Menu

Privacy Policy FES/AES

Home  > Privacy Policy FES/AES

Privacy Policy FES/AES

We are delighted about your interest in our company. Data protection is of particular importance for the management of FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH. The websites of FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH can in principle be used without providing any personal data.

However, if a data subject wishes to use special services provided by our companies through our website, personal data processing may be required. If the processing of personal data is required and there is no legal basis for such processing, we generally seek the consent of the data subject.


Processing of personal data

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always in accordance with the General Data Protection Regulation and pursuant to the country-specific data protection regulations applicable to FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH.

With this privacy policy, our companies seek to inform the public about the nature, scope and purpose of the personal data collected, used and processed by us. Furthermore, this privacy policy informs data subjects about their rights.

As the controller, FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH have implemented numerous technical and organisational measures in order to ensure the most complete protection of personal data processed through this website. Nevertheless, internet-based data transmissions can generally have security holes, absolute protection thus cannot be guaranteed. For this reason, every data subject is free to submit personal data to us in alternative ways, for example by telephone.


Data protection information

In the following sections, the data protection information describes how FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH collect, process and use personal data of their customers and interested parties.


Explanations to the data protection information

  • 1. Definitions: The terms used in in this privacy policy include ⊻

    The privacy policy of FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH is based on the terminology used by the European directive and regulatory authority in the adoption of the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easy to read and understand for the public as well as for our customers and business partners. In order to ensure this, we would like to explain the terminology used in advance. The terms used in in this privacy policy include:

    a) personal data
    Personal data means any information relating to an identified or identifiable natural person (hereinafter the “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.


    b) data subject
    Data subject is any identified or identifiable natural person whose personal data are processed by the controller.


    c) processing
    Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.


    d) Restriction of processing
    Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.


    e) profiling
    Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.


    f) pseudonymisation
    Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.


    g) controller
    Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.


    h) processor
    The processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.


    i) recipient
    The recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, regardless of whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law are not regarded as recipients.


    j) third party
    Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.


    k) consent
    Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

  • 2. Name and address of the controller

    Controllers within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection character are:

    FES GmbH Fahrzeug-Entwicklung Sachsen
    Crimmitschauer Str. 59
    08058 Zwickau
    Deutschland

    Tel.: +49 375 5660 0
    E-Mail: datenschutz@fes-aes.de
    Website: www.fes-aes.de


    Auto- Entwicklungsring Sachsen GmbH
    Crimmitschauer Str. 59
    08058 Zwickau
    Deutschland

    Tel.: +49 375 5660 0
    E-Mail: datenschutz@fes-aes.de
    Website: www.fes-aes.de

  • 3. Data protection officer

    The data protection officer of the controller is:


    FES GmbH Fahrzeug-Entwicklung Sachsen
    Frank Schmiedel 
    Crimmitschauer Str. 59
    08058 Zwickau
    Deutschland

    Tel.: +49 375 5660 0
    E-Mail: datenschutz@fes-aes.de
    Website: www.fes-aes.de


    Auto- Entwicklungsring Sachsen GmbH
    Frank Schmiedel
    Crimmitschauer Str. 59
    08058 Zwickau
    Deutschland

    Tel.: +49 375 5660 0
    E-Mail: datenschutz@fes-aes.de
    Website: www.fes-aes.de

    Data subjects can approach these contacts directly for any queries and suggestions regarding data protection.

  • 4. Cookies

    The websites of FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH use cookies. Cookies are text files that are stored on a computer system via an internet browser.

    Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific internet browser in which the cookie has been stored. This enables the visited websites and servers to distinguish the individual browser of the data subject from other internet browsers that contain other cookies. A particular internet browser can be recognised and identified by its unique cookie ID.

    By using cookies, FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH can provide users of this website with more user-friendly services that would not be possible without the placement of cookies.

    By means of a cookie, the information and offers on our website can be optimised for the benefit of the user. As already mentioned, cookies enable us to recognise the users of our website. The purpose of this recognition is to make use of our website easier for users. For example, the user of a website that uses cookies does not have to re-enter his access data each time he visits the website because this is done by the website and the cookie stored on the user's computer system. Another example is the cookie of a shopping basket in an online shop. The online shop remembers the items that a customer has placed in the virtual shopping basket via a cookie.

    The data subject can prevent the setting of cookies through our website at any time by adjusting the settings of the internet browser used appropriately and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the data subject deactivates the setting of cookies in the internet browser used, not all functions of our website may be fully usable.

  • 5. Collection of general data and information

    The website of FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH collects a variety of general data and information every time the website is accessed by a data subject or an automated system.

    These general data and information are stored in the log files of the server. The collection includes (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the webpage from which an accessing system accesses our website (so-called referrers), (4) the sub-webpages that are accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information used in the event of attacks on our information technology systems.

    When using these general data and information, FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH do not draw any conclusions about the data subject. Rather, this information is required to (1) properly deliver the contents of our website, (2) to optimise the content of our website and the advertising for it, (3) to ensure the continued functionality of our information technology systems and the technology of our website, and (4) to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyber attack. These anonymously collected data and information are therefore evaluated statistically by FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH and also evaluated with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimum level of protection for the personal data processed by us. The anonymous data of the server log files is stored separately from all personal data provided by a data subject.

  • 6. Routine deletion and blocking of personal data

    The controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of the storage or to the extent required by the European directive and regulatory authority or by any other legislator in laws or provisions applicable to the controller. If the storage purpose lapses or if a storage period prescribed by the European directive and regulatory authority or any other relevant legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

  • 7. Rights of the data subject

    a) Right to confirmation

    Each data subject has the right granted by the European directive and regulatory authority to require the controller to confirm whether personal data relating to him or her is being processed. If a data subject wishes to make use of this confirmation right, he or she can contact an employee of the controller at any time.


    b) Right to information

    Any data subject affected by the processing of personal data has the right granted by the European directive and regulatory authority to obtain from the controller any personal data stored about him or her and a copy of such information at any time, free of charge. Furthermore, the European directive and regulatory authority has granted the data subject the right to obtain the following information:

    • the processing purposes
    • the categories of personal data being processed
    • the recipients or categories of recipients to whom the personal data have been disclosed or are yet to be disclosed, in particular with regard to recipients in third countries or international organisations
    • if possible, the planned duration for which the personal data will be stored or, if that is not possible, the criteria for determining that duration
    • the existence of a right to correction or deletion of the personal data concerning him or her or to restriction of processing by the controller or a right to object to such processing
    • the existence of a right to lodge a complaint with a supervisory authority
    • if the personal data are not collected from the data subject: All available information about the origin of the data
    • the existence of automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR and, at least in these cases, meaningful information on the logic involved and the scope and intended impact of such processing on the data subject

    The data subject further has a right of information as to whether personal data were transmitted to a third country or to an international organisation. If that is the case, the data subject has the right to obtain information about the appropriate guarantees in connection with the transmission. If a data subject wishes to make use of this information right, he or she can contact an employee of the controller at any time.


    c) Right to rectification

    Any data subject affected by the processing of personal data has the right granted by the European directive and regulatory authority to demand the immediate rectification of inaccurate personal data concerning him or her. Further, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration, taking into account the purposes of processing. If a data subject wishes to make use of this rectification right, he or she can contact an employee of the controller at any time.


    d) Right to erasure (right to be forgotten)

    Any data subject affected by the processing of personal data has the right granted by the European directive and regulatory authority to require the controller to immediately erase the personal data concerning him or her, provided that one of the following reasons applies and providing the processing is not required:

    • The personal data were collected or otherwise processed for purposes for which they are no longer necessary.
    • The data subject withdraws the consent on which the processing was based in accordance with Art. 6 (1) lit. a GDPR or Art. 9 (2) lit. a GDPR and there is no other legal basis for processing.
    • The data subject objects to processing in accordance with Art. 21 (1) GDPR and there are no overriding legitimate reasons for processing, or the data subject objects to processing in accordance with Art. 21 (2) GDPR. The personal data were processed unlawfully. The erasure of the personal data is necessary to fulfil a legal obligation under Union or Member State law which the controller is subject to.
    • The personal data were collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.

    If one of the above reasons applies and a data subject wishes to initiate the erasure of personal data stored at FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH, he or she may contact an employee of the controller at any time. The employee of FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH will arrange for the request for erasure to be complied with immediately.

    If the personal data has been made public by FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH and if our company is responsible for deleting personal data as the controller pursuant to Art. 17 (1) GDPR, FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH will take appropriate measures, also of a technical nature, taking into account the available technology and the implementation costs, to inform other data controllers processing the published personal data that the data subject has demanded that these other data controllers shall delete any links to such personal data or copies or replications if this personal data, unless processing is required.

    The employee of FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH will arrange for the necessary steps to be taken in individual cases.


    e) Right to restriction of processing

    Any data subject affected by the processing of personal data has the right granted by the European directive and regulatory authority to require the controller to restrict the processing if one of the following conditions applies:

    • The accuracy of the personal data is contested by the data subject for a period of time that enables the controller to verify the accuracy of the personal data.
    • The processing is unlawful, the data subject rejects the deletion the personal data and instead requests the restriction of the use of personal data.
    • The controller no longer needs the personal data for the purposes of processing, but the data subject requires the personal data in order to assert, exercise or defend legal claims.
    • The data subject has raised an objection to the processing pursuant to Art. 21 (1) GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.

    If one of the above reasons applies and a data subject wishes to initiate the restriction of personal data stored at FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH, he or she may contact an employee of the controller at any time. The employee of FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH will arrange for a restriction of processing.


    f) Right to data portability

    Any data subject affected by the processing of personal data has the right granted by the European directive and regulatory authority to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. He or she additionally has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent pursuant to Art.6 (1) lit. a GDPR or Art. 9 (2) lit. a GDPR or on a contract pursuant to Art. 6 (1) lit. b GDPR and the processing is carried out by automated means. That right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

    Further, in exercising his or her right to data portability pursuant to Art. 20 (1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and providing the rights and freedoms of others are not adversely affected.

    To assert the right to data portability, the data subject may contact an employee of FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH at any time.


    g) Right to object

    Any data subject affected by the processing of personal data has the right granted by the European directive and regulatory authority to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on Art. 6 (1) lit. e or f GDPR. This also includes profiling based on those provisions.

    In the event of an objection, FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

    Where FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH process personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing. This also includes profiling to the extent that it is related to such direct marketing. If the data subject objects towards FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH to the processing for direct advertising purposes, FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH will no longer process the personal data for these purposes.

    Additionally, where personal data are processed by FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH for scientific or historical research purposes or statistical purposes pursuant to Art. 89 (1) GDPR, the data subject, on grounds relating to his or her particular situation, shall have the right to object to processing of personal data concerning him or her, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

    To assert the right to object, the data subject may contact an employee of FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH at any time. Further, in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, the data subject may exercise his or her right to object by automated means using technical specifications.


    h) Automated decisions in individual cases including profiling

    Any data subject affected by the processing of personal data has the right granted by the European directive and regulatory authority not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her; this shall not apply if the decision (1) is necessary for entering into, or performance of, a contract between the data subject and a data controller; or (2) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests; or (3) is based on the data subject’s explicit consent.

    If the decision (1) is required for the conclusion or performance of a contract between the data subject and the controller, or (2) is made with the explicit consent of the data subject, FES GmbH Fahrzeug-Entwicklung Sachsen and Auto-Entwicklungsring Sachsen GmbH shall take appropriate measures to safeguard the rights and freedoms as well as the legitimate interests of the data subject, including at least the right to obtain the intervention of a person by the controller, to express his or her own position and to contest the decision.

    If a data subject wishes to make use of this right regarding automated decisions, he or she can contact an employee of the controller at any time.


    i) Right to revoke a data protection consent

    Any data subject affected by the processing of personal data has the right granted by the European directive and regulatory authority to withdraw his or her consent at any time. If the data subject wishes to make use of this right to revoke a data protection consent, he or she can contact an employee of the controller at any time.

  • 8. Data protection for job applications and during the application process

    The controller collects and processes the personal data of applicants for the purpose of handling the application procedure. Processing may also be carried out electronically. This is particularly the case if an applicant sends corresponding application documents to the controller electronically, for example by e-mail or through a web form on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests of the controller. Other legitimate interests in this sense are, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

  • 9. Data protection provisions for the application and use of Google Analytics (with anonymisation function) ⊻

    The controller has integrated the component Google Analytics (with anonymisation function) on this website.

    Google Analytics is a web analysis service. Web analysis is the collection and evaluation of data on the behaviour of website visitors. A web analysis service collects, among other things, data on from which website a data subject came to a website (so-called referrer), which subpages of the website were accessed or how often and for how long a subpage was viewed. Web analysis is mainly used to optimise a website and for a cost-benefit analysis of internet advertising.

    The operator of the Google Analytics component is:

    Google Inc.
    1600 Amphitheatre Pkwy
    Mountain View, CA 94043-1351
    USA

    The controller uses the function “_gat._anonymizeIp” for web analysis through Google Analytics. With this function, Google truncates and anonymises the IP address of the internet connection of the data subject when accessing our webpages from a Member State of the European Union or from another contracting state of the Agreement on the European Economic Area.

    The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Google uses the data and information collected to evaluate the use of our website, to compile online reports for us that show the activities on our website and to provide other services in connection with the use of our website.

    Google Analytics places a cookie on the data subject’s IT system. What cookies are has already been explained above. By setting the cookie, Google is able to analyse the use of our website. Every time one of the individual pages of this website, which is operated by the controller and on which a Google Analytics component has been integrated, is accessed, the internet browser on the data subject’s IT system is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical process, Google obtains knowledge of personal data, such as the IP address of the data subject, which Google uses to trace the origin of visitors and clicks and to subsequently enable commission billing.

    Cookies are used to store personal information, such as access time, the location from which access came and the frequency of visits to our website by the data subject. Whenever you visit our website, these personal data, including the IP address of the internet connection used by the data subject, are transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may disclose personal data collected through the technical process to third parties.

    The data subject can prevent the setting of cookies through our website at any time by appropriately adjusting the settings of the internet browser used and thus permanently object to the setting of cookies. Such a setting of the internet browser used would also prevent Google from placing a cookie on the data subject’s IT system. Additionally, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programs.

    Furthermore, the data subject has the option of objecting to and preventing the collection of data generated by Google Analytics relating to the use of this website and the processing of this data by Google. 
    To do this, the data subject must download and install a browser add-on from:

    https://tools.google.com/dlpage/gaoptout

    This browser add-on informs Google Analytics via JavaScript that no data and information on visits to webpages may be transmitted to Google Analytics. The installation of the browser add-on is considered an objection by Google. If the data subject’s IT system is deleted, formatted or reinstalled at a later time, the data subject must reinstall the browser add-on to disable Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person within their control, it is possible to reinstall or reactivate the browser add-on.

    Further information and Google's current privacy policy can be found at:

    https://www.google.de/intl/de/policies/privacy/

    and at:

    http://www.google.com/analytics/terms/de.html

    Google Analytics is explained in more detail at:

    https://www.google.com/intl/de_de/analytics/

  • 10. Data protection provisions for the application and use of Google Maps

    On our website we use Google Maps (API) by:

    Google LLC.
    1600 Amphitheatre Parkway
    Mountain View, CA 94043,
    USA (“Google”)

    Google Maps is a web service for displaying interactive maps in order to display geographical information visually. Using this service will show you our location and make it easier for you to find us.

    When you access the sub-pages that contain the Google Maps map, information about your use of our website (such as your IP address) is transmitted to and stored by Google on servers in the USA. This takes place regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged into Google, your information will be directly associated with your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google saves your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation takes place in particular pursuant to Art. 6 (1) lit. f GDPR on the basis of the legitimate interests of Google in the insertion of personalised advertising, market research and/or demand-oriented design of its website. You have the right to object to the creation of these user profiles; you must contact Google to exercise this right.

    Google LLC, based in the USA, is certified for the US-European data protection agreement “Privacy Shield”, which guarantees compliance with the data protection level applicable in the EU.

    If you do not agree to the future transmission of your data to Google in the context of the use of Google Maps, it is also possible to completely deactivate the Google Maps web service by switching off the JavaScript application in your browser. In that case, Google Maps and therefore also the map display on this website cannot be used.

    You can review the Google Terms of Use at www.google.de/intl/de/policies/terms/regional.html and the Additional Terms of Use for Google Maps at www.google.com/intl/de_US/help/terms_maps.html

    Detailed information on data protection in connection with the use of Google Maps can be found on the Google website (“Google Privacy Policy”): http://www.google.de/intl/de/policies/privacy/

  • 11. Data protection provisions for the application and use of Google Web-Fonts

    To ensure a uniform display of fonts, this site uses so-called Web Fonts provided by Google. When you call up a page, your browser loads the required Web Fonts into your browser cache to display texts and fonts correctly.

    To do this, the browser you are using must connect to Google's servers. This gives Google knowledge that our website has been accessed through your IP address. The use of Google Web Fonts is in the interest of ensuring an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR.

    If your browser does not support Web Fonts, a default font is used by your computer.

    For more information about Google Web Fonts, please see https://developers.google.com/fonts/faq and the Google Privacy Policy https://www.google.com/policies/privacy/.

  • 12. Data protection provisions for the application and use of Xing

    The controller has integrated components by Xing on this website.

    Xing is an internet-based social network that enables users to connect to existing business contacts and make new business contacts. Individual users can create a personal profile of themselves at Xing. Companies can for instance create company profiles or publish job offers on Xing.

    The operator of Xing is:

    XING SE
    Dammtorstraße 30
    20354 Hamburg
    Deutschland.

    Each time one of the individual pages of this website, which is operated by the controller and on which a Xing component (Xing plugin) has been integrated, is accessed, the internet browser on the data subject’s IT system is automatically prompted by the respective Xing component to download a representation of the corresponding Xing component from Xing. For more information on the Xing plugins please see:

    https://dev.xing.com/plugins

    As part of this technical process, Xing is informed about which specific subpage of our website is visited by the data subject.

    If the data subject is logged into Xing at the same time, Xing recognizes which specific subpage of our website the data subject visits each time the person visits our website and for the entire duration of the respective stay on our website. This information is collected by the Xing component and assigned by Xing to the respective Xing account of the data subject. If the data subject clicks one of the Xing buttons integrated on our website, for example the “share” button, Xing assigns this information to the personal Xing user account of the data subject and stores these personal data.

    Xing receives information via the Xing component that the data subject has visited our website whenever the data subject is logged into Xing at the same time as accessing our website; this happens regardless of whether the data subject clicks on the Xing component or not. If the data subject does not want this information to be transmitted to Xing, the data subject can prevent it from being transmitted by logging out of his or her Xing account before visiting our website.

    The privacy policy published by Xing that can be viewed at:

    https://www.xing.com/privacy

    and provides information about the collection, processing and use of personal data by Xing. Further, Xing has also published data protection information for the XING share button at:

    https://www.xing.com/app/share?op=data_protection

  • 13. Legal basis of processing

    Art. 6 (1) lit. a GDPR is our companies’ legal basis for processing operations where we obtain consent for a particular processing purpose.

    If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, in processing operations necessary for the supply of goods or the provision of any other service or consideration, processing is based on Art. 6 (1) lit. b GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries regarding our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfilment of tax obligations, processing is based on Art. 6 (1) lit. c GDPR. In rare cases, processing of personal data may be required to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our premises were injured and his or her name, age, health insurance details or other vital information would have to be passed on to a doctor, hospital or other third party. Processing would then be based on Art. 6 (1) lit. d GDPR.

    Lastly, processing may be based on Art. 6 (1) lit. f GDPR. This is the legal basis for any processing not covered by the legal bases above if processing is necessary for the purposes of the legitimate interests pursued by our companies or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. We are in particular permitted to perform such processing operations because they have been specifically mentioned by the European legislator. In that regard, the legislator was of the opinion that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47, sentence 2, GDPR)

  • 14. Legitimate interests in the processing that are being pursued by the controller or a third party ⊻

    If the processing of personal data is based on Art. 6 (1) lit. f GDPR, our legitimate interest is conducting our business for the benefit of all of our employees and our shareholders.

  • 15. Duration for which the personal data are stored

    The criterion for the duration of the storage of personal data is the respective statutory retention period. After expiry of the period, the corresponding data are routinely deleted, as long as they no longer required for the fulfilment or preparation of the contract.

  • 16. Legal or contractual regulations for the provision of personal data

    Necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of failure to provide them.

    We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual provisions (e.g. information about the contracting party).

    Occasionally the conclusion of a contract may require that a data subject provides us with personal data that must subsequently be processed by us. The data subject is for instance required to provide us with personal information when our company enters into a contract with him or her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before the data subject provides personal data, the data subject must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contractually or is required for the conclusion of the contract, if there is an obligation to provide the personal data, and what the consequence of the non-provision of the personal data would be.

  • 17. Existence of automated decision-making

    As responsible companies, we do not use any automatic decision-making or profiling.

    This privacy policy was provided by the privacy policy generator of datenschutz compliance in co-operation with RC GmbHwhich recycles used notebooks and the filesharing attorneys of WBS-LAW .