A. Data Privacy Statement
I. Name and address of the party responsible
The party responsible in the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other regulations of the data protection laws is the:
AMS Apparate-Maschinen-Systeme Technology GmbH
Johann-Esche-Straße 4
09212 Limbach-Oberfrohna
Tel.: +49 3722 - 50 33 - 0
E-Mail: info@ams-systeme.de
Webseite: www.ams-systeme.de/
II. Name and address of the data protection officer
The data protection officer of the party responsible is:
Jan Krupka
DELTA proveris AG
Ludwig-Richter-Straße 3
09212 Limbach-Oberfrohna Deutschland
Tel.: 03722 71 70 50
E-Mail: dsb@depag.de
Homepage: www.depag.de
III. General about the data processing
1. Extent of the processing of person-related data
Basically, we only process person-related data of our users as long as this is necessary for the provision of a functional homepage as well as our contents and services. Regularly, the processing of person-related data of our users only takes place after the consent of the user. An exception is only valid in such cases where a previous request of a consent due to real reasons is not possible and the processing of data is allowed by legal regulations.
2. Legal basis for processing of person-related data
As long as we require a consent of the particular person for processing issues of person-related data Art. 6 para. 1 a EU-General Data Protection Regulation (GDPR) serves as legal basis. Art. 6 para. 1 b GDPR serves as legal basis at the processing of person-related data which are necessary for the fulfillment of a contract whose contract party is the particular person. This is also valid for processing issues which are necessary for the execution of conditions precedent to the contract.
As long as a processing of person-related data is necessary for the fulfillment of a legal obligation which our company is subject to Art. 6 para. 1 c GDPR is the legal basis. Art. 6 para. 1 d GDPR serves as legal basis for the case that essential interests of the particular person or another natural person require a processing of person-related data.
If the processing is necessary for the keeping of an authorized interest of our company or a third party and the interests, basic laws and basic liberties of the particular person do not outweigh the first meant interest so Art. 6 para. 1 f GDPR is the legal basis for the processing.
3. Data deletion and storage duration
The person-related data of the particular person are deleted or locked as soon as the purpose of the storage is not applicable. Furthermore, a storage can take place if this was provided by the European or national legislator in legal regulations, laws or other rules of the Union whom the party responsible is subject to. A locking or deletion of the data also takes place then if a dictated storage period named by the standards expires unless a necessarity exists for the further storage of the data for a contract conclusion or contract fulfillment.
IV. Provision of the homepage and creation of logfiles
1. Description and extent of the data processing
Our system registers automated data and information from the computer system of the appealing PC at each appeal of our homepage. The following data are collected herewith:
- a. Information about the browser type and the used version
- b. The operating system of the user
- c. The internet service provider of the user
- d. The IP-address of the user
- e. Date and time of the access
- f. Homepages from which the system of the user comes to our homepage
The data are also saved in the logfiles of our system. A storage of these data together with other person-related data of the user does not take place.
2. Legal basis for the data processing
Art. 6 para. 1 f GDPR is the legal basis for the intermediate storage of the data and the logfiles.
3. Purpose of the data processing
The intermediate storage of the IP-address by the system is necessary in order to enable a provision of the homepage to the PC of the user. Therefore the IP-address of the user remains saved for the period of the session.
The storage in logfiles takes place in order to secure the functionality of the homepage. Furthermore, the data are necessary for the optimization of the homepage and for the security of the safety of our information-technological systems. An analysis of the data for marketing purposes does not take place in this context. Our authorized interest of the data processing is also in these purposes by Art. 6 para. 1 f GDPR.
4. Period of the storage
The data are deleted as soon as they are not necessary anymore for the fulfillment of the purposes of their collection. This is the issue in the case of the registration of the data for the provision of the homepage if the particular session is finished.
This is the issue after at least 14 days in the case of the storage of the data in logfiles. A storage beyond this is possible. In this case, the IP-addresses of the users are deleted or alienated so that an assignment of the appealing client is not possible anymore.
5. Possibility of oppisition and clearance
The registration of the data to provide the homepage and the storage of the data in logfiles is essentially necessary. As follows, the user does not have the possibility to disagree.
V. Use of Cookies
1. Description and extent of the data processing
Our homepage uses Cookies. Cookies are text files which are saved in the internet browser and/or by the internet browser on the computer system of the user. If a user appeals a homepage so a Cookie can be saved on the operating system of the user. This Cookie contains a characteristic string which enables a clear identification of the browser at the new appeal of the homepage.
We implement Cookies to design our homepage user-friendlier. Some elements of our homepage require that the appealing browser can also be identified after a change of homepage.
With it the following data are saved and transferred in the Cookies:
- (1) language settings
- (2) login information
Beyond this, we use Cookies on our homepage which enable an analysis of the surf behaviour of the user. So, the following data can be transferred:
- (1) entered search words
- (2) frequency of appeals of homepages
- (3) usage of homepage functions
2. Legal basis for the data processing
Art. 6 para. 1 f GDPR is the legal basis for the processing of person-related data by using Cookies.
3. Purpose of the data processing
The purpose of the use of technically necessary Cookies is to simplify the use of homepages for the user. Some functions of our homepage can not be offered without the implementation of Cookies. For those it is necessary that the browser will be identified again after the change of a homepage.
We need Cookies for the following applications:
- (1) use of support and customer portal
- (2) transfer of language settings
- (3) memory of search words
The user data collected by the technically necessary Cookies are not used for the creation of user profiles. The use of analysis Cookies takes place for the purpose of improving the quality of our homepage and their contents. We get to know by the analysis Cookies how the homepage is used and so we can optimize our offer permanently.
The associated data protection statement is found under IX Data Protection Statement for the use of Google Analytics.
Our authorized interest of the data processing is also in these purposes by Art. 6 para. 1 f GDPR.
4. Period of storage, possibility of oppisition and clearance
Cookies are saved on the PC of the user and transferred from this to our homepage. That is why you as user also have the full control about the usage of Cookies. You can deactivate or limit the transfer of Cookies by a change of the settings in your internet browser. Already saved Cookies can be deleted at each time. This can also take place automated. If you deactivate Cookies for our homepage it can possibly happen that some functions of the homepage can not be used completely.
VI. Newsletter
1. Description and extent of the data processing
It is possible to subscribe a newsletter without costs on our homepage. Hereby, the data from the entry mask are transferred at the login to the newsletter. Therefore, your E-mail-address is only required.
Furthermore, the following data are collected at the login:
- (1) IP-address of the appealing PC
- (2) date and time of the registration
- (3) E-mail-address
Your consent is requested for the processing of the data and referred to this data protection statement.
If you purchase products or services and depose your E-mail-address herewith so this can be used for the sending of a newsletter as follows. In such a case, direct marketing is exclusively sent for own products or services via the newsletter.
A transfer of the data to third party does not take place in the context with the data processing for the sending of newsletters. The data are only used for the sending of the newsletter.
2. Legal basis for the data processing
Art. 6 para. 1 a GDPR is the legal basis for the processing of data after the login to the newsletter by the user at the existence of a consent of the user.
§ 7 para. 3 UWG is the legal basis for the sending of the newsletter due to the sales of products and services.
3. Purpose of the data processing
The collection of the E-mail-address of the user serves for the sending of the newsletter. The collection of other person-related data in the case of the login process serves for the fact to avoid a misuse of the services or the used E-mail-address.
4. Period of the storage
The data are deleted as soon as they are not necessary anymore for the fulfillment of the purpose of their collection. So the E-mail-address of the user is saved as long as the subscription of the newsletter is active.
Regularly, the other person-related data collected during the login process are deleted after a deadline of 14 days.
5. Possibility of opposition and clearance
The subscription of the newsletter can be cancelled by the particular user at each time. You will find a particular link in each newsletter for this purpose.
Herewith, an opposition of the consent of the storage of the person-related data which had been collected during the login process is also possible.
VII. Contact form and E-mail-contact
1. Description and extent of the data processing
Contact forms are available on our homepage which can be used for the electronical contacting. If a user takes this possibility so the data entered in the entry mask are transferred to us and saved. These data are:
Data of the entry mask:
- Name (optional)
- Name of the company (optional)
- E-Mail-address (obligation)
- Message (optional)
- Telephone (optional)
- Branch (optional)
- Address data (optional)
Furthermore, the following data are saved at the moment of the sending of the message:
- (1) the IP-address of the user
- (2) date and time of the registration
Your consent is requested for the processing of the data during the sending process and referred to this data protection statement.
As alternative, a contacting is possible via the provided E-mail-address. In this case, the person-related data of the user transferred with the E-mail are saved.
A transfer of the data to third party does not take place in this context. The data are only used for the processing of the communication.
2. Legal basis for the data processing
Art. 6 para. 1 a GDPR is the legal basis for the processing of the data at the existence of a consent of the user.
Art. 6 para. 1 f GDPR is legal basis for the processing of the data which are transferred during the sending of an E-mail. If the E-mail-contact focuses on the conclusion of a contract so Art. 6 para. 1 b GDPR is the additional legal basis for the processing.
3. Purpose of the data processing
The processing of the person-related data from the entry mask just serves for the editing of the contacting. In the case of a contacting per E-mail, the necessary authorized interest is also at the processing of the data.
The other person-related data processed during the login process serve for the fact to avoid the misuse of the contact form and to secure the safety of our information-technological systems.
4. Period of storage
The data are deleted as soon as they are not necessary anymore for the fulfillment of the purpose of their collection. This is the case then if the particular communication with the user is finished according to the person-related data from the entry mask of the contact form and those which had been sent per E-mail. The communication is finished then if you can read from the circumstances that the particular subject is cleared finally.
The person-related data which had been collected additionally during the sending process are deleted at least after a deadline of 14 days.
5. Possibility of opposition and clearance
The user has the possibility at each time to cancel his/her consent for the processing of the person-related data. If the user contacts us per E-mail so he/she can disagree the storage of his/her person-related data at each time. In such a case, it is not possible to continue the communication.
The opposition can take place via widerspruch@delta-barth.de.
All person-related data which had been saved during the contacting are deleted in this case.
VIII. Online presentation in social networks
We provide online presentations within social networks and platforms in order to contact the active users there, possible prospects and customers and to inform them there about our services and products.
1. Description and extent of the data processing
Cookies are saved on the PC of the user within the data processing where the interests and user behaviour are recorded. These data can also be saved device-spreading in connection with the login to the particular platform.
We want to point to the fact that it may come to a data processing of the user data outside the European area. Herewith it can lead to some risks for the user because the enforcement of the user‘s right can be complicated for example. US-providers which are certified under the Privacy-Shield have committed themselves to keep the data protection standards of the EU.
2. Legal basis for the data processing
The processing of person-related data takes place due to our authorized interests of an effective information and communication of the users according to Art. 6 para. 1f. GDPR.
If users are asked by the providers of the platforms to give a consent the processing takes place due to Art. 6 para. 1A GDPR and Art. 7 GDPR.
3. Purpose of the data processing
The data processing serves regularly for marketing and advertising purposes. So user profiles are created according to the user‘s behaviour and interests for example. These user profiles are used for example to place adverts – especially adjusted to the interests of the user – within and outside the platforms.
4. Duration of the storage
The duration of the storage of the collected data differs according to the providers of the platforms. A detailed picturing of the particular providers can be read in the following links.
5. Possibility of opposition and clearance
We refer to the following linked indications of the single providers for a detailed picturing of the data processing and their possibility of opposition (opt-out).
Because the providers of the particular platforms have only access to the data of the users and can give information we refer to the fact that it is most effective to make information requests and the enforcement of user rights directly at the provider.
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland
Basis: Vereinbarung über gemeinsame Verarbeitung personenbezogener Daten
Data protection agreement: https://www.facebook.com/about/privacy/
Opt-Out: https://www.facebook.com/settings?tab=ads http://www.youronlinechoices.com
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Data protection agreement: https://policies.google.com/privacy
Opt-Out: https://adssettings.google.com/authenticated
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland
Data protection agreement/Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.
IX. Rights of the particular person
If person-related data of you are processed so you are the particular person in the sense of the GDPR and you have the following rights against the party responsible:
1. Information right
You can require a confirmation from the party responsible about the fact if person-related data which refer to you are processed by us. If such a processing exists so you can require advice from the party responsible about the following information:
- (1) the purpose for which the person-related data are processed;
- (2) the categories of person-related data which are processed;
- (3) the recipients and/or the categories of recipients against whose the person-related data which refer to you had been externalized or will be externalized;
- (4) the planned period of storage of the person-related data which refer to you or if concrete indications are not possible criteria for the definition of the storage period;
- (5) the existence of a right to correct or delete the person-related data which refer to you, a right to limit the processing by the party responsible or an opposition right against this processing;
- (6) the existence of a right to complaint at a controlling institution;
- (7) all available information about the origin of the data if the person-related data are not collected at the particular person;
- (8) the existence of an automated decision making including profiling according to Art. 22 para. 1 and 4 GDPR – and at least in these cases – sophisticated information about the involved logic as well as the consequences and the planned effects of such a processing for the particular person.
You have the right to require information about the fact if the person-related data which refer to you are transferred to third country or an international organization. In this context, you can require to receive information about the suitable guarantees due to Art. 46 GDPR in the context of the transfer.
2. Right to correction
You have the right to correction and/or completion against the party responsible as long as the processed person-related data which refer to you are incorrect or incomplete. The party responsible has to execute the correction immediately.
3. Right to limitation of the processing
You can require the limitation of the processing of the person-related data which refer to you under the following preconditions:
- (1) if you deny the correctness of the person-related data which refer to you for a period which gives the party responsible the possibility to check the correctness of the person-related data;
- (2) the processing is illegal and you reject the deletion of the person-related data and instead require the limitation of the use of the person-related data;
- (3) the party responsible do not need the person-related data for the purposes of the processing anymore, but you need these for the enforcement, execution or defence of legal claims or
- (4) if you stated opposition against the processing due to Art. 21 para. 1 GDPR and it is not defined yet if the authorized reasons of the party responsible outweigh your reasons.
If the processing of the person-related data which refer to you had been limited so these data – apart from the storage – are only processed with your consent or for the enforcement, execution or defence of legal claims or for the protection of the rights of another natural or legal person or due to an important public interest of the Union or a member state.
If the limitation of the processing had been limited by the preconditions mentioned above so you will be informed by the party responsible before the limitation is annuled.
4. Right to deletion
a. Obligation of deletion
You can require from the party responsible that the person-related data which refer to you are deleted immediately and the party responsible is obligated to delete these data immediately as long as one of the following reasons applies:
- (1) The person-related data which refer to you are not necessary anymore for the purpose for which they had been collected or processed in any other way.
- (2) You cancel your consent where the processing belongs to according to Art. 6 para. 1 a or Art. 9 para. 2 a GDPR and any other legal basis is missing for the processing.
- (3) You disagree the processing due to Art. 21 para. 1 GDPR and any prior authorized reasons do not exist for the processing or you disagree the processing due to Art. 21 para. 2 GDPR.
- (4) The person-related data which refer to you had been processed illegally.
- (5) The deletion of the person-related data which refer to you is necessary to fulfill a legal obligation by the Union right or the right of the member states which the party responsible is subject to.
- (6) The person-related data which refer to you had been collected in reference to offered services of the information community due to Art. 8 para. 1 GDPR.
b. Information to third party
If the party responsible has published the person-related data which refer to you and if it is obligated to delete these due to Art. 17 para. 1 GDPR so it defines suitable measures in consideration of the available technology and the implemenation costs, also in technological way, in order to inform persons which are responsible for the data processing and the processing of the person-related data about the fact that you as particular person has required by you the deletion of all links to these person-related data or of copies or replications of these person-related data.
c. Exceptions
The right to deletion does not exist as long as the processing is necessary
- (1) for the execution of the right of the freedom of expression and information;
- (2) for the fulfillment of a legal obligation which the processing requires by the right of the Union or the member states which the party responsible is subject to or for the taking of a task which is in the public interest or in execution of the public force which had been transferred to the party responsible;
- (3) due to reasons of the public interest in the scope of the public health due to Art. 9 para. 2 h and i as well as Art. 9 para. 3 GSPR;
- (4) for archive purposes which are in the public interest, scientific or historical research purposes or for statistic purposes due to Art. 89 para. 1 GDPR as long as the right named under paragraph a) disables the fulfillment of the objectives of this processing probably or damages seriously or
- (5) for the enforcement, execution or defence of legal claims.
5. Right to disclosure
If you announced the right to correction, deletion or limitation of the processing against the party responsible so this is obligated to disclose this correction or deletion of the data or the limitation of the processing all recipients whom the person-related data which refer to you had been externalized unless this is not possible or is connected with a disproportional effort.
You have the right against the party responsible to get disclosure about these recipients.
6. Right to data assignability
You have the right to receive the person-related data which refer to you and which you have provided to the party responsible in a structured, common and machine-readable format. Besides you have the right to transfer these data to another party responsible without obstruction by the party responsible which the person-related data had been provided as long as
- (1) the processing bases on a consent due to Art. 6 para. 1 a GDPR or Art. 9 para. 2 a GDPR or on a contract due to Art. 6 para. 1 b GDPR and
- (2) the processing takes place with the help of automated procedures.
At execution of this right, you also have the right to obtain that the person-related data which refer to you are directly transferred from a party responsible to another party responsible as long as this is technologically possible. It is not allowed to damage liberties and rights of other persons hereby.
The right to data assignability is not valid for the processing of person-related data which is necessary for the keeping of a task which is in the public interest or takes place in execution of the public force which had been transferred to the party responsible.
7. Right to opposition
You have the right to announce opposition due to reasons which result from you special situation at each time against the processing of the person-related data which refer to you which takes place due to the Art. 6 para. 1 e or f GDPR; this is also valid for a profiling which is aided by these definitions.
The party responsible do not process the person-related data which refer to you anymore unless it can prove compulsory protection-worth reasons for the processing which outweigh your interests, rights and liberties or the processing serves for the enforcement, execution or defence of legal claims.
If the person-related data wich refer to you are processed to provide direct marketing so you have the right to announce opposition at each time against the processing of the person-related data which refer to you for the purpose of such marketing; this is also valid for the profiling as long as it is connected with such a direct marketing.
If you disagree the processing for purposes of the direct marketing so the person-related data which refer to you are not processed for these purposes anymore.
You have the possibility to execute your right to opposition via automated procedures where technical specifications were used in the context of the use of services of the information community – in the face of the regulation 2002/58/EG.
8. Right to cancellation of the consent statement due to data privacy law
You have the right to cancel your consent statement due to the data privacy law at each time. The legality of the processing which had been taken place due to the consent until the cancellation is not touched.
9. Automated decision in the single case including profiling
You have the right not to be subject to a decision which bases on an automated processing – including profiling – which offers a legal effect against you or which damages you in a similar way enormously. This is not valid if the decision
- (1) is necessary for the conclusion or the fulfillment of a contract between you and the party responsible,
- (2) is valid due to right regulations of the Union or the member states whom the party responsible is subject to and these right regulations contain suitable measures to keep your rights and liberties as well as your authorized interests or
- (3) takes place with your explicit consent.
But these decisions may not base on special categories of person-related data by Art. 9 para. 1 GDPR as long as Art. 9 Abs. 2 a or g GDPR is not valid and suitable measures to protect the rights and liberties as well as your authorized interests had been made.
The party responsible defines suitable measures according to the cases named in (1) and (3) in order to keep the rights and liberties as well as your authorized interests what for at least the right belongs to obtain the access of a person on the side of the party responsible, to statement of the own point of view and to appeal against the decision.
10. Right to complaint at a controlling institution
Regardless of another appeal due to administrative law or due to court, you have the right to complaint at a controlling institution especially in the member state of your residence, your workplace or the place of the alleged violation if you have the point of view that the processing of the person-related data which refer to you violates the GDPR.
The controlling institution which received the complaint informs the complainant about the status and the results of the complaint including the possibility of a judicial appeal by Art. 78 GDPR.
B. Data privacy statement for the use of Google Analytics
I. Description and extent of the data processing
This homepage uses functions of the web analysis service Google Analytics. Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, is the offerer.
Google Analytics uses so called "Cookies". These are text files which are saved on your computer and which allow an analysis of the use of the homepage by you. The information about your use of this homepage created by the Cookie are regularly transferred to a server of Google in the USA and saved there.
You will find more information about the handling with user data at Google Analytics in the data privacy statement of Google: https://support.google.com/analytics/answer/6004245?hl=de
Google is certified under the Privacy-Shield-Agreement and is obligated to keep the European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use the collected information in our order to analyze the use of our online offer by the user. Herewith reports are arranged about the activities within our online offer whereby pseudonymous using profiles of the user can be created from the processed data. We concluded a contract for the order data processing due to this use and also implement the defaults of the German data protection institution completely when using Google Analytics.
We just use Google Analytics with active IP-anonymization. That means the IP-address of the user is reduced by Google within the member states of the European Union or in other contract states of the agreement via the European economic region. The full IP-address is only transferred to a server of Google in the USA in exceptional cases and reduced there.
The IP-address transferred form the browser of the user is not merged with other data of Google.
II. Legal basis for the data processing
We implement Google Analytics, a web analysis service of the Google LLC („Google“), on the basis of our authorized interests (which means interests of the analysis, optimization and economic operation of our online offer due to Art. 6 para. 1f. GDPR).
III. Purpose of the data processing
The processing of the person-related data of the users enables an analysis of the surf behaviour of our users. We are able due to the collected data to arrange information about the use of the single components of our homepage. This helps us to improve our homepage and its user-friendliness permanently. Our authorized interest is also in the processing of the data in these purposes due to Art. 6 para. 1f. GDPR. The interest of the user according to the protection of person-related data is protected by the anonymization of the IP-address so far.
IV. Period of the storage
The person-related data of the users are deleted after 14 months.
V. Possibility of opposition and clearance
You can avoid the registration of your data by Google Analytics by clicking on the following link. An Opt-Out-Cookie is set which avoids the registration of your data at future visits of this homepage: Disable Google Analytics
VI. Browser Plugin
You can avoid the storage of the Cookies by a particular setting of your browser software, but we give the advise that you can not use all functions of this homepage completely in this case. Beyond this, you can avoid the registration of the data which are created by the Cookie and relate to the use of the homepage (incl. your IP-address) to Google as well as the processing of these data by Google by downloading and installing the browser plugin which is available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en
You will find further information about the data use by Google as well as setting and opposition possibilities in the data privacy statement of Google (https://policies.google.com/technologies/ads?hl=en) as well as in the settings for the picturing of advertisement fadings by Google (https://adssettings.google.com/authenticated?hl=en).