See: https://www.eff.org/https-everywhere/atlas/domains/m-privacy.de.html
Mixed content bu has PFS. Seems OK here: https://certlogik.com/ssl-checker/
Only strict-transport-security header properly implemented.
SSL Handshake Size: The amount of data exchanged to establish a session with this server is large. This will result in a slower initial connection. Using a certificate with fewer intermediate chains and / or a smaller public key size can reduce the amount of data. Re: https://www.wormly.com/test_ssl/h/www.m-privacy.de/i/85.214.155.129/p/443
A+ Status: https://www.ssllabs.com/ssltest/analyze.html?d=m-privacy.de
SHA-2 Certificate
Your certificate is signed using the SHA-2 algorithm.

Name Match Successful
The server address which you provided matches the server name that is on the SSL certificate.
Not Expired
Your certificate is currently within its validity periods. Your SSL certificate was issued April 30, 2015 at 11:12:27 UTC and it expires April 29, 2017 at 11:12:27 UTC.

Here issues seem OK, while there is still room for improvement,

polonus