Privacy policy

1. Information obligation in line with the GDPR

Information obligations in line with Article 13 of the GDPR

 

Responsibility for data processing in line with Article 13, Paragraph (1) Letter a)

Company name in line with Article 17, Paragraph 1 of the German Commercial Code (HGB) including the contact details of the controller (CEO)

 

FIMA Maschinenbau GmbH

Oberfischacher Straße 58

74423 Obersontheim

 

Alexander Schaeff

Dr. Serdar Ertong

 

Contact details of the data protection officer in line with Article 13, Paragraph (1) Letter b) of the GDPR

Helbig Datenschutz GmbH

Harald Helbig

Bergstraße 11

91207 Lauf an der Pegnitz

+49 9123 70275-15

harald.helbig@helbig-datenschutz.de

 

Purposes and legal bases of data processing, in line with Article 13, Paragraph (1) Letter c) of the GDPR

Personal data are processed for the purpose of fulfilling contracts or to perform pre-contractual measures. They include customer master data with points of contact, the contact history, products, orders, invoices, project data and other statutory obligations of the controller.

 

The legal bases arise from Article 6 of the GDPR. Other main legal bases arise from the German Commercial Code, tax legislation, the companies act and other statutory legislation relevant to FIMA Maschinenbau GmbH. This also includes contractual regulations. Processing of newsletters is subject to consent by the data subject.

 

Processing is to preserve the legitimate interests of the controller or a third party in line with Article 13, Paragraph (1) Letter d) of the GDPR

Insofar as it is necessary we process your data beyond the actual fulfilment of the contract in order to preserve our legitimate interests or those of third parties. They include:

  • sales steering and controlling
  • assertion of legal claims and defense in case of legal disputes
  • ensuring IT security and operation
  • measures for building and plant security (e.g. access control) and preserving the right to determine who is allowed or denied access
  • measures for business steering and development

 

Categories of recipients of personal data (data transmission) in line with Article 13, Paragraph (1) Letter e) of the GDPR

Within Germany, the European Union and European Economic Area Germany:

 

Auditors, bailiffs and other creditors, also other public offices for fulfilling legal obligations and requested certifications, logistics companies, customers and suppliers and other bodies and business partners.

 

Third countries including adequacy decision in line with Article 13, Paragraph (1) Letter f DSGVO of the GDPR

Within the context of international business relations, transmission is performed in line with Article 6, Paragraph 1, Letter b for the fulfilment of contracts or to perform pre-contractual measures. No adequacy decision in necessary for this purpose.

 

Retention period in line with Article 13, Paragraph (2), Letter a)

The respective purposes arise from the legal specifications and relevant sector-specific regulations. Personal data are erased once the purpose is fulfilled.

 

Rights of the data subject in line with Article 13, Paragraph (2), Letter b)

You can exercise your rights at any time via the above contact details. If your personal data are processed, you are a data subject within the meaning of the GDPR and are entitled to the following rights vis-à-vis the controller:

 

Information on the rights of data subjects

The data subject is entitled to demand from the controller confirmation of whether personal data about them are processed; if this is the case, they have the right to access information about these personal data and to the information listed in detail in Article 15 of the GDPR.

The data subject is entitled to demand from the controller the immediate correction of personal data about them that is incorrect and if necessary to demand completion of incomplete personal data (Article 16 of GDPR).

The data subject has the right to demand of the controller that they immediately erase personal data about them, insofar as one of the reasons listed in Article 17 of the GDPR applies, for instance when the data are no longer required for the purposes pursued (right to erasure).

The data subject has the right to demand of the controller the restriction of processing if one of the prerequisites listed in Article 18 of the GDPR, for instance if the data subject has filed an objection to processing, while the controller reviews the case.

The data subject has the right to file an objection to the processing of their personal data at any time for reasons relating to their particular circumstances. The controller will then no longer process the personal data, unless they can prove urgent legitimate reasons for processing, which take precedence over the interests, rights and freedoms of the data subject, or processing is for the purpose of asserting, exercising or defending legal rights (Article 21 of the GDPR).

 

Rights of the data subject in line with Article 13, Paragraph (2), Letter c) DSGVO

Insofar as you have given your consent to us to process your personal data for specific purposes (e.g. to process the data subject’s pictures), the legitimacy of this processing is based on your consent.

Once granted, consent can be revoked at any time. This also applies to revoking declarations of consent granted before the GDPR came into effect, thus before 25 May 2018.

Please note that the revocation is only effective for the future. Processing performed before your revocation is not affected.

 

Right to complain to a supervisory authority in line with Article 13, Paragraph (2), Letter D) of the GDPR

Irrespective of any other administrative rights under law or legal redress, every data subject has the right to lodge a complaint with a supervisory authority if they are of the opinion that the processing of personal data about them breaches the GDPR (Article 77 of the GDPR). The data subject can assert this right to a supervisory authority in the member state of their place of residence, their workplace or the place where the alleged breach took place.

 

In Baden-Württemberg the responsible supervisory authority is:

 

The State Commissioner for Data Protection and Freedom of Information

Office address

Königstrasse 10 a

70173 Stuttgart

 

Postal address

PO Box 10 29 32

70025 Stuttgart

 

Tel.: 0711/615541-0

Fax: 0711/615541-15

Email: poststelle@lfdi.bwl.de

 

Personal data provided in line with Article 13, Paragraph (2) Letter e) of the GDPR

As part of our business relationship you only need to provide the personal data required for the establishment, execution and termination of the employment relationship or data which we are required by law to collect. Without these data we will generally be unable to execute the employment relationship.

 

Amendment of the privacy policy

Change of purpose

We reserve the right to amend this privacy policy taking into account data protection regulations. The current version can be found on our Internet website under privacy policy. You can also request it at any time via the above contact details. If we intend to process your data for other purposes than those for which they were collected, we shall notify you of this in advance in compliance with the legal provisions.

 

Version 15.05.2018

 

 

2. Data protection at a glance

 

General information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data are all data by which you can be personally identified. Please refer to our privacy policy below for detailed information on the subject of data protection.

 

Data collection on our website

Who is responsible for collecting data on this website?

Data processing on this website is performed by the website operator. You can find their contact details in the site notice on this website.

 

How do we record your data?

We collect the data which you provide us with. This may be data which you enter in a contact form.

 

Other data are automatically collected by our IT system when you access our website. These data mainly consist of technical data (e.g. Internet browser, operating system or the time of day you accessed the website). These data are collected automatically as soon as you access our website.

 

What do we use your data for?

Some of the data is collected to ensure uninterrupted availability of the website. Other data may be used to analyze your user behavior.

 

Which rights do you hold in relation to your data?

Please refer to the obligatory information above for your rights.

 

Analysis tools and third-party provider tools

Your surfing behavior can be statistically evaluated when your access our website. This is mainly performed by cookies and with so-called analysis programs. Your surfing behavior is usually performed anonymously; your surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using specific tools. Please refer to the following privacy policy for detailed information.

You can object to this analysis at any time. We will inform you of your objection possibilities in this privacy policy.

 

 

3. General notice and obligatory information

 

Data protection

The operator of this website takes the protection of your personal data very seriously. We treat your personal data confidentially and according to the statutory data protection regulations and this privacy policy.

 

If you use this website, we will collect various personal data. Personal data are data by which you can be personally identified. This privacy policy explains which data we collect and what we use it for. It also explains how and for which purpose this is performed.

 

We would like to point out that data transmission in the Internet (e.g. when communicating per email) may be subject to security gaps. Seamless security to protect data from access by third parties is not possible.

 

Information, blocking, erasure

Within the context of the relevant statutory provisions, you have a right to free access to information about your personal data stored by us, its source, recipients, the purpose of data processing and if necessary, a right to correction, restriction or erasure of these data. You are welcome to contact us at the address specified in the site notice about this, and other questions on the subject of personal data.

 

Objection to advertising mails

Use of the contact details published in the site notice to send unsolicited advertising and information material is hereby expressly contradicted. The website operator expressly reserves the right to take legal steps in case of unsolicited advertising sent in the form of spam mail, for instance.

 

 

4. Data collection on our website

 

Cookies

Internet websites use so-called cookies to some extent. Cookies do not damage your computer, nor do they contain viruses. Cookies are used to enhance the user friendliness, efficacy and security of our service. Cookies are small text files set on your computer and stored by your browser.

The majority of cookies we use are called session cookies. They are automatically deleted when you leave the website. Other cookies remain stored on your end device until you delete them. These cookies let us recognize you the next time you access our website.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases; or cookies are only accepted in specific cases or generally excluded, or they are automatically erased when you close the browser. Deactivating cookies may restrict the functions on this website.

Cookies required to execute the electronic communication process or to provide specific functions you have asked for (e.g. shopping basket function) are stored on the basis of Article 6, Paragraph 1, Letter f of the GDPR. The website operator holds a legitimate interest in the storage of cookies for the technical error-free and optimized availability of their services. If other cookies (e.g. cookies for analyzing your surfing behavior) are stored, they are dealt with separately in this privacy policy.

 

Server log files

The website provider automatically collects and saves information in so-called server log files which your browser automatically sends to us. They are:

 

  • Browser type and version
  • Used operating system
  • Referrer URL
  • Host name of accessing computer
  • Time of day of the service request
  • IP address

 

These data will not be consolidated with other data sources.

The basis for data processing is Article 6, Paragraph 1, Letter f of the GDPR, which allows data processing to conclude a contract or pre-contract measures.

 

Contact form

When you send requests to us via the contact form, we store your details from the contact form and your contact details in order to process the request and in the case of follow-up questions. We do not forward these data without your consent.

 

Processing of the data you enter in the contact form is therefore performed exclusively on the basis of your consent (Article 6, Paragraph 1, Letter a of the GDPR). You can revoke this consent at any time by simply sending us an informal message to this effect via email. The legality of the data processing procedures up to the date of revocation shall remain unaffected by it.

 

We will store the data you entered in the contact form until you request erasure, revoke your consent to storage, or the purpose for which data were stored is no longer necessary (e.g. once we have finished dealing with your request). Compulsory statutory provisions – and retention periods in particular – remain unaffected by this.

 

 

4. Social media

 

Sharing content via plugins (Facebook, Google+, Twitter etc.)

The content on our web pages can be shared in social networks like Facebook, Twitter and Google+ in compliance with data protection law. This website uses the eRecht24 Safe sharing tool for this purpose. This tool only establishes direct contact between networks and users once users actively click one of these buttons.

This tool does not enable automatic transfer of user data to the operators of these platforms. If the user is logged into one of the social networks, when using the social buttons of Facebook, Google+, Twitter & Co. an information window is displayed in which the user can confirm the text before sending it.

 

Our users can share this website content in social networks in compliance with data protection law without the network operators creating a complete surfing profile.

 

LinkedIn plugin

Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

 

Whenever you access one our web pages with LinkedIn functions, a connection is set up to LinkedIn servers. LinkedIn is informed that you have accessed our Internet pages with your IP address. If you click the LinkedIn “Recommend button" and you are logged into your account at LinkedIn, LinkedIn will be able to link your visit to our Internet pages with your user account. We point out that as provider of the pages we have no knowledge of the content of the transmitted data, nor of its use by LinkedIn.

 

You can find additional information about the LinkedIn privacy policy at: https://www.linkedin.com/legal/privacy-policy.

 

XING plugin

Our website uses functions of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.

 

Whenever you access one our web pages with XING functions, a connection is established to XING servers. As far as we know, no personal data are stored in the process. In particular, IP addresses are not stored, and user behavior is not evaluated.

 

You can find additional information about data protection and the XING share button in the XING privacy policy at: https://www.xing.com/app/share?op=data_protection.

 

 

6. Analysis tools and advertising

 

Google Analytics

This website uses functions of the web analysis service, Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

 

Google Analytics uses so-called "cookies". These are text files stored on your computer which enable the analysis of your use of the website. The information generated by the cookie about your use of this website is usually sent to a Google server in the USA and stored there.

 

Google Analytics cookies are stored on the basis of Article 6, Paragraph 1, Letter f of the GDPR. The website operator has a legitimate interest in the analysis of user behavior in order to optimize their web service and their advertising.

 

IP anonymization

We have activated the IP anonymization function on our website. This means that Google truncates your IP address in member states of the European Union and in other states party to the European Economic Area Agreement before it is sent to the USA. Only in exceptional cases will the full IP address be sent to a Google server in the USA and then truncated. On behalf of the operator of this website Google will use this information to evaluate your use of the website, compile reports about website activities and to perform other services related to website and Internet usage for the website operator. The IP address transmitted by your browser as part of the Google Analytics process will not be consolidated with other data held by Google.

 

Browser plugin

You can prevent cookies being stored via your personal preferences in your browser software settings; however we point out that in this case you will not be able to make full use of all the functions on this website. You can also prevent transmission of the data generated by the cookie related to your use of the website (including your IP address) to Google and its processing of this data by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

 

Objection to data collection

You can prevent Google Analytics collecting your data by clicking the following link. An opt-out cookie is set which prevents your data being collected when you access this website in the future: Deactivate Google Analytics.

Additional information about how Google Analytics handles user data can be found in the Google privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

 

Order processing

We have concluded an order processing contract with Google and fully implement the rigorous standards of the German data protection authorities in the deployment of Google Analytics.

 

Google Analytics demographics

This website uses Google Analytics demographics function, in which reports can be compiled containing information on the age, gender and interests of website users. These data are sourced from interest-related Google advertising and third-party provider data on website users. These data cannot be traced to specific individuals. You can deactivate this function at any time in the advertising settings in your Google account or generally prevent the collection of your data by Google Analytics as described in the “Objection to data collection” section.

 

 

7. Plugins und Tools

 

YouTube

Our website uses Plugins from the YouTube website operated by Google. The operator of the web pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

 

If you access one of our web pages with a YouTube plugin, a connection will be set up to the YouTube servers, informing the YouTube server which of our web pages you have accessed.

 

If you are logged into your YouTube account, you enable YouTube to directly link your surfing behavior to your personal profile. You can prevent this by logging out of your YouTube account.

 

We use YouTube in the interest of displaying our online service in an attractive manner. This constitutes a legitimate interest within the meaning of Article 6, Paragraph 1, Letter f of the GDPR.

 

You can find additional information about how user data are handled in the YouTube privacy policy at: https://www.google.de/intl/de/policies/privacy.

 

Google Web Fonts

This website uses so-called web fonts provided by Google to display fonts in a consistent look. When you access a site, your browser downloads the required web fonts to your browser cache in order to correctly display copy and fonts.

 

For this purpose, the browser you use must set up a connection to Google servers, thus providing Google with the information that your IP address was used to access our website. We use Google Web Fonts in the interest of displaying our online service in a consistent and attractive manner. This constitutes a legitimate interest within the meaning of Article 6, Paragraph 1, Letter f of the GDPR.

 

If your browser does not support web fonts, a standard font will be used by your computer.

 

Additional information about Google Web Fonts is available at https://developers.google.com/fonts/faq and in the Google privacy policy: https://www.google.com/policies/privacy/.

 

Google Maps

This website uses the Google Maps service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

 

Your IP address has to be stored in order to use the functions of Google Maps. This information is usually sent to a Google server in the USA and stored there. The provider of this website has no influence on the transmission of this data.

 

The use of Google Maps is in the interest of displaying our online services in an attractive manner and facilitates searching for the locations specified on the website. This constitutes a legitimate interest within the meaning of Article 6, Paragraph 1, Letter f of the GDPR.

 

You can find additional information about how user data are handled in the Google privacy policy at: https://www.google.de/intl/de/policies/privacy/.

 

Source: E-Recht 24

 

 

 
 

The site uses cookies, which are stored on your computer and which allows an analysis of the use of the website.