personal data always has the highest priority.

These provisions describe how we handle certain information about you, your computer or your mobile device (“device”). This information possibly contains personal data.

In this document we also explain how we use Cookies and analysis tools on our entire website.

We observe the applicable data protection law and these data protection provisions at all times. We only pass on data in the cases which are specified in these provisions.


How can you contact us?

You can contact us at the following address:
Mortimer Franchise GmbH
Auf dem Hof 13
D-58849 Herscheid


What is understood by certain terms?

Affected person
Natural person, to which the personal data refers.

Analysis tools
Programs which enable an analysis of user behaviour.

Through a change to the data, it is no longer possible to assign it to a natural person.

Use of IT infrastructures and services, which are not available on site on local computers, but are instead rented as a service and which are accessed via a network (e.g. the internet).

A body, e.g. company, organisation, authority which decides about the means and the purpose of processing personal data.

Cookies are small text files which are stored on your computer or in your browser.

A (mobile) object, such as smartphones, tablets, notebooks, PC, with which you can use Apps or programs and information services.

General Data Protection Regulation, the new regulation of data protection for the European Union.

IP address
Is an address in the computer network, which is based on the Internet Protocol (IP). This address is assigned to devices and makes the device addressable and therefore accessible.

Mac address
Is the address of each individual network adapter.

Personal data
This is information which refers to a specific or specifiable natural, living person.

A change to the data in a manner that means it can no longer be assigned to a specific affected person without obtaining additional information.

Each type of process in connection with personal data, such as collecting, recording, storing, modifying, transferring and deleting.


What personal data is processed by us?

We process various types of data when you visit our website or use our products and services. This can, if necessary, be directly or indirectly personal, which means under the influence of other data sources.

We collect a lot of this data in a pseudonymised or anonymised form.

This includes, among other aspects, the following information:

Data categories:

  • Personal data
  • Address data
  • Log data
  • Account data
  • Bank data
  • Contact data

Information when visiting our websites:
When you visit our website, we store your IP address for the communication, in addition further data is transferred through the browser and stored by our web server. This includes, among other aspects, information about the end device, time of access, the origin of the request, browser and version, the use of our website and, if necessary, whether you have already visited us.

Purpose of processing:     The presentation of our website and the associated services.

Legal basis:                           Art. 6 Paragraph 1 letter b, fulfilment of the contract

Information about the contact form:
If you use our contact form in order to send us enquiries, your information from the contact form, in particular the contact data which you have provided, is stored by us for the purpose of dealing with your enquiry and in the event of further questions.

Purpose of processing:     Offering you the opportunity to contact us and to answer your questions.

Legal basis:                           Art. 6 Paragraph 1 letter b, initiation and fulfilment of contracts


Why and on what legal basis do we store personal data?

Purpose of processing:
We process your data independently of whether or not it is assigned to a person, for the following purposes:

  • in order to meet our contractual obligations to you.
  • in order to enable a problem-free operation of our products and services.
  • for a convenient and simple use of our products and services.
  • for the improvement and optimisation of the functions, security and stability of our products and services.
  • for the fulfilment of administrative tasks.

Initiation and fulfilment of contracts
As a matter of principle we only store data which we require for the fulfilment of our contractual obligations to you. 

In some areas it is possible that we offer data processing based on consent. In these cases we will inform you separately about these circumstances and offer you the opportunity to allow us to perform this processing.

In these cases we will describe the purpose of the data processing to you and inform you of your right of revocation.

Legitimate interest
There is also the opportunity to process data based on our legitimate interest. In the process we are bound to disclose our interest to you and consider the balance of interests between your interest and ours.

Duration of storage and deletion periods
We only store the personal data to the necessary extent for the fulfilment of the purpose. The duration of storage is based on legal requirements and the duration of the contractual relationship.

Should the data no longer be used, it will be anonymised and/or deleted in accordance with legal provisions (incl. periods).

Should you request the deletion of your data, please note that while we will block your data immediately, due to technical restrictions it can take up to 30 days until we have permanently deleted the data.  

Furthermore please note that following confirmation of the deletion request there is no longer an opportunity to restore your data.


How do we use Cookies, analysis and tracking tools and Social Media registrations?

When you use a product or a service, Cookies will be stored in your browser. Through Cookies you browser can possibly be identified, so that our website is correctly displayed. We also use Cookies on our website in different areas, in order to analyse the use of our website and therefore optimise it.

Alongside our own systems we use the following tools of other service providers for marketing purposes and to make your visit to our website or the use of our products/services more user-friendly:

Analysis tools

Google Analytics
We use Google Analytics, a web analysis service of Google Inc. (“ Google”).

Google LLC
Google Ireland Limited
Gordon House, Barrow Street
Dublin 4

Google Analytics uses Cookies, which enable us to analyse your use of our website.

The data generated by Cookies about your use of our website is anonymised, as we have activated the Google IP anonymisation feature. In the process Google sets the last octet of Ipv4 IP addresses and the last 80 bits of IPv6 addresses to zeros in memory. Therefore complete IP addresses are not stored on the Google servers. This procedure is generally carried out on servers within the European Union.

Google uses the collected data on behalf of Mortimer English Club in order to analyse your use of the website in order to create reports about website activities.

You still have the opportunity to prevent the recording of your use of the website for Google Analytics. For this please download the browser plugin provided by Google and install it.

You can find further information about Google Analytics here.

Purpose of processing: The analysis of website usage and therefore the improvement or optimisation of our website.

Legal basis: Art. 6 Paragraph 1 letter f, the particular interest exists in the optimisation of our website.

Google reCAPTCHA
We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to check whether the data input on this website (e.g. in a contact form) is made by a human being or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run entirely in the background. Website visitors are not informed that an analysis is taking place.

The storage and analysis of the data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TTDSG. Consent can be revoked at any time.

For further information on Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Use at the following links: and


Who do we pass personal data onto?

A transfer of your personal data to third parties for reasons other than those listed below does not take place.

We only pass on your personal data to third parties, if:

  • you have given us your express consent for the underlying processing,
  • it is permitted by law and required for the handling of our contractual relationships with you,
  • the passing on of data is based on a legal obligation, and
  • the passing on of data is based on a particular interest and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data.

We pass on data to the following recipients or categories of recipients in accordance with the aforementioned reasons:

  • Employees (internal and external)
  • IT infrastructure service providers
  • Payment processors
  • Service providers for technical support
  • Software service providers
  • Providers of analysis tools
  • Other service providers


For what do we use international partners?

We use a worldwide IT infrastructure network, for example computers, cloud-based servers, networks and software solutions, for the performance of our services.

These partners are based in different countries, in part also outside the European Union. In these countries the same level of data protection is not always legally prescribed and established in the way it is in the European Union. Consequently we have taken a series of measures, in accordance with the guidelines of the GDPR, in order to ensure a greatest possible protection of your personal data. They are:

  • Cooperation with companies in a country which has been recognised through an adequacy decision of the European Union
  • Cooperation with companies in accordance with the EU-US Privacy Shield
  • Cooperation with companies on the basis of the EU standard contractual clauses
  • Cooperation with companies on the basis of agreed guarantees

We have these measures guaranteed by our partners within the scope of legal requirements.

Furthermore in special cases there is the opportunity to perform the passing on of data based on your express consent.


How can you revoke your consent?

If you have given us your consent for certain data processing, e.g. the receipt of a newsletter, submission of offers by third parties, you have the right at any time to revoke this consent – also in part. Please inform us of this revocation in text form.

Should the processing of data take place on a balance of interests in accordance with Art. 6 Paragraph 1 letter f of the GDPR, you also have the right in this case to object to the processing, provided there are reasons for this which result from your particular situation or it concerns direct advertising.

In the event of direct advertising you have a general right to object without information about the particular situation being necessary. Please inform us about your objection in text form.


What rights do you have?

You have, subject to possible legal restrictions, the following rights which you can make use of:

The right to information, correction, deletion, restriction of processing, data portability and objection.

We would like to expressly point out at this juncture that we reserve the right, as is required by law, to carry out a corresponding identification check and, if necessary, also further measures for the unequivocal verification of identity.

Right to information:
If you would like information about the personal data stored by us, we ask you to inform us of this in text form. For reasons of security and due to regulations it is possible that we pseudonymise certain data, such as credit card information.

Right to correction:
Should you discover or are of the opinion that incorrect information about you is stored, you can inform us about this in text form. We will investigate the circumstances and if necessary correct the data accordingly.

Right to deletion:
Should you want your data to be deleted, please inform us of this request in text form. We will delete your data in accordance with legal requirements.

However we would like to point out at this juncture that we are bound to also store data for longer periods, due to legal provisions, for example a retention period for accounting documents of 10 years currently applies (German Fiscal Code) or for guarantee reasons up to 3 years.

Furthermore we would like to point out that while we will block your data immediately, due to technical restrictions it can take up to 30 days until we have permanently deleted the data. 

Furthermore please note that following the confirmation of the deletion request there is no longer an opportunity to restore your data.

Right to the restriction of processing:
You have the right to restrict the processing of data. For this please inform us of the affected data categories from your point of view and the reason for your request in text form. We will immediately investigate the circumstances and inform you of the result.

Right to data portability:
Please inform us in text form, which data you would like transferred to which person. We will immediately investigate your request and inform you of the result.

Right to complain:
If you are dissatisfied with our work in connection with data protection, you have the right to complain to your local supervisory authority which is responsible for data protection. For Mortimer English Club, for example, the following supervisory authority is responsible, the State Representative for Data Protection and Freedom of Information:

Landesbeauftragter für Datenschutz und Informationsfreiheit
Postfach 20 04 44
40102 Düsseldorf


How do we protect personal data?

For the protection of your personal data Mortimer English Club has taken measures which correspond with data protection law and the state of the art in the industry.  These measures are constantly reviewed and if necessary adapted. The objective is to protect your data against the accidental or deliberate manipulation, the partial or complete loss, the destruction or against unauthorised access by third parties.

For the transfer of data between our website and our back-end systems the communication is encrypted in accordance with the SSL procedure (Secure Socket Layer).

We protect the systems and processing through a series of technical and organisational measures. This includes, among other aspects, data encryption, pseudonymisation and anonymisation, logical and physical access restriction and control, firewalls and recovery systems, integrity tests.

Our employees are regularly trained in the appropriate sensitive handling of personal data and in accordance with legal requirements are obliged to maintain data secrecy.


What opportunities exist for minors to use our services?

Persons who are below the age of 16 years can use our services, if the consent of the holder(s) of parental responsibility for this is available in text form (in the event of joint custody all holders of parental responsibility must agree).


What other information is important?

Change to the existing data protection principles
These data protection provisions will be revised at irregular intervals, in order to adapt them to the current developments in the company, our products and services, legal requirements and social developments.

Date: 25 May 2018