§ 1 Information concerning the collection of personal data
(1) The following provides information about the collection of personal data during the use of our website. Personal data are all data that are related to you personally, such as your name, address, e-mail addresses, and user behavior.
(2) The controller pursuant to Article 4, Paragraph 7 of the EU General Data Protection Regulation (GDPR) is
DR. JOHANNES HEIDENHAIN GmbH
Dr.-Johannes-Heidenhain-Straße 5
83301 Traunreut, Germany
Tel.: +49 8669 31-0
E-mail: info@heidenhain.de (see our legal details at: https://www.heidenhain.com/legal-details).
You can contact our data protection officer at:
DR. JOHANNES HEIDENHAIN GmbH
Data Protection Officer
Dr.-Johannes-Heidenhain-Straße 5
83301 Traunreut, Germany
datenschutz@heidenhain.de
The rights of data subjects are set forth in “§ 2 Your rights.”
(3) When you contact us by e-mail or via a contact form, the information you provide (your e-mail address, as well as your name and telephone number if applicable) will be stored by us in order to answer your questions. The contact form is an extra service that we provide in order for you to contact us quickly and easily (legal basis is Article 6, Paragraph 1, Letter f, of the GDPR). We delete the data arising in connection with this once their storage is no longer required, or we limit their processing if statutory retention requirements apply.
(4) If we rely on contracted service providers for individual functions of our offerings, or if we wish to use your data for advertising purposes, we will notify you about these processes in detail below. We will also set forth the defined storage duration criteria.
§ 2 Your rights
(1) You have the following rights vis-à-vis ourselves with regard to the personal data concerning you:
• right of access pursuant to Article 15 of the GDPR,
• right to rectification pursuant to Article 16 of the GDPR,
• right to erasure pursuant to Article 17 of the GDPR,
• right to restriction of processing pursuant to Article 18 of the GDPR,
• right to portability pursuant to Article 20 of the GDPR, and
• right to object to data processing pursuant to Article 21 of the GDPR.
(2) Please submit any queries regarding your rights as a data subject using the contact information provided in § 1.
(3) You also have the right to submit a complaint to a data protection supervisory authority regarding our processing of your personal data. The data protection supervisory authority responsible for us is:
Bayerisches Landesamt für Datenschutzaufsicht
(Bavarian State Office for Data Protection Oversight)
Promenade 27
91522 Ansbach, Germany
§ 3 Collection of personal data when visiting our website
(1) If you use the website for informational purposes only (i.e., you are not registering or otherwise transferring information to us, then we collect only the personal data that your browser transfers to our server. If you wish to view our website, then we collect the following technical data needed in order to display our website to you and ensure stability and security (the legal basis is Article 6, Paragraph 1, Sentence 1, Letter f, of the GDPR):
• IP address,
• date and time of the query,
• time zone difference relative to Greenwich Mean Time (GMT),
• content of the query (specific site),
• access status/HTTP status code,
• data volume transmitted in each case,
• website from which the request originates,
• browser,
• operating system and its user interface, and
• language and version of the browser software.
(2) In addition to the abovementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using. Through cookies, certain types of information flow to the entity that places them (in this case, us). Cookies cannot execute programs or transfer viruses to your computer. Their purpose is to make the Internet service overall more user-friendly and more effective.
(3) Use of cookies:
a) This website uses the following types of cookies, whose scope and principle of operation is explained below:
• transient cookies (see b),
• persistent cookies (see c).
b) Transient cookies are automatically deleted when you close the browser. Among them, in particular, are the session cookies. Session cookies store what is known as a session ID, with which different queries from your browser can be assigned to the joint session, enabling your computer to be recognized when you return to our website. This is done, for example, in order to prevent you from needing to reregister every time you change pages. Session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified time, which can vary depending on the cookie. How long a cookie remains on your device depends on the duration or expiration date of the respective cookie, and on your browser’s settings. You can delete the cookies in your browser’s security settings at any time.
By means of these cookies, the website recalls your information and settings the next time you visit it. This makes it faster and easier for you to access the website, because you do not need to reset the desired language, for example.
d) You can configure your browser settings as you wish and, for example, refuse to accept third-party cookies or any cookies at all. In this case, you might not be able to use all of this website’s functions.
§ 4 Additional functions and offerings of our website
(1) Along with the purely informational use of our website, we offer various services that you can use based on interest. To do this, you will generally need to provide other personal data, which we will use in order to provide the respective service and to which the abovementioned data processing principles will apply.
(2) Furthermore, we may disclose your personal data to third parties if we offer sales campaigns, sweepstakes, contracts, or similar services in cooperation with partners. More information about this is provided when you enter your personal data or is provided below in the description of the offering. The respective service may include advertising campaigns in which you can voluntarily participate with your consent.
§ 5 Recipients or categories of recipients
(1) As a part of our activities and services, we may need to share the personal data we have stored about you with natural persons, legal persons, or other entities. If relevant, we conclude order processing contracts with our service providers such that they are permitted to process your personal data solely in a manner that accords with our explicit instructions. Furthermore, we ensure that they have taken the necessary technical and organizational measures for the secure processing of your data, and we will keep your personal data only as long as they are actually needed. External service providers that may receive personal data generally fall within the following categories of recipients:
- Financial institutions and providers of payment services for invoicing and payment processing (online payment service providers)
- Package shippers
- IT service providers for maintaining our IT infrastructure
- Cloud providers
- Service providers for optimizing our online offerings
- Debt collection service providers and lawyers for the collection of debts and the legal enforcement of claims. If, in the event of debt collection, your personal data (customer data, contact data, payment data, consumption point data, and data concerning the debt) are transferred to a debt collection service provider, then we will notify you about the intended data transfer in advance.
(2) If data are processed in countries outside of the EU, then we will ensure that your personal data are processed in compliance with the data protection level of the European Union. In the absence of a decision by the EU Commission on this matter, we will transfer data solely to service providers from third countries that provide appropriate safeguards pursuant to Article 46 of the GDPR (generally, EU standard contractual clauses).
§ 6 Job applications
(1) In our "Careers" area, you can apply for posted positions directly online or submit an unsolicited application. As part of the online application, we collect the information necessary for the application process at DR. JOHANNES HEIDENHAIN GmbH.
(2) If you apply for a position, you will be asked to submit certain types of person data (including your name, address, and e-mail address). We will also ask questions related to the position. It is also required that you list your previous employment experience when applying to our company.
(3) We will treat the information that you provide to us confidentially and relay it only to those persons directly involved with the specific job application. No information will be relayed to any third parties without your express consent. If you do not wish to maintain your online application, you can withdraw it in writing at any time. Your data will automatically be deleted after one year at the latest, unless you have been hired by that time or an agreement to store your data beyond that time has been reached. The legal basis for this is Article 88 of the GDPR in conjunction with Section 26 of the German Federal Data Protection Act (BDSG) and Article 6, Paragraph 1 of the GDPR for the performance of a contract or in order to take steps prior to entering into a contract. The data will generally be deleted after six months if there is no legal requirement to retain it and there are no overriding legally protected interests.
(4) If we are unable to offer you a suitable position at this time, but we believe it is possible that your application might be of interest to us or one of our companies at a later time, then we will gladly offer to save your application for a longer period. The legal basis for this is your consent in accordance with Article 6, Paragraph 1, Sentence 1, Letter a, of the GDPR. We will request your consent in a separate e-mail or by mail. You may object to this future storage at any time, resulting in your data being immediately and irrevocably deleted.
§ 7 Objection to or revocation of the processing of your data
(1) If you have given consent to the processing of your personal data, then you may revoke this consent at any time. This revocation affects the permissibility of the processing of your personal data after you have notified us of the revocation.
(2) Insofar as we base the processing of your personal data on the balance of interests, you can file an objection against the processing. This is particularly the case if the processing is not necessary for the fulfillment of a contract with you, as is detailed in the following respective descriptions of the functions. If you file such an objection, we ask you to tell us the reason why we should no longer process your personal data in the manner implemented by us. In the event of a reasonable objection, we will examine the situation and either stop or adapt the data processing, or we will notify you of our compelling, protection-worthy reasons for continuing with the data processing.
(3) You can, of course, object to the processing of your personal data for direct advertising purposes and data analysis at any time.
Please send your objection to the contact information in § 1, providing your name, address, and, if available, your customer number.
§ 8 Newsletters
(1) Our newsletters “Klartext News,” “TNC Club,” “TNC Update,” and “Service News” inform you about interesting news regarding TNC controls, as well as about other products and services. Depending on the newsletter, regular features include up-to-date information about training courses and events at the HEIDENHAIN training center. Registration is performed through the respective registration form, at the end of which you must confirm your consent to the use of the entered data.
(2) Depending on the specific newsletter, we use the “double opt-in” procedure for registration. This means that after you have registered, we will send you an e-mail to the address you have provided. In this e-mail, we will ask you to confirm that you wish to receive the newsletter. In addition, we will store your IP addresses and the times of registration and confirmation. The purpose of this procedure is to verify your registration and, if necessary, to notify you regarding possible misuse of your personal data.
(3) After your confirmation we will save your provided data for the purpose of sending the newsletter. The legal basis for this is Article 6, Paragraph 1, Sentence 1, Letter a, of the GDPR.
(4) You can revoke your consent to receiving the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking the link included in each e‑mailed newsletter or by using the e-mail address stated in the specific newsletter.
§ 9 The Klartext magazine
(1) The (biannual) Klartext magazine provides you with product information, technical information, and service offerings from HEIDENHAIN. It will be sent to you by mail once you have been added to the distribution list.
(2) Registration is performed through a registration form, at the end of which you must confirm your consent to the use of the entered data. We will store and process your provided data for the purpose of sending you the magazine. The legal basis for this is Article 6, Paragraph 1, Sentence 1, Letter a, of the GDPR.
(3) You can revoke your consent to receiving the magazine at any time and thereby unsubscribe from it. You can revoke your consent by sending an e-mail to (klartext@heidenhain.de).
(4) The Klartext app is used solely for visually displaying the magazine. No personal data are transferred when the Klartext app is used.
§ 10 Use of our “HESIS” portal
(1) The application for access must be submitted in writing (by mail). You will also receive your user name and password by mail. If you want to use our portal, you must log in by entering your user name and password.
(2) If you use our portal, we will process your data required for the fulfillment of the contract until you fully delete your account. We will also store the voluntary data you provided while using the portal, unless you delete these data. The legal basis is Article 6, Paragraph 1, Sentence 1, Letter f, of the GDPR. Other portal participants have no access to your data.
(3) For more information, please see the “Terms of Use” when you register: https://www.heidenhain.com/terms-of-use
§ 11 Membership in the “TNC Club”
(1) In order to become a member of the TNC Club, you must register as a representative of your company. You must provide any data marked by an asterisk (*); all further information may be provided voluntarily.
(2) We will process your data required for the fulfillment of the contract, including information about payment methods for premium membership, until you finally delete your membership, or we will limit the processing if statutory retention requirements apply. We will also store the voluntary data provided by you for the duration of your membership, unless you delete the data yourself. The legal basis is Article 6, Paragraph 1, Sentence 1, Letter f, of the GDPR.
(3) For more information, refer to the “Conditions of Participation” of the TNC Club belonging to DR. JOHANNES HEIDENHAIN GmbH: https://www.tnc-club.co.uk/en/membership/participation-conditions/.
§ 12 Flowplayer
(1) Flowplayer is the provider of a streaming service for playing videos in Flash Video (FLV) format, allowing you to integrate video clips into HTML websites and play them.
(2) No cookies are required, nor are personal data collected. During use of the website, only the IP address is logged for validation and identification of the country of origin in order to prevent misuse. The legal basis for this is our legitimate interest in protection from misuse in accordance with Article 6, Paragraph 1, Sentence 1, Letter f, of the GDPR.
(3) The ad plugin uses Google IMA3 HTML SDK, which also deploys technical cookies. However, these technical cookies are used out of technical necessity pursuant to Paragraph 2 and not for the collection of personal data.
(4) Address of Flowplayer: Flowplayer AB, 29, 5th FI, Stockholm, 111 53, Sweden
https://flowplayer.com/faq
https://flowplayer.com/privacy-policy
https://flowplayer.com/developers/plugins/ads#macros
§ 13 Other possibilities for interaction
(1) Interested parties may also contact us through various forms covering the following areas: customer service, queries about products and advisory services, the press, and general information. We collect the following data for the purpose of processing your query: name, address, country, company information, telephone number, e-mail address, and other data that may be relevant for processing your query on an individual basis.
(2) The information you provide when contacting us is processed for the purpose of handling your query and any follow-up questions. The legal basis for this is Article 6, Paragraph 1, Letter f, of the GDPR. The personal data collected by us in this context will be deleted when your reason for contacting us has been fully resolved, and when it is unlikely that this specific instance of contacting us will become relevant again in the future, unless there are any conflicting statutory retention requirements.
§ 14 Use of Google Analytics
(1) This website uses Google Analytics, a web analytics service of Google LLC. The provider responsible for this service within the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
(2) We use Google Analytics in order to allow Google to analyze the usage of our website for the purpose of continually improving it. Based on the collected statistics, we can improve our offerings, design them to be more attractive to users, and increase the success of our marketing campaigns. Your usage data are logged for this purpose, including: your IP address, the pages you have accessed (click path), and conversions (e.g., newsletter registrations or downloads, clicks, visit duration, region, or technical information about your browser). Google Analytics uses cookies, which are text files stored on your computer that enable the analysis of your usage of the website. The information generated by the cookie through your visit to the website is usually transferred to a Google server in the U.S. and stored there.
(3) The legal basis for this data processing is, pursuant to Article 6, Paragraph 1, Sentence 1, Letter a, of the GDPR, your consent granted though the cookie banner. You may revoke your consent for the future at any time by opening and changing your cookie settings. You can configure your browser software to prevent it from storing cookies, but you may then not be able to use all of the functions of this website. You can also prevent the collection of the data generated by the cookie that is related to your visit to the website (including your IP address) as well as the processing of these data by Google by not granting consent to the placement of the cookie or by downloading and installing the browser plug-in available at this link: https://tools.google.com/dlpage/gaoptout?hl=en.
(4) The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a data processor. For this purpose, we have concluded an order processing contract that includes the EU standard data protection clauses with Google. Google LLC, headquartered in California, United States. If applicable, U.S. authorities can access the data stored at Google.
(5) This website uses Google Analytics with the extension “anonymizeIp”. This means that truncated IP addresses are used for further processing, making it impossible for us to trace them to an individual. Only in exceptional cases will the full IP address be sent to a Google server in the U.S. and then truncated there. The IP address transferred by your browser to Google Analytics will not be combined with other data collected by Google.
(6) You can obtain further information from: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of Use: http://www.google.com/analytics/terms/us.html, Overview of Data Privacy: https://support.google.com/analytics/answer/6004245?hl=en, Declaration of Data Protection: https://policies.google.com/privacy?hl=en.
§ 15 Google Tag Manager
(1) We use Tag Manager from Google for the centralized configuration and administration of data collection. With the help of this tool, we organize the scripts used on our page and check when they are executed. As a cookie-less domain that does not collect personal data, Google Tag Manager triggers other tags that collect data under certain circumstances. These data are passed on but not stored. If the user deactivates tracking at the cookie level, then this deactivation remains valid for all tracking tags that are implemented with Google Tag Manager.
(2) Our legitimate interest is our economic business and the user friendliness of our website, and is based on Article 6, Paragraph 1, Letter f, of the GDPR. Google offers more information about data protection with Tag Manager at: https://support.google.com/tagmanager/answer/9323295?hl=en&ref_topic=3441532, https://support.google.com/tagmanager/answer/6102821?hl=en, https://support.google.com/tagmanager/answer/7207086?hl=en.
§ 16 Google Data Studio
(1) Google Data Studio is a free tool for creating reports from different data sources. Google Data Studio can access data collected by Google products, such as Google Analytics or Google Ads (“Google Connectors”). For more information about Google Connectors, please refer to Google’s Privacy Policy.
(2) The purpose of the tool for online marketing is clear visualization of the processed data in the form of a report (Article 6, Paragraph 1, Letter b, of the GDPR).
(3) Use of third-party providers: Along with Google Connectors, Google Data Studio can also use an API database programmed with Google Apps Script that passes on data of third-party providers for processing in Google Data Studio.
(4) Google Data Studio belongs to Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
https://marketingplatform.google.com/about/
https://marketingplatform.google.com/intl/en/about/data-studio/
https://policies.google.com/privacy?hl=en
§ 17 Cookiebot
(1) We have embedded the cookie consent tool “Cookiebot” to allow you to decide about the cookies used. Cookiebot is a product of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark; it shows you a list of cookies grouped according to function, and it explains the purposes of these groups as well as of the individual cookies and their storage time.
(2) With Cookiebot we inform our users about the cookies used on the website, thus enabling users to decide which cookies should be used. If a user gives his consent for cookies to be used, then the following data are logged: anonymized IP number of the user; date and time of consent; user agent of the end user's browser; URL of the provider; an anonymous, random, and encrypted key, and the permitted cookies of the user (cookie status) serving as a proof of consent. The encrypted key and the cookie status are stored on the user’s device by means of a cookie in order to restore the corresponding cookie status when the pages are opened in the future. The user can prevent or stop the installation of the cookie along with its storage and thus the user's cookie consent at any time in his browser's settings. This cookie is deleted automatically after twelve months.
(3) The legal basis for this is Article 6, Paragraph 1, Letters f and c, of the GDPR. Our legitimate interest is the user friendliness of our website and the fulfillment of the legal requirements of the GDPR. Cybot offers more information about data protection at: https://www.cookiebot.com/en/privacy-policy/.
§ 18 Google Analytics Remarketing
(1) Our website uses the features of Google Analytics Remarketing combined with the cross-device capabilities of Google AdWords and Google DoubleClick. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
(2) This functionality makes it possible to link target audiences created with Google Analytics Remarketing to the cross-device capabilities of Google AdWords and Google DoubleClick. This allows personalized, interest-focused advertising that has been tailored to you based on your previous usage and surfing behavior on one device (e.g., a cell phone) to also be displayed on another one of your devices (e.g., tablet or PC). To support this feature, Google Analytics collects Google-authenticated IDs of users who are temporarily linked to our Google Analytics data to define and create target audiences for cross-device advertising.
(3) Pursuant to Article 6, Paragraph 1, Sentence 1, Letter a, of the GDPR, the legal basis for this data processing is your consent that you granted through the cookie banner. You may revoke your consent for the future at any time by opening and changing your cookie settings. You can configure your browser software to prevent it from storing cookies, but you may then not be able to use all of the functions of this website. You can also prevent Google’s collection of the cookie-generated data related to your visit to the website (including your IP address), as well as the processing of these data by Google, by either withholding your consent to having the cookie placed or by permanently opting out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account; to do so, follow this link: https://www.google.com/settings/ads/onweb/.
(4) The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a data processor. For this purpose, we have concluded an order processing contract that includes the EU standard data protection clauses with Google. Google LLC, headquartered in California, United States. If applicable, U.S. authorities can access the data stored at Google.
(5) For more information and the data privacy regulations, see the Google Privacy Policy: https://www.google.com/policies/technologies/ads/.
§ 19 Google Ads
(1) Google Ads is an advertising platform from Google LLC, where advertisers can place advertisements that are based primarily on the search results obtained during the use of the advertiser's own services.
(2) Google Ads uses personal data for the personalization of advertisements and cookies, as well as for personalized and non-personalized advertising. In addition, locally stored tags are acquired.
(3) The purpose of data collection and processing is personalized advertising tailored to the customer. The legal basis for this is your consent in accordance with Article 6, Paragraph 1, Letter a, of the GDPR.
(4) Google Ads belongs to Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
https://support.google.com/google-ads/answer/9028179
https://policies.google.com/technologies/partner-sites?hl=en
https://www.google.com/intl/en-GB/about/company/user-consent-policy-help/
https://policies.google.com/privacy?hl=en
§ 20 Google reCAPTCHA
(1) We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
(2) The purpose of reCAPTCHA is to determine whether data entered on our websites (e.g., information entered into a contact form) is being provided by a human or by an automated program. To determine this, reCAPTCHA analyzes the behavior of website visitors based on a variety of parameters. This analysis begins automatically as soon as a website visitor enters the site. For this analysis, reCAPTCHA evaluates a variety of data (e.g., IP address, the visit duration of the visitor on the website, or cursor movements executed by the user). The data tracked during such analyses are forwarded to Google. The reCAPTCHA analyses run entirely in the background. Website visitors are not alerted that an analysis is underway.
(3) This data processing is performed on the basis of your consent that you grant when opening the contact form through the cookie banner, in accordance with Article 6, Paragraph 1, Letter a, of the GDPR.
(4) Within the scope of use of reCAPTCHA, data may be sent to Google. For this purpose, we have concluded an order processing contract and the EU standard data protection clauses with Google. Google LLC, domiciled in California, United States, and, if applicable, U.S. authorities can access the data stored at Google. For more information about Google reCAPTCHA and the Google privacy policy, visit the following links: www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.
§ 21 Matomo
(1) We use the web analytics platform Matomo to analyze the use of our website and to understand what interests our website user. With the statistics obtained, we can improve our offer and make it more interesting for you as a user.
(2) Cookies are stored on your computer for this analysis. You can adjust the evaluation by deleting existing cookies and preventing the storage of cookies. The legal basis for this data processing is according to Art.6 para.1 sentence 1 lit. a) GDPR your consent, which we have obtained via the cookie banner. You can withdraw your consent at any time with effect for the future by calling up the cookie settings and changing your selection there.
(3) This website uses Matomo with the extension "AnonymizeIP". This means that IP addresses are processed in a shortened form, a direct personal reference can be excluded. The IP address transmitted by your browser via Matomo is not merged with other data collected by us.
(4) The program Matomo is an open source project. Further information about data protection at Matomo can be found under http://Matomo.org/privacy/policy.
§ 22 Online presence on social media sites and portals
(1) We maintain an online presence on the social networks and platforms stated below (e.g., employer evaluation portals). These social networks are operated solely by the respective provider. This online presence serves to facilitate communication with customers, potential customers, and users, and serves advertising and market research purposes. If you contact us through our social media channels, then we will process the data that you make available to us, as well as the data that are required in order to process the query (Article 6, Paragraph 1, Letter b, of the GDPR). The processing of further data is performed in accordance with Article 6, Paragraph 1, Letter f, of the GDPR based on a legitimate interest in direct communication with users and in the optimization of the design of our online presence. If you grant your consent to the operators of the respective social media platforms (e.g., via an opt-in checkbox), then processing will be performed in accordance with Article 6, Paragraph 1, Letter a, of the GDPR. At any time, you can withdraw your consent from the provider of the respective platform with future effect.
(2) When you open our social media pages, your user data will be recorded and provided to us by the provider. The exact types of data differ from provider to provider but usually encompass the following information:
- Followers: Number of followers and stored profiles; information about increases and progress over a defined period.
- Reach: Number of persons who see a specific post; number of interactions for a post. Based on this information, it can be determined which content is more popular in the community than other content.
- Ad performance: How many people were reached by a post or a paid ad, and how many have interacted with it?
- Demographics: Average age of the visitor, as well as gender, place of residence, language.
(3) Because our social media channels are operated by the providers of the respective social networks, these providers may potentially use your personal data. We have no influence over this usage. This often involves the recording of your IP address, the creation of statistical evaluations, and the processing of further information that is stored in the form of cookies. These data are also often used to show you interest-related advertisements both on and outside of the platform. As a profile operator, we have no influence on advertisement generation or appearance and can neither deactivate this function nor prevent this processing of data.
(4) The assertion of rights of data subjects and the request of information can most effectively be made directly with the providers of the platforms because they alone have access to your data and can take immediate action. If our cooperation is required for this, then we will support you as needed in enforcing your rights as a data subject.
(5) The providers of the networks we use are listed below. If data processing is performed outside of the EU, we have taken the necessary measures to maintain the level of data protection (generally through conclusion of the EU standard data protection clauses). For more information about the terms of use and data protection of the respective platforms, as well as detailed information regarding further data processing and the respective possibilities for objection, refer to the pages of the providers at:
LinkedIn (LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland). Privacy policy: https://www.linkedin.com/legal/privacy-policy. Opt-out link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Xing (New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany): https://privacy.xing.com/en/privacy-policy.
YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland): https://policies.google.com/privacy?hl=en-US.
Instagram (Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA): http://instagram.com/legal/privacy/.
Industryarena (IndustryArena GmbH, Katzbergstraße 3, 40764 Langenfeld, Germany): https://en.industryarena.com/privacy.
(1) Industryarena is a social media platform where company profiles can be created and blog entries can be written and uploaded. There is also a forum on Industryarena where users can have discussions.
(2) If you register on Industryarena, then server log data are collected and stored for technical reasons. The legal basis for this is Article 6, Paragraph 1, Letter f, of the GDPR.
(3) Industryarena sends data to IndustryArena LLC, domiciled in the U.S. Because the U.S. is a third country, we have agreed to standard contractual clauses with Industryarena in order to be able to ensure adequate protection of your data. Industryarena is under the responsibility of IndustryArena GmbH, Katzbergstraße 3, 40764 Langenfeld, Germany: https://en.industryarena.com/privacy.
§ 23 Webinars
(1) The data that you share with us when registering for a webinar (surname, first name, and e-mail address) are processed by us for the purpose of holding the respective webinar. The legal basis for this is Article 6, Paragraph 1, Sentence 1, Letter b, of the GDPR.
(2) For organizing and holding the webinar, we use the Webex platform (Cisco), which acts as a data processor for us. You can find the privacy statement of the platform at: https://www.cisco.com/c/en/us/about/legal/privacy-full.html
(3) We store your personal data for as long as a contractual relationship with you exists, for as long as we have a legitimate interest in continued storage and usage, or for as long as we are legally required to do so. We normally delete the collected data from out databases after the webinar has been held.
§ 24 T1P
(1) For shortening URLs, we use the URL shortener service “t1p.de” from the company okua GmbH, Eisenstuckstraße 43, 01069 Dresden. The legal basis for this is our legitimate interests in the optimization of our online communication in accordance with Article 6, Paragraph 1, Sentence 1, Letter f, of the GDPR.
(2) As soon as you click on the t1p.de link published by us, your data will be collected and processed by t1p.de. For details about this data processing, please refer to the privacy policy of t1p.de. You can find this at the following link (only in German): https://t1p.de/datenschutzerklaerung
§ 25 Yumpu
(1) Yumpu is a service provider through whom any PDF files can be converted into e-papers and integrated into one’s own blogs or other internet sites. The purpose of this service is the improvement, stability, and functionality of the website. The legal basis for this is Article 6, Paragraph 1, Letter f, of the GDPR.
(2) The data are recorded when you register for, subscribe to, or interact in any other way with the service of Yumpu, such as via social media, the request for information or support, the providing of feedback, the posting of comments regarding blogs or articles, posting in support forums, reading publications, participating in surveys, or using a contact form. The use of the data will be limited to the scope of the purpose.
(3) Your data will be collected and stored in so-called server log files that your browser sends automatically. They will be stored for up to one month and then deleted. This regards the browser type, the browser version, the operating system used, URL referrers, the hostname of the accessing computer, the time of the server request, and the IP address.
(4) The recipient of the data is i-magazine AG, domiciled in Gewerbestraße 3, 9444 Diepoldsau, Switzerland, which is active as the processor. For Switzerland there exists an adequacy decision adopted by the European Commission in accordance with Article 45, Paragraph 1, and Paragraph 3, of the GDPR. The data are transmitted to the server in Ireland (EU). The data may also be processed outside of the European Economic Area (EEA). In this case, in accordance with Yumpu, suitable measures are taken to protect your personal data. You can find the privacy policy of the platform at: https://www.yumpu.com/en/info/privacy_policy.
§ 26 Customer relationship management tool
(1) Your data will be stored at our customer relationship management tool, “Pipedrive”, from the provider Pipedrive OÜ, Paldiski mnt 80, Tallinn 10617, Estonia. When you contact us by e-mail, we will use a tracking pixel that tells us whether the recipient has opened the message and whether links have been clicked. The legal basis for this is our legitimate interest in measuring the success of our online communication in accordance with Article 6, Paragraph 1, Sentence 1, Letter f, of the GDPR. Your data will be deleted when the purpose of storage has ceased to apply and there are no other conflicting legal obligations to retain it. Further information on data processing by Pipedrive can be found at: https://www.pipedrive.com/en/privacy and https://support.pipedrive.com/en/article/email-tracking#C1IamCs.
§ 27 Data privacy notice for prize drawings and promotions
DR. JOHANNES HEIDENHAIN GmbH occasionally hosts prize drawings and promotions in which customers and potential customers can participate. In the following, we would like to notify you about the processing of your personal data in conjunction with these prize drawings and promotions pursuant to Article 13 of the GDPR.
(1) If you participate in a prize drawing or a promotion, we will process the data and information that you provide in the registration form. These data include those that are required for participation, such as your
- first name and last name,
- e-mail address
and data and other information voluntarily provided by you as part of participation.
(2) Your personal data are processed for the purpose of conducting the prize drawing or the promotion, particularly for determining and notifying the winner. Additional data, such as your mailing address, may be collected and processed for the purpose of shipping and delivering the prizes.
(3) The legal basis for this processing is the performance of a contractual relationship existing due to participation in the prize drawing (Article 6, Section 1, Sentence 1, Letter b, of the GDPR).
(4) You may object to the processing of your data at any time. To do so, send a message to datenschutz@heidenhain.de. In the case of an objection, we would like to emphasize that continued participation in the prize drawing or the promotion will be excluded.
(5) The processed data will be deleted after the completion or expiration of the prize drawing or the promotion and the handing over of the prize. If, during registration, the participant consented to receiving information about products and services of DR. JOHANNES HEIDENHAIN GmbH, then the data encompassed by this consent and other information will be processed in accordance with statutory regulations.
If personal data from you is processed, then you are a data subject as defined by the GDPR, and you are entitled to the listed rights of data subjects vis-à-vis ourselves as the controller.