Messe Friedrichshafen is aware of the considerable significance of data protection, data security and confidentiality. Messe Friedrichshafen wishes to strengthen the confidence of the users in the Internet and therefore discloses how personal data are handled. You will be informed here what information is collected and how the information is used.
As a general rule, protecting your privacy is of utmost importance for Messe Friedrichshafen. Therefore, compliance with legal data protection provisions is a matter of course for us. Moreover, it is important for us to let you know at any time, when we store data, which data are stored and how we will use them.
Messe Friedrichshafen assures that your information will be treated confidentially and in accordance with applicable German data protection regulations.
When you access our websites, our web servers will store by default the name of your Internet Service Provider, the website from which you are accessing us, the websites you are accessing, as well as the date and term of your visit. By accessing the websites Messe Friedrichshafen receives usage data that are stored for back-up purposes and might enable identification (e.g. IP address, date, time and pages accessed).
The data stored will exclusively be evaluated for statistical purposes. Disclosure to a third party - for commercial or non-commercial purposes - will not take place.
2. Data protection officer
If you have queries or comments as to data protection with Messe Friedrichshafen or wish to object to the use of your personal data for advertising, market and opinion research, please send a letter to:
Messe Friedrichshafen GmbH
Neue Messe 1
P.O. Box 2080
Telephone +49 7541 708-0
Telefax +49 7541 708-110
Or send an e-mail to: DATENSCHUTZ@MESSE-FN.DE
3. Personal data
Personal data will only be collected by Messe Friedrichshafen, if you actively contact us, e.g. via e-mail. Moreover, personal data will only be stored, if you enter them freely, e.g. in line with a registration, survey or competition.
All personal data arising in this context shall be processed and used only in accordance with applicable provisions for the protection of personal data for contact handling and safeguarding legitimate vested business interests with regard to customer/visitor service.
Your data will be treated confidentially and will not be disclosed to a third party without your express consent.
4. Right of access and right to object
You shall have the right at any time to obtain free and immediate information on the data collected about you. You shall have the right to request at any time the correction, deletion and blocking of your personal data stored by us by a statement/sending an e-mail to us under email@example.com.
Furthermore, you shall have the right to object to the use of your data with effect for the future, which you may exercise at any time vis-à-vis us by a statement/sending an e-mail to us under firstname.lastname@example.org
5. Session cookies / cookies
If you access our websites, automatically generated information will be incidentally collected (this means not via registration), that cannot be assigned to a certain person (e.g. by means of an Internet browser or an operating system, domain name of websites from which access is made via a web link; number of accesses, average dwell times; web pages accessed). We will use this information to improve and update our websites on an ongoing basis, as well as to increase attractiveness.
If you access one of our websites, it may occur that information initiated by us is stored in your computer in the form of a “session cookie”, which will automatically identify your computer when you next access our websites.
One characteristic of cookies is that they enable us to customize a website or save your password so that you must not enter it again and again. If you do not want us to recognize information about your computer, set your Internet browser that all cookies are deleted from your hard drive, all cookies are blocked or you are alerted before a cookie is saved.
6. External links
Our offer contains links to external websites of a third party, the content of which we have no influence upon. We do not assume responsibility for the contents of other websites you may access via our links.
7. Use of so-called social plug-ins
7.1. Use of Google Analytics
7.1.1. Moreover, our website uses Google Analytics, a web analysis service of Google Inc. (“Google“). Google Analytics uses so-called “cookies”, text files stored on your computer, enabling the analysis of how you use the website. The information about how you use this website (including your IP address) generated by the cookie is sent to a Google server in the United States and stored there. Google will use this information to evaluate how you use the website, to compile reports of the website activities for website operators and render further services related to the website and web usage. Google will also transfer this information to a third party, if necessary and provided that it is statutory or if a third party processes these data on behalf of Google. In no case will your IP address be related to other data of Google. You can prevent the installation of cookies in your browser software setting; nevertheless we wish to point out that in this case you might not be able to fully use all functions of this website. By using this website you agree to the processing of your data collected by Google in the manner and circumstances and the purpose already described and mentioned. The collection and storage of data can be objected to at any time with effect for the future. In view of the discussion as to the use of analysis tools with complete IP addresses we wish to point out that this website uses Google Analytics with the add-on “_anonymizelp()” and therefore all IP addresses are processed in an abbreviated form only to prevent direct reference to an individual.
7.1.2. You can prevent collection of your data by Google Analytics by clicking on the following link: An opt-out cookie is set which will prevent the collection of your data when you visit this website in future:
7.1.3. We have concluded an agreement for data processing with Google and completely comply with the stringent defaults of German data protection authorities when using Google Analytics.
7.2. Use of Google Adsense
Moreover our website uses Google Adsense, a web ads service of Google Inc., USA (“Google”). Google Adsense uses so-called "cookies”, text files stored on your computer and enabling the analysis of how you use the website. Google Adsense also uses so-called “web beacons” (small invisible graphics) to collect information. By using the web beacon simple actions, such as visitor traffic of the website, can be recorded and collected. The information about how you use this website (including your IP address) generated by the cookie and/or web beacon is sent to a Google server in the United States and stored there. Google will use this information to evaluate how you use the website as to ads, to compile reports of the website activities and ads for website operators and render further services related to the website and web usage. Google will also transfer this information to a third party, if necessary and provided that it is statutory or if a third party processes these data on behalf of Google. In no case will Google relate your IP address to other data of Google. You can prevent cookies being saved on your hard drive and web beacons being displayed by selecting in your browser setting “don’t accept cookies” (in MS Internet Explorer under “Extras” > Web options > Data protection > Settings”; in Firefox under “Extras > Settings > Data protection > Cookies”).
However, we wish to point out that in this case you might not be able to fully use all functions of this website. By using this website you agree to the processing of your data collected by Google in the manner and circumstances and the purpose already described and mentioned.
7.3. Use of Google Plus
Our website also uses the so-called “G +1” button of the social network Google Plus which is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CS 94043 United States (“Google”). The button is identified by the symbol “G +1”. If you are registered with Google Plus, you can express your interest in our website via the button “G +1” and share contents from our website in Google Plus. In this case Google will save the information that you have marked one of our contents with “G +1” and also the information you viewed at the same time. Your “G +1” may be displayed together with your name (where appropriate with a photo, if available) in Google Plus with further Google services, such as Google search or your Google profile.
The purpose and scope of data collection and further processing and use of the data by Google, as well as your rights and setting options for protection of your privacy can be had in the privacy notice of Google:
7.4. Use of Google Remarketing and “Similar Audiences” function of Google Inc.
Our website uses the Remarketing or “Similar Audiences” function of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 United States (“Google”). This way you can be addressed purposefully by advertisements by placing personalized and interest-related ads when you access other websites on the so-called “Google display network”. “Google Remarketing” or the function “Similar Audiences” uses so-called “cookies”, text files stored on your computer, enabling the analysis of how you use the website. Via these text files your visits, as well as anonymized data of how you use the website are collected. Personal data will not be saved in this context. If you access another website in the so-called “Google display network” ads may be displayed which very likely consider product and information sectors previously accessed in our website.
7.5. Use of Google Adwords Conversion Tracking by Google Inc.
This website uses the “Google AdWords Conversion Tracking” function of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 United States (“Google”). Google AdWords Conversion Tracking uses so-called "cookies”, text files stored on your computer, enabling the analysis how you use the website if you clicked on the Google ad. The cookies are valid for a maximum of 90 days. Personal data will not be saved in this context. As long as the cookie is valid, Google and we, as the website operator, can recognize that you really clicked on an ad and were forwarded to a certain target site (e.g. order confirmation page, newsletter registration). These cookies may not be tracked via several websites by different AdWords participants. In “Google AdWords” conversion statistics are created via the cookie. These statistics record the number of users who clicked on one of our ads. Besides the number of users is counted who accessed a target page equipped with a “conversion tag”. However, the statistics do not contain data with which you can be identified.
You can prevent that cookies are saved on your hard drive by selecting “don’t accept cookies” in your browser setting (in MS Explorer under “Extras” > Web options > Data protection > Settings”; in Firefox under Extras > Settings > Data protection > Cookies); however, we wish to point out that in this case you might not be able to fully make use of all functions of this website.
By using this website you agree to the processing of your data collected by Google in the manner and circumstances and the purpose already described and mentioned. You can find further information how Google uses conversion data, as well as the privacy statement of Google under: support.google.com/adwords/answer/93148,http://www.google.de/policies/privacy/.
7.6 Use of Google Fonts
We use Google Fonts from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website. Google Fonts are used without authentication and no cookies are sent to the Google Fonts API. If you have a Google Account, none of your Google Account information will be transmitted to Google while using Google Fonts. Google only records the use of CSS and the fonts used and stores this data securely. You can find out more about these and other questions at https://developers.google.com/fonts/faq.
You can find further information about Google collecting data at https://policies.google.com/privacy?hl=en.
7.7. Use of Facebook
Our website uses plug-ins of the provider Facebook.com which are provided by the company Facebook Inc., 1601 S. California Avenue, Palo Alto, CA 94304 in the USA. Users of our website with the Facebook plug-in (“Like” button) installed will be referred to the fact that a connection to Facebook is established via the plug-in, by which transfer is made to your browser to have the plug-in displayed in the website.
Moreover, data are submitted to the Facebook servers by the use containing information about the websites you have visited in our home page. This means for logged-in Facebook users that the usage data are assigned to your personal Facebook account.
When you, as a logged-in Facebook user use the Facebook plug-in actively (e.g. by clicking on the “Like” button or using the comment function), these data are transferred to your Facebook account and published. You may only bypass this by previously logging out of your Facebook account.
For further information as to the use of data by Facebook go to the Facebook data protection regulations under de-de.facebook.com/policy.php.
7.8. Use of the web message service twitter.com
We also integrated into our website the web message service twitter.com. It is provided by Twitter Inc., 1355 Market St, Suite 900 San Francisco, CA 94103, USA. Twitter offers the so-called “Tweet” function. This allows you to publish messages with a length of 140 characters on your own twitter account, also with links to websites. If you use the “Tweet” function of Twitter in our websites, the respective website is linked to your twitter account and published there if necessary. In this context data are also transferred to Twitter.
We do not have knowledge of the content of the data transferred and their usage by Twitter. Therefore go to the privacy statement of Twitter for further information: twitter.com/privacy
With the following link Twitter offers you to make data protection settings on your own: twitter.com/account/settings.
7.9. Use of the XING recommendation function
7.10. Use of YouTube
Our website uses plug-ins of YouTube operated by Google. The operator of the websites is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you access one of our websites equipped with a YouTube plug-in, a connection to the YouTube servers will be established. In doing so, the YouTube server is informed about the websites you have accessed.
If you logged in with your YouTube account, you enable YouTube to assign your browsing behavior directly to your personal profile. You can prevent this by logging-out of your YouTube account.
Further information how to process user data can be had in the privacy statement of YouTube under: https://www.google.de/intl/de/policies/privacy.
7.11. Use of LinkedIn
Our website uses functions of the LinkedIn network. Provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every time you access one of our websites containing functions of LinkedIn a connection to LinkedIn servers will be established. LinkedIn is informed that you accessed our websites with your IP address. If you click on the “Recommend Button” of LinkedIn and have logged in on your LinkedIn account, LinkedIn will be able to assign your visit to our website to you and your user account. We wish to point out that we, as the provider of the website, do not have knowledge of the content of the data transferred and the use of such by LinkedIn.
Further information can be had in the privacy statement of LinkedIn under: https://www.linkedin.com/legal/privacy-policy.
LinkedIN Insight Tag
We use the LinkedIn Insight Conversion Tool from LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, which allows us to receive information about the use of our website and to present you with advertising content on other websites that is tailored to your interests. For this purpose, a cookie is set in your browser with a validity of 120 days, which enables LinkedIn to recognize you when you visit a website. LinkedIN uses this data to generate anonymous reports for us about advertising activity and information about how you interact with our website.You can deactivate the LinkedIN Insight Conversion Tool and interest-based advertising by opting out at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
If you are a LinkedIN member, click the "Reject on LinkedIn" field. Other visitors click "Decline".
Further information on data protection at LinkedIn can be found here: https://www.linkedin.com/legal/privacy-policy#choices-oblig
You can deactivate tracking via the LinkedIN Insight Tag by clicking the following link: https://caala.de?optout=socialmedia
7.11. Use of Instagram
Functions of the Instagram service are integrated into our pages. These functions are offered by the Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. If you have logged in on your Instagram account, you may link the contents of our pages to your Instagram profile by clicking on the Instagram button. As a result Instagram may assign the access of our pages to your user profile. We wish to point out that we, as the provider of the pages, do not have knowledge of the content of the data transferred and the use of such by Instagram.
Further information can be had in the privacy statement of Instagram under: http://instagram.com/about/legal/privacy/.
7.12. Use of Vimeo
Our website also contains plug-ins of the video platform Vimeo of Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA. Every time you access a page offering one or several Vimeo video clips a direct connection between your browser and a Vimeo server in the USA will be established. As a result information on your visit and your IP address will be saved there. This information is also transferred to Vimeo and saved there by interactions with Vimeo plug-ins (e.g. clicking on the start button).
If you have a Vimeo user account and do not want to have personal data collected by Vimeo via this website and connected to the member data saved at Vimeo, you have to log out of Vimeo before accessing this website.
The privacy statement for Vimeo with further information on the collection and use of your data by Vimeo can be had under vimeo.com/privacy.
8. SSL encryption
For the purposes of security and safety and the protection of transferring confidential contents, such as inquiries sent to us as the website operator, this website uses SSL encryption. You can recognize an encrypted connection when the address line of the browser switches from “http://” to “https://” and via the lock symbol on your browser line.
When SSL encryption is activated, your data transferred to us cannot be read by a third party.
9. Objection to advertising mails
Hereby, an objection is in place as to the usage of the contact data published under the section obligation to provide masthead, provided that the contact data are used for sending advertisements and information material that had not been expressly demanded. We therefore shall expressly reserve the right to take legal action against the sender should such advertising information (for instance via spam e-mails) be sent to us.
10. Contact form
If you send queries via the contact form, your information from the contact form, including the contact data entered there, will be saved by us to process your inquiry and follow-up questions, if need be. However, the data saved will not be forwarded without your consent.
11. Newsletter data
If you want to subscribe to the newsletter offered in our website, we will need
a) Your e-mail address, as well as
b) Information enabling us to verify that you are the owner of the indicated e-mail and agree to receiving the newsletter.
We will use these data exclusively for sending the required information. Moreover, we will neither collect personal data, nor disclose the collected data to a third party.
12. Data privacy
To ensure best possible privacy of your personal data we have implemented a number of technical measures which are state-of-the-art and adapted on an ongoing basis.
13. Collection of general data and information
A series of general data and information is collected by the website of Messe Friedrichshafen GmbH every time the website is accessed by a data subject or an automated system. These general data and information are saved on the log files of the server. The following can be collected:
(1) browser types and versions used,
(2) the operating system used by the accessing system,
(3) the website from which an accessing system accesses our website (so-called referrers),
(4) the sub-websites which are triggered in our website by the accessing system,
(5) the accessing date and time of the website,
(6) an Internet Protocol address (IP address),
(7) the Internet service provider of the accessing system and
(8) other similar data and information for hazard prevention in the case of attacks to our information technology systems.
When using these general data and information Messe Friedrichshafen GmbH does not draw conclusions to the data subject. This information is rather used to (1) supply the contents of our website appropriately, (2) optimize the contents of our website, as well advertising for it, (3) guarantee permanent functionality of our information technology systems and technology of our website, as well as (4) provide the prosecution authorities in the case of a cyber attack with the information required for prosecution. Therefore, these anonymously collected data and information will be evaluated by Messe Friedrichshafen GmbH statistically and with the objective to increase data protection and data security in our company to finally ensure an optimum protection level for the personal data processed by us. The anonymous data of the server log files shall be saved separately from all personal data provided by a data subject.
14. Routine deletion and blocking of personal data
The controller responsible for processing processes and saves personal data of the data subject only for the period required for achieving the storage purpose or provided by the European directive and regulation legislator or another legislator in laws or regulations to which the controller responsible for processing is subject to.
If the storage purpose does not apply or the storage period determined by the European directive and regulation legislator or another responsible legislator expires, personal data shall be blocked or deleted routinely and in accordance with statutory provisions.
15. Rights of the data subject
a) Right to confirmation
Every data subject shall have the right granted by the European directive and regulation legislator to be provided by the controller responsible for processing with a confirmation whether personal data related to the data subject have been processed or not. If a data subject wants to exercise this right of confirmation, he or she can contact our data protection officer or another staff member of the controller responsible for processing at any time.
b) Right to information
Every data subject affected by processing personal data shall have the right granted by the European directive and regulation legislator to be provided at any time by the controller responsible for processing with free information on personal data saved on him or her, as well as with a copy of this information. Moreover, the European directive and regulation legislator has granted the data subject information on the following information:
The processing purposes
The categories of personal data being processed
The recipients or categories of recipients the personal data have or will be disclosed to, in particular recipients in third countries or of international organizations
If possible, the planned term, during which the personal data shall be saved or if this is not possible, the criteria for specifying this term
The existence of a right to rectification or deletion of the personal data related to him or her or restriction of processing by the controller or a right to object to this processing
The existence of a right to lodge a complaint with a supervisory authority
If the personal data are not collected with the data subject: all available information on the source of the data
The existence of automated individual decision-making, including profiling pursuant to Art. 22 (1) and (4) GDPR and - at least in these cases - significant information about the logic involved, as well as the significance and the effects of such processing hoped for the data subject
Moreover, the data subject shall have the right to be informed whether personal data have been transferred to a third country or an international organization. If this is the case, the data subject shall have the right to be provided with information on appropriate guarantees related to the transfer.
If a data subject wants to exercise this right of information, he or she can contact our data protection officer or another staff member of the controller responsible for processing at any time.
c) Right to rectification
Every data subject affected by the processing of personal data shall have the right granted by the European directive and regulation legislator to demand the immediate rectification of incorrect personal data related to him or her. Moreover, the data subject shall have the right to demand the completion of incomplete personal data - even by means of a complementary declaration - taking into account the processing purposes.
If a data subject wants to exercise this right of rectification, he or she can contact our data protection officer or another staff member of the controller responsible for processing at any time.
d) Right to deletion (“right to be forgotten”)
Every data subject affected by processing of personal data shall have the right granted by the European directive and regulation legislator to obtain from the controller the deletion of personal data concerning him or her without undue delay where one of the following grounds applies and processing is not required:
o The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
o The data subject withdraws consent on which the processing is based according to Art. 6(1) lit. a GDPR or Art. 9(2) lit. a GDPR, and where there is no other legal ground for the processing.
o The data subject objects to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21(2) GDPR.
o The personal data have been unlawfully processed.
o The personal data have to be deleted for compliance with the legal obligation in Union or Member State law to which the controller is subject.
o The personal data have been collected in relation to the offer of information society services referred to in Art. 8(1) GDPR.
Provided that one of the aforementioned grounds applies and a data subject wants to initiate the deletion of personal data saved at Messe Friedrichshafen GmbH, he or she can contact our data protection officer or another staff member of the controller responsible for processing at any time. The data protection officer of Messe Friedrichshafen GmbH or another staff member shall initiate that the demand for deletion is complied with immediately.
If the personal data have been published by Messe Friedrichshafen GmbH and our company, as the controller pursuant to Art. 17(1) GDPR, is obliged to delete the personal data, Messe Friedrichshafen GmbH shall take appropriate measures, also technical ones - under consideration of available technology and implementation costs - to inform other data controllers who process the published personal data that the data subject demanded from those other data controllers to delete any and all links to these personal data or copies or replications of these personal data provided that processing is not necessary. The data protection officer of Messe Friedrichshafen GmbH or another staff member shall take the necessary steps on a case-by-case basis.
e) Right to restriction of processing
Every data subject affected by processing of personal data shall have the right granted by the European directive and regulation legislator to obtain from the controller restriction of processing where one of the following applies:
o The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
o The processing is unlawful and the data subject opposes the deletion of the personal data and requests the restriction of their use instead.
o The controller no longer needs the personal data for the purposes of processing, but they are required by the data subject for the establishment, exercise or defense of legal claims.
o The data subject has objected to processing pursuant to Art. 21(1) GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
Provided that one of the aforementioned grounds applies and a data subject wants to initiate the restriction of personal data saved at Messe Friedrichshafen GmbH, he or she can contact our data protection officer or another staff member of the controller responsible for processing at any time. The data protection officer of Messe Friedrichshafen GmbH or another staff member shall initiate the restriction.
f) Right to data portability
Every data subject affected by processing of personal data shall have the right granted by the European directive and regulation legislator to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. He or she shall also have the right to transmit these data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent pursuant to Art. 6(1) lit. a GDPR or Art. 9(2) lit. a GDPR or another contract pursuant to Art. 6(1) lit. b GDPR and processing is carried out by automated means, provided that the processing is not required for the performance of a task carried out in the public interest or exercise of official authority vested in the controller.
Furthermore, in exercising his or her right to data portability pursuant to Art. 20(1) GDPR, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible and the rights and freedoms of other persons are not impaired.
For the assertion of the right to data portability the data subject may contact at any time the data protection officer appointed by Messe Friedrichshafen GmbH or another staff member.
g) Right to object
Every data subject affected by processing of personal data shall have the right granted by the European directive and regulation legislator to object, on grounds relating to his or her particular situation, at any time to the processing of personal data concerning him or her which is based on Art. 6(1) lit. e or f GDPR. This shall also include profiling based on those provisions.
In the case of an objection to processing, your personal data will no longer be processed by Messe Friedrichshafen GmbH, unless we are able to prove compelling legitimate reasons for the processing that override the interests, rights and freedom of the data subject or the processing is for asserting, execution or defense of legal claims.
Where personal data is processed by Messe Friedrichshafen GmbH for direct marketing purposes, the data subject shall have the right to object to processing of personal data concerning him or her for such marketing at any time. This shall also include profiling to the extent that it is related to such direct marketing. Where the data subject objects to processing for direct marketing purposes vis-à-vis Messe Friedrichshafen GmbH, the latter shall no longer process the personal data for such purposes.
Furthermore, the data subject shall have the right for grounds based on his or her particular situation to object to processing of personal data concerning him or her by Messe Friedrichshafen GmbH for scientific or historical research purposes or statistical purposes pursuant to Art 89(1) GDPR, unless such processing is for fulfilling a task in the public interest.
For the assertion of the right to object, the data subject may directly contact the data protection officer of Messe Friedrichshafen GmbH or another staff member. Furthermore, in the context of using services of the information society the data subject shall be free to assert his or her right to object by means of automated processes using technical specifications notwithstanding directive 2002/58/EC.
h) Automated individual decision-making, including profiling
Every data subject affected by processing of personal data shall have the right granted by the European directive and regulation legislator not to be subject to a decision based solely on automated processing - including profiling - which produces legal effects concerning him or her or similarly significantly affects him or her, if this decision (1) is not necessary for entering into or fulfilling a contract between the data subject and the controller, or (2) is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests or (3) is based on the data subject’s explicit consent.
If the decision (1) is necessary for entering into or fulfilling a contract between the data subject and the controller or (2) is based on the data subject’s explicit consent, Messe Friedrichshafen GmbH shall take appropriate measures to protect the rights and freedoms, as well as the legitimate interests of the data subject, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.
If a data subject wants to exercise rights referring to automated decisions, he or she can contact our data protection officer or another staff member of the controller responsible for processing at any time.
i) Right to revoke a declaration of consent under data protection law
Every data subject affected by processing of personal data shall have the right granted by the European directive and regulation legislator to revoke at any time the consent to the processing of personal data.
If a data subject wants to exercise his or her right to revoke the consent, he or she can contact our data protection officer or another staff member of the controller responsible for processing at any time.
16. Legal basis of processing
Art 6 I lit. a GDPR shall be the legal basis for processing for which we obtain consent to a certain purpose of the processing. If processing of personal data necessary for the performance of a contract to which the data subject is party, as for instance with processing for the supply of goods or rendering services or return services, processing shall be based on Art 6 I lit. b GDPR. The same shall be applicable for processing necessary for the performance of pre-contractual measures, such as inquiries as to our products and services. If a company is subject to a legal obligation which prompts the processing of personal data, such as compliance with tax obligations, processing shall be based on Art 6 I lit. c GDPR. In rare cases the processing of personal data might be necessary to protect the vital interests of the data subject or of another natural person. This would be the case if a visitor is injured in our company and as a result his or her name, age, health insurance data or other vital information would have to be forwarded to a physician, hospital or another third party. Then the processing would be based on Art. 6 I lit. d GDPR. In the end the processing could be based on Art. 6 I lit. d GDPR. Processing not covered by any of the aforementioned legal grounds is based on this legal basis if the processing is necessary to protect a vital interest of our company or a third party, unless interests, fundamental rights and fundamental freedom of the data subject prevail. We are entitled to such processing because they are explicitly mentioned by the European legislator. In this regard the latter’s opinion was that a legitimate interest could be assumed, if the data subject is a customer of the controller (recital 47 sentence 2 GDPR).
17. Legitimate interests in the processing pursued by the controller or a third party
If the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest will be the performance of our business activities in favor of the welfare of our staff members and our shareholders.
18. Storage period of personal data
The criterion for the storage period of personal data shall be the respective legal retention period. Upon expiry of the period the respective data shall be routinely deleted, provided that they are no longer necessary for the performance of the contract or contract initiation.
19. Legal or contractual provisions for the provision of personal data; necessity for the conclusion of a contract; obligation of the data subject to provide personal data; possible consequences of a non-provision
We inform you that the provision of personal data partially is prescribed by law (e.g. tax regulations) or may be a result of contractual provisions (e.g. information on the contractual partner). From time to time it may be necessary for the conclusion of a contract that a data subject provides us with personal data which subsequently must be processed by us. The data subject shall be obliged to provide personal data, if our company enters into a contract with him or her. The non-provision of personal data would mean that the contract with the data subject cannot be concluded. Prior to the provision of personal data by the data subject the latter must contact our data protection officer. Our data protection officer informs the data subject on a case-by-case basis whether the provision of personal data is prescribed by law or contract or necessary for the conclusion of the contract, whether there is an obligation to provide personal data and what consequences would have to be expected if personal data are not provided.
20. Automated decision-making
As a responsible company we waive automated decision-making or profiling.
This privacy statement shall be valid for the following social media and websites: