Data Privacy Statement
1. Introduction
With the following information, we would like to give you as a “data subject” (person concerned by data processing) an overview of the processing of your personal data by us and your rights under data protection law. Generally, our web pages can be used without entering any personal data. However, if you wish to use specific services of our company via our website, the processing of personal data may be necessary. If the processing of personal data is necessary and there is no legal basement for such a processing, we generally request your consent.
The processing of personal data, e.g. your name, address or email address, always takes place in accordance with the EU General Data Protection Regulation (GDPR) and with the country-specific data protection regulations applicable to “Tele-Kabel-Ingenieurgesellschaft mbH”. With this Data Privacy Statement, we would like to inform you about the scope and purpose of the personal data collected, used and processed by us.
We, as the “controllers” (persons responsible for the data processing), have implemented numerous technical and organizational measures to ensure complete protection of the personal data processed via this website as much as possible. However, Internet-based data transmission may always involve security gaps so that absolute protection cannot be guaranteed. For this reason, you are free to communicate personal data to us by alternative means, e.g. by telephone or mail.
2. Controller
The controller within the meaning of the GDPR is:
Tele-Kabel-Ingenieurgesellschaft mbH
Curiestraße 19, 09117 Chemnitz, Germany
Telephone: +49 371 52333-0
Fax: +49 371 52333 33
Email: tki@tki-chemnitz.de
Head of the Responsible Organization: Dr. Matthias Pohler
3. Data Protection Officer
You can contact the Data Protection Officer as follows:
Marco Rutzke - Unternehmens- & Prozessberatung
Zillplatz 10, 09337 Hohenstein-Ernstthal, Germany
Telephone: +49 371 52333-928
Email: datenschutz@tki-chemnitz.de
You may contact our Data Protection Officer directly at any time if you have any questions or suggestions concerning data protection.
4. Definitions
This Data Privacy Statement is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our Data Privacy Statement is intended to be easy to read and understand, both for the general public and for our customers and business partners. In order to guarantee this, we would like to start by explaining the terms used.
The terms which we use in this Data Privacy Statement include the following:
a. Personal data
“Personal data” means all information that is related to an identified or identifiable person. An identifiable person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b. Data subject
“Data subject” means any identified or identifiable natural person of which personal data are processed by the “controller”, the party responsible for the processing (i.e. our company).
c. Processing
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d. Restriction of processing
“Restriction of processing” means the marking of stored personal data with the aim of limiting their processing in the future.
e. Profiling
“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
f. Pseudonymization
“Pseudonymization” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
g. Processor
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
h. Recipient
“Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
i. Third party
“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
j. Consent
“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
5. Legal Basement of the Processing
For our company, Art. 6.1, Item a, GDPR serves as the legal basis of processing operations for which we request the data subject's consent for a particular purpose of processing.
If the processing of personal data is necessary for the performance of a contract to which you are a party – e.g. in the case of processing operations which are necessary for the delivery of goods or the provision of any other service or consideration – the processing is based on Art. 6.1, Item b, GDPR. The same applies to processing operations that are necessary to carry out pre-contractual activities, e.g. in the case of inquiries about our products or services.
If our company is subject to a legal obligation that requires the processing of personal data, e.g. in order to fulfill tax obligations, the processing is based on Art. 6.1, Item c, GDPR.
In rare cases, the processing of personal data may become necessary to protect vital interests of the data subject or any other natural person. For example, this will be the case if a visitor receives an injury on our premises and subsequently, his age, his health insurance information or other vital information must be disclosed to a doctor, a hospital or another third party. In such cases, the processing will be based on Art. 6.1, Item d, GDPR.
Finally, processing operations may be based on Art. 6.1, Item f, GDPR. That is the legal basement of processing operations which are not covered by any of the above legal basement if the processing is necessary to safeguard a legitimate interest of our company or any third party, provided that the data subject's interests, basic rights and basic freedoms do not have priority. We are permitted to perform such processing operations particularly because they have been mentioned expressly by the European legislator. In this respect, the European legislator took the view that a legitimate interest may be assumed if you are a customer of our company (Recital 47, Sentence 2, GDPR).
6 Technology
6.1 SSL/TLS ENCRYPTION
In order to guarantee the security of data processing and to protect the transmission of confidential content (e.g. purchase orders, login data or contact requests) which you send to us as the operator, this website uses SSL or TLS encryption. You can recognize an encrypted connection by “https://” being shown in your browser's address bar instead of “http://” and by the lock symbol in the browser's status bar.
If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
6.2 RECORDING OF DATA DURING A VISIT TO THE WEBSITE
If you use our website only to retrieve information, i.e. if you do not register or transmit any other information to us, we will collect only data which your browser transmits to our server (in so-called “server log files”). Whenever a page is accessed by you or an automated system, our website records a range of general data and information. These general data and information are stored in the log files of the server. The following may be recorded:
- the browser types and versions used,
- the operating system used by the accessing system,
- the website from which an accessing system goes to our website (so-called referrer),
- the subpages of our website that are accessed by an accessing system,
- the date and time of an access to our website,
- an Internet Protocol address (IP address),
- the Internet service provider of the accessing system.
When using those general data and information, we will not draw any conclusions as regards your person. In fact, that information is needed in order to
- deliver the content of our website correctly,
- optimize the content of our website and the advertising of it,
- guarantee the permanent functionality of our IT systems and the technology of our website,
- provide prosecuting authorities with the information necessary for prosecution in the event of a cyberattack.
Those collected data and information are analyzed by us for statistical purposes and, besides, for the purpose of improving data protection and data security at our company to ultimately ensure an optimum level of protection of the personal data processed by us. The data of the server log files are stored separately from all personal data provided by any data subject.
The legal basement of the data processing is Art. 6.1, Sentence 1, Item f, GDPR. Our legitimate interest results from the above-mentioned purposes of data collection.
7. Disclosure of Data to Third Parties
A transmission of your personal data to third parties for purposes other than those listed below will not take place.
We will only disclose your personal data to third parties if:
- you have given your express consent to this, in accordance with Art. 6.1, Sentence 1, Item a, GDPR,
- the disclosure is permitted in accordance with Art. 6.1, Sentence 1, Item f, GDPR in order to safeguard our legitimate interests and no reason exists to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
- in case a statutory obligation to disclose exists pursuant to Art. 6.1, Sentence 1, Item c, GDPR, or
- this is permitted by law and is necessary pursuant to Art. 6.1, Sentence 1, Item b, GDPR in order to handle contractual relationships with you.
8 Cookies
8.1 GENERAL INFORMATION ON COOKIES
We use cookies on our website. These are small files that your browser creates automatically and that are stored on your IT system (laptop, tablet, smartphone or the like) when you visit our website. Cookies do not cause any harm on your terminal device and do not contain any viruses, Trojans or other malicious software.
Cookies are used to store information that is connected to the specific terminal device used. However, this does not mean that we are provided information about your identity directly.
For one thing, cookies are used for making the use of our services a more pleasant experience for you. For example, we use so-called session cookies in order to detect that you have already visited individual pages of our website. Those cookies will be deleted automatically after you have left our website.
In addition, also for optimizing the user-friendliness, we use temporary cookies that are stored on your terminal device for a certain predetermined period. If you visit our website again in order to use our services, our system will automatically detect that you have visited us before, and also what information you have entered and which settings you have made so that you will not have to enter them again.
In addition, we use cookies in order to collect statistics on the use of our website and to analyze them for optimizing our services for you. If you visit our website again, those cookies enable us to detect automatically that you have visited us before. Those cookies will be deleted automatically after a period predefined for each cookie.
The data processed by cookies are necessary for the above purposes in order to safeguard our legitimate interests and those of third parties in accordance with Art. 6.1, Sentence 1, Item f, GDPR.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies will be stored on your computer or a warning will always be shown before a new cookie is created. However, if you deactivate cookies completely, you may not be able to use all functions of our website as a result.
This website uses cookies. We use cookies in order to personalize contents and ads, to be able to offer functions for social media, and to analyze the access to our website. Besides, we disclose information on your use of our website to our partners for social media, advertising and analytics. Our partners may combine that information with other data which you have provided to them or which they have collected in connection with your use of their services.
Cookies are small text files that are used by websites to make the user experience more efficient.
According to the law, we may store cookies on your device if they are absolutely necessary for the operation of this website. For all other types of cookies, we need your consent.
This website uses different types of cookies. Some cookies are placed by third parties that appear on our pages.
Your consent applies to the following domains: www.tki-chemnitz.de
9 Contents of our Website
9.1 CONTACTING / CONTACT FORM
When you contact us (e.g. using the contact form or by email), personal data are collected. The data that are collected when a contact form is used are shown on the contact form concerned. These data will only be stored and used for the purpose of replying to your inquiry and/or contacting you and for the related technical administration. The legal basis of the processing of the data is our legitimate interest in replying to your inquiry pursuant to Art. 6.1, Item f, GDPR. If you contact us for the purpose of concluding a contract, Art. 6.1, Item b, GDPR is an additional legal basis of the processing. Your data will be erased upon the final handling of your inquiry; this will be the case when the circumstances indicate that the matter concerned has been settled definitely and if erasure is not precluded by any statutory retention obligations.
9.2 SERVICES / DIGITAL GOODS
We will only transmit personal data to third parties if this is necessary in connection with the handling of contracts, e.g. to the financial institution assigned with the handling of payments.
A further transmission of the data will not take place or, as the case may be, will only take place if you have given your express consent to the transmission. A disclosure of your data without your express consent, e.g. for advertising purposes, will not take place.
The data processing is based on Art. 6.1, Item b, GDPR, which permits the processing of data in order to perform a contract or carry out pre-contractual activities.
9.3 JOB APPLICATION MANAGEMENT / JOB BOARD
We collect and process the personal data of applicants for the purpose of handling the application process. The processing may also be performed by electronic means. In particular, this is the case if an applicant transmits appropriate application documents to us by electronic means, e.g. by email or via a web form that is provided on our website. If we conclude a contract of employment with an applicant, the transmitted data will be stored in accordance with the provisions of the law for the purpose of handling the employment relationship. If we do not conclude a contract of employment with the applicant, the application documents will be erased automatically six months after the decision to reject the applicant is communicated, provided that the erasure is not precluded by other legitimate interests on our part. Another legitimate interest in this sense may exist, for example, in the case of burden of proof in proceedings under the German General Act on Equal Treatment (AGG).
In this respect, the data processing takes place only on the basement of our legitimate interest pursuant to Art. 6.1, Item f, GDPR.
10 Newsletters
10.1 NEWSLETTERS SENT TO EXISTING CUSTOMERS
If you provided your email address to us when you purchased goods/or services, we reserve the right to regularly email you offers for products and/or services from our range which are similar to those which you have purchased. Pursuant to Art. 7.3 of the German Unfair Competition Act (UWG), we need not obtain any separate consent from you for doing so. In this respect, the data processing takes place only on the basement of our legitimate interest in personalized direct marketing pursuant to Art. 6.1, Item f, GDPR. If you objected to the use of your email address for this purpose initially, no such emails will be sent by us. You have the right to object to the use of your email address for the advertising purpose described above at any time with effect for the future by sending a message to the controller mentioned above. For doing so, you will only have to pay any transmission costs according to the basic rates. After your objection is received, the use of your email address for advertising purposes will be ended immediately.
11 Web Analytics
11.1 MATOMO
We have embedded the Matomo component into this website. Matomo is an open-source web analytics software tool. Web analytics is the collection and analysis of data concerning the behavior of visitors to websites. The data collected by a web analytics tool includes (without limitation) data on the website from which a data subject has accessed a website (so-called referrer), the subpages of the website that have been visited and the number of visits to a subpage as well as the time for which the visitor has remained on the subpage. Web analytics is used mainly for optimizing a website and for cost-benefit analyses of Internet advertising.
The software is operated on the server of the controller, and the log files which are sensitive under data protection law are stored exclusively on that server.
The purpose of the Matomo component is to analyze the streams of visitors on our website. We use the obtained data and information for purposes such as analyzing the use of this website and compiling online reports which show the activities on our website.
The use of Matomo is based on Art. 6.1, Sentence 1, Item f, GDPR. With the tracking technology used, we intend to ensure that our website is designed adequately and optimized continuously. Those interests must be considered as legitimate interests within the meaning of the above provision.
Further information as well as the current data protection regulations of Matomo can be found at https://matomo.org/privacy/.
12 Plug-ins and Other Services
12.1 YOUTUBE (VIDEOS)
We have embedded components by YouTube into this website. YouTube is an Internet video portal which enables video publishers to upload video clips free of charge and other users to view, rate and comment on those video clips, which is also free of charge. YouTube permits the publication of all kinds of videos; therefore, complete films and TV programs as well as music clips, trailers and videos produced by users themselves are available on the Internet portal.
The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC, is a subsidiary company of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Upon each access to any of the individual pages of this website which is operated by us and into which a YouTube component (YouTube video) has been embedded, the YouTube component automatically causes the web browser on your IT system to download an image of the appropriate YouTube component from YouTube. Further information on YouTube can be found at https://www.youtube.com/yt/about/de/ . As part of this technical process, YouTube and Google are provided information on which specific subpages of our website you visit.
If the data subject is logged in at YouTube at the same time, YouTube will, upon every access to a subpage containing a YouTube video, detect the specific subpage of our website that you are visiting. That information will be collected by YouTube and Google and associated with your YouTube account.
Via the YouTube component, YouTube and Google will be informed that you have visited our website whenever you are logged in at YouTube at the same time at which you access our website, independently of whether you click on a YouTube video or not. If you do not want such information to be transmitted to YouTube and Google in this manner, you can prevent the transmission by logging out of your YouTube account before accessing our website.
YouTube is used for the sake of a comfortable and easy use of our website. This is a legitimate interest within the meaning of Art. 6.1, Item f, GDPR.
The data protection regulations of YouTube, which can be found at https://www.google.de/intl/de/policies/privacy/ , provide information on the collection, processing and use of personal data by YouTube and Google.
13 Your Rights as a Data Subject
13.1 RIGHT TO CONFIRMATION
You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed.
13.2 RIGHT TO INFORMATION (ART. 15 GDPR)
You have the right to obtain, at any time and free of charge, information about the personal data stored about your person as well as a copy of those data.
13.3 RIGHT TO RECTIFICATION (ART. 16 GDPR)
You have the right to require the rectification of any incorrect personal data concerning you. Furthermore, the data subject has the right to require the completion of incomplete personal data, taking into account the purpose of the processing.
13.4 ERASURE (ART. 17 GDPR)
You have the right to require us to immediately erase the personal data concerning you, provided that any of the reasons set out in the law exists and to the extent that the processing of the data is not necessary.
13.5 RESTRICTION OF PROCESSING (ART. 18 GDPR)
You have the right to require us to restrict the processing of your personal data if one of the legal prerequisites is fulfilled.
13.6 OBJECTION (ART. 21 GDPR)
On grounds relating to your particular situation, you may, at any time, object to the processing of personal data concerning you which takes place on the basis of Art. 6.1, Item e (data processing in the public interest) or f (data processing on the basement of a weighing of interests), GDPR.
This shall also apply to any profiling within the meaning of Art. 4, Point 4, GDPR which is based on the above provisions.
If you make an objection, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing occurs for the establishment, exercise or defense of legal claims.
In individual cases, we process personal data for direct marketing purposes. You may object to the processing of the personal data for such marketing at any time. This also applies to profiling to the extent that it is related to such direct marketing. If you submit to us an objection against the processing for direct marketing purposes, we will no longer process the personal data for such purposes.
In addition, where personal data are processed by us for scientific or historical research purposes or statistical purposes pursuant to Article 89.1 GDPR, you have the right, on grounds relating to your particular situation, to object to the processing of personal data concerning you, unless such processing is necessary for the performance of a task carried out for reasons of public interest.
In connection with the use of information society services, you are free, notwithstanding EU Directive 2002/58/EC, to exercise your right of objection by means of automated processes for which technical specifications are used.
13.7 REVOCATION OF A CONSENT UNDER DATA PROTECTION LAW
You have the right to revoke any consent to the processing of personal data at any time with effect for the future.
13.8 FILING A COMPLAINT WITH A SUPERVISORY AUTHORITY
You have the right to file a complaint about the processing of personal data by us with a supervisory authority for data protection.
14 Routine Storage, Erasure and Blocking of Personal Datan
We will process and store your personal data only for the period which is necessary for achieving the purpose of the storage or to the extent that this is required by the legal provisions applicable to our company.
If the purpose of the storage ceases to exist or any required storage period expires, the personal data will be blocked or erased routinely and in accordance with the legal provisions.
15 Duration of the Storage of Personal Data
The criterion for the duration of the storage of personal data is the applicable legal retention period. After the expiry of that period, the data concerned will be deleted routinely, provided that they are no longer necessary for the performance or initiation of contracts.
16 Currentness and Change of this Data Privacy Statement
This Data Privacy Statement is currently in effect, and its date is May 2018.
As a result of the further development of our website and offers or due to changed requirements of the law or public authorities, it may become necessary to change this Data Privacy Statement. You can view and print the current version of this Data Privacy Statement at “https://www.tki-chemnitz.de/de/datenschutz.html” at all times.