Privacy Policy for Vendors

Milengo GmbH with its registered office at Wilhelmine-Gemberg-Weg 5-7, Berlin, Germany (“we”, “us” and “our”) (acting as a data controller) values your privacy and cares about the way in which your personal data is treated. We want you to understand how and why your personal data is collected, used and shared by us.

What personal data do we collect about you?

We collect the following personal data in connection with your relationship with us: your name and surname, job title, name of your organization, electronic and physical addresses, contact numbers, VAT number, CV, information about your expertise, your technical setup, your prices and information about our historic interaction with you or your organization.

How do we obtain your personal data?

We obtain personal data about you from three two sources:

  • We obtain most of the personal data directly from you.
  • Then there are certain personal data that are add in the course of our relationship with you or your organization, such as information about our interaction with you.

How do we use your personal data?

  • to maintain our business relationship with you or your organization;
  • to transfer your personal information within the company for internal administrative purposes (eg for bookkeeping and internal reporting);
  • for sending you informations about us in the future, incl. Information on trainings, news, services etc..

Each of our employees and all employees of external business partners who have access to and / or process personal data are obliged to keep this information confidential. All data will be treated strictly confidential and stored in accordance with the applicable regulations.

On what legal basis do we use your personal data?

We use your personal data on the following basis:

  • Processing of your personal data for other purposes listed in the Section “How do we use your personal data?” is based on our legitimate interest in processing personal data for these purposes: (i) to help us to maintain a productive business relationship with you or your organization, (ii) to improve our ability to understand your business needs and (iii) to improve our services.
  • Processing your personal data to enable your use of our technology and tools is necessary so that we can perform the services set out in the contract we have established with you or your organization.

How long will we keep your personal data?

We will always keep your personal data for the period for which you or your organization will be using our services. We will also keep your personal data where required by law or where we need to do so in connection with potential or actual legal action or an investigation involving our company. Otherwise, data will be held until you opt-out or until ten years have passed since your last active communication with us.

With whom do we share your personal data and how do we make sure that your personal data is protected?

We are authorized to make your personal data accessible to specific employees of our company and authorized business partners, such as IT service providers, legal and tax consultants. We may share your personal data with our business partners under a written agreement which commits them to appropriate safeguards in relation to handling of your personal data (including in relation to maintaining confidentiality of your personal data and implementing appropriate technical and organizational security measures).

We will take appropriate legal, organizational and technical measures to protect your personal data consistent with applicable privacy and data security laws.
In addition, we may, to the extent legally permitted, use your personal data to fulfill legal obligations (such as submitting required data to social security authorities, tax authorities or law enforcement authorities) and domestic and foreign courts.

Transfers of your personal data outside of the EU

Your personal data may be transferred to countries outside the European Economic Area.

The countries to which we transfer personal data may not have data protection laws that provide an adequate level of protection to your personal data. We therefore take steps (which may include entering into data transfer agreements based on the model clauses approved by the European Commission) to ensure that the entities or persons to whom we transfer data in those countries commit to ensure an adequate level of protection for your personal data.

Your rights

Under the legal prerequisites, the existence of which must be examined on a case-by-case basis, you have the right to obtain information about your personal data and to request the correction or deletion of your personal data or the restriction of its processing, and to receive your personal data in a structured, common and machine-readable format (data portability).

You furthermore have the right to complain to your local data protection authority, or to a court of law, if your data protection rights are violated. You may be entitled to claim compensation for damages or distress incurred or suffered as a result of unlawful processing of your personal data.

You are not required by law to provide your personal data to us, however, if you don’t, then we may not be able to provide you or your organization with the our services, tools and technology. If you object to the processing of your personal data, we will respect that choice in accordance with our legal obligations. Depending on the scope of your request, this could mean that we will not be able to work with your organization.

Further Information

For further information about our general Data Protection Declaration, please refer to our website at

Contact us

If you have questions or requests regarding the processing of your personal data, or require additional information, please contact:

Milengo GmbH
Wilhelmine-Gemberg-Weg 5-7
10179 Berlin

Data Protection Officer: Alzain Taqa

Effective as of: 25 May 2018