Data Privacy Statement
Preamble
The sections below contain information on the collection of personal data during use of our website. Personal data is defined as all specific information which can be traced back to you personally, e.g. name, address, e-mail addresses, user behaviour.
Responsible company / Data Protection Officer
Company responsible for data processing | Data Protection Officer of the company responsible |
---|---|
ESG Elektroniksystem- und Logistik-GmbH Ingolstädter Straße 45 80807 München Germany Legal representative: Katja Ziegler, Board of Management |
ESG Elektroniksystem- und Logistik-GmbH |
General data collection when our website is accessed
When you access our website merely for informational purposes, that is, if you do not register with us or otherwise submit information to us, we collect only the personal data transmitted to our server by your browser. If you wish to view our website, we collect the following data, which we require for technical reasons in order to display our website to you and to guarantee stability and security (the legal basis is legitimate interest in accordance with Art. 6 Paragraph. 1 S. 1 lit. f GDPR):
Data | Purpose of processing | Storage duration |
---|---|---|
Adress and full path of the requested website with optional request parameters in the URL | Display of the Website | The data are deleted, at the end of the respective request |
Operating system used | Evaluation by device to ensure optimised display of the website | The data are deleted at the end of the respective session. |
Information on browser type and version used | Evaluation of browsers in order to optimise our web pages for their use | The data are deleted at the end of the respective session. |
IP address | Display of the website on the respective device | The data are deleted at the end of the respective session. |
Date and time of access | Ensuring proper operation of the website | The data are deleted at the end of the respective session. |
Where applicable, manufacturer and type designation of smartphones, tablet computers or other end devices | Evaluation of device manufacturers and end device types for statistical purposes | The data are deleted at the end of the respective session. |
Log files with response code of the request und all data in this table | Ensuring proper operation of the website | The data will be made anonymous after 7 days. The data will be deleted when the web servers are reset every few years. |
The collection of data for provision of the website and the storage of data in log files is essential for operation of the website. Consequently, users have no right of objection to this use of their data.
Cookies - general information
Our website uses cookies. Cookies are text files stored in the Internet browser or transferred by the Internet browser to the user’s computer system. When a user accesses a website, a cookie may be stored in the user’s operating system. This cookie contains a distinctive character string which allows clear identification of the browser if the website is accessed again. The site uses cookies required for technical purposes and tracking cookies. Tracking is the usually cross-website processing of data on the individual behaviour of users.
Cookies – distinction between cookie types
a) Technically essential cookies
We use cookies in order to make our website more user-friendly. Some elements of our website make it necessary to identify the accessing browser even after switching to another web page.
Name of the cookie | Purpose of processing | Legal basis for processing | c |
---|---|---|---|
__RequestVerificationToken_ (followed by a sequence of digits and letters) |
verification of the request | legitimate interest | till the end of the session |
atlassian.xsrf.token | Jira | legitimate interest | till the end of the session |
defaultLanguage | support multiple languages | legitimate interest | one month |
ESGIpSession | Portal | legitimate interest | till the end of the session |
ESGLogin | Portal | legitimate interest | till the end of the session |
ext-expires | Taranis | legitimate interest | one week |
fe_typo_user | process contact forms and registration forms for courses | legitimate interest | till the end of the session |
JSESSIONID | Jira,VDI | legitimate interest | till the end of the session |
nc_sameSiteCookielax | Nextcloud | legitimate interest | till january 2101 |
nc_sameSiteCookiestrict | Nextcloud | legitimate interest | till january 2101 |
occ(followed by a sequence of digits and letters) | Nextcloud | legitimate interest | till the end of the session |
oc_sessionPassphrase | Nextcloud | legitimate interest | till the end of the session |
PHPSESSID | PHP Application | legitimate interest | till the end of the session |
sid | jobs, session | legitimate interest | one hour |
TaranisApplication | Taranis | legitimate interest | till the end of the session |
WPITStartupTestSession | Issue Tracker | legitimate interest | till the end of the session |
WPITStartupTestPersistent | Issue Tracker | legitimate interest | one month |
_gitlab_session | Gitlab | legitimate interest | one hour |
_redmine_session | Redmine | legitimate interest | till the end of the session |
OTRSBrowserHasCookie | OTRS | legitimate interest | one year |
lang | Language | legitimate interest | till december 2087 |
Session | Session | legitimate interest | till the end of the session |
_csrf | Security | legitimate interest | one day |
Technically essential cookies are not always necessary in order to display the website. However, some functions of the website, e.g. contact form, registering for a course etc. cannot be used correctly without these cookies. Users consequently have no right of objection, though these cookies can be deactivated in the settings of the respective browser.
b) Tracking-Cookies
Name of the cookie | Purpose of processing | Legal basis for processing | Storage duration |
---|---|---|---|
cookieconsent_status | Tracking | legitimate interest | one year |
PIWIK_SESSID | Tracking | consent | one year |
_pk_id.1.(Ziffer/Buchstabenfolge) | Tracking | consent | one year |
_pk_ses.1.(Ziffer/Buchstabenfolge) | Tracking | consent | one year |
Google Maps
a) Type and scope of data processing
We integrate the maps of the service Google Maps. Google Maps ist a service of Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland ("Google"). This allows us to display interactive maps directly on our website and allows you to conveniently use the map function. The following data is transmitted through the use of Google Maps:
- The operating system
- Information about the browser type and version used
- Information about your Internet service provider
- Your IP address
- Date and time of access
- Websites from which you came to our website
- Websites that you visit through our website
This occurs regardless of whether Google provides a user account that you are logged in to or whether there is no user account. If you're logged in to Google, your information will be directly associated with your account. If you do not want your profile to be associated with Google, you will need to log out.
b) Purpose and legal basis
Google stores your data as user profiles and uses them for the purposes of advertising, market research and/or the design of its website in line with requirements. Such evaluation is carried out in particular (even for users who are not logged in) for the purpose of providing demand-oriented advertising. The evaluation is also carried out to inform other users of the social network about your activities on our website.
Legal basis is Art. 6(1) lit. f) GDPR. Our legitimate interest lies in the analysis, optimisation and economic operation of our internet presence.
c) Storage period
The stored data will be deleted as soon as they are no longer needed for our purposes.
d) Right to object
You have a right of objection to the formation of these user profiles. This is to be addressed to Google. You can prevent the transfer of data to Google by disabling JavaScript in your browser settings. In that case, you will not be able to use Google Maps on our website.
- Learn more about the Google Maps Terms of Use: https://policies.google.com/terms?gl=DE&hl=en
- Learn more about the Additional Terms of Service of Google Maps: www.google.com/intl/en_US/help/terms_maps.html
- For more information see Google's privacy policy: https://policies.google.com/privacy?hl=en
Linking to social networks
On this website we link to our social network presences. Therefore, we have linked a graphic of the respective network. When calling our website, there is no automatic connection to the respective server of the social network. Only by clicking on the corresponding graphic you will be forwarded to the service of the respective social network. Here the following data is processed by the respective network:
- IP address
- Date, time
- Visited website
If you are logged in to your user account for the respective network during this time, the network operator may be able to assign the information collected during the visit to the user's personal account. If you interact via a "share" button of the respective network, this information can also be stored in the user's personal user account and published if necessary. If you want to prevent the collected information from being directly assigned to your user account, the user must log out of the respective social network before clicking on the graphic. You can also configure the respective user account accordingly.
We include the following social networks on our website by linking to them:
- Facebook
Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Further information can be found in the privacy policy: https://www.facebook.com/policy.php
EU-US Privacy Shield Certification: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
The Facebook Page privacy policy is available here and on the Facebook Page under "About" in the sub-section "Impressum" and "Privacy Policy". - Xing
New Work SE, Dammtorstraße 30, 20354 Hamburg
Further information can be found in the privacy policy: https://privacy.xing.com/en/privacy-policy - LinkedIn
LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland
Further information can be found in the privacy policy: https://www.linkedin.com/legal/privacy-policy
EU-US Privacy Shield Certification: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active - YouTube
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Further information can be found in the privacy policy: https://policies.google.com/privacy
EU-US Privacy Shield Certification: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
YouTube is being used in extended privacy mode
a) Type and scope of data processing
We have included YouTube videos in our online offering, which are stored at http://www.YouTube.com and can be played directly from our website. YouTube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, Tel: +353 1 543 1000, Fax: +353 1 686 5660 ("Google").
We use YouTube in conjunction with the privacy-enhanced mode feature to display videos to you. Due to the privacy-enhanced mode feature, the data explained in more detail below will only be transmitted to YouTube's server if you actually start a video.
YouTube collects your IP address, the date and time as well as the website you visited. This takes place regardless of whether YouTube provides a user account that you are logged in to or whether there is no user account. It also connects to Google's advertising network.
If you are logged into YouTube at the same time, YouTube assigns the connection information to your YouTube account and uses it for purposes of advertising, market research and/or tailoring its website to suit your needs.
b) Purpose and legal basis
The legal basis is Art. 6(1) lit. f) GDPR. Our legitimate interest lies in improving the quality of our internet presence.
c) Storage period
The stored data will be deleted as soon as they are no longer needed for our purposes.
d) Right to object
YouTube permanently stores cookies on your terminal device via your Internet browser for the purpose of functionality and analysis of user behaviour.
If you do not agree with this processing, you can prevent the storage of cookies by changing the settings in your Internet browser. If you wish to prevent this, you must either log out of YouTube before visiting our website or make the appropriate settings in your YouTube user account. If you do not wish your profile to be assigned to YouTube, you must log out before activating the button. If you do not want to receive user-based advertising, you can opt out of placing ads using Google's ad preferences. Further information about the purpose and scope of data collection and processing by YouTube, please see Google's privacy policy. There you will also find further information about your rights and setting options to protect your privacy: https://policies.google.com/privacy?hl=en
Consent to direct advertising in acc. with 7 Par. 3 UWG (Federal Fair Trade Practices Act)
The e-mail address supplied when purchasing goods or services on our website is used by us for direct advertising of our own and similar products and/or services. You can revoke your consent to the use of your e-mail address at any time if you no longer wish to receive direct advertising. Just respond to the received e-mail appropriately.
Data | Purpose of processing | Legal basis for processing | Storage duration |
---|---|---|---|
E-mail address | Contact for direct advertising | Possibility for direct advertising in accordance with UWG | until revoked |
postal address | Contact for direct advertising | Possibility for direct advertising in accordance with UWG | until revoked |
phone number | Contact for direct advertising | Possibility for direct advertising in accordance with UWG | until revoked |
Contact form and registration for training courses
You can contact us at any time via our e-mail address or the contact form. The personal data submitted by you in this manner will, of course, be used exclusively for the purpose for which you provided it.
Data | Purpose of processing | Legal basis for processing | Storage duration |
---|---|---|---|
IP address on registration | Transmission of the content of the form to the web server | Consent / initiation/performance of the contractual relationship / processing of the request | Until connection is established |
Inquiry or Identification of the course | Processing the request | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
Message | Processing the request | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
Form of address | direct address | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
Title | direct address | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
Surname | direct address | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
Last name | direct address | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
E-Mail-Address | Responding to the inquiry | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
phone number | Responding to the inquiry | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
fax number | Responding to the inquiry | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
Address | Improvement in processing of enquiry | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
Business address | Improvement in processing of enquiry | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
URL | Improvement in processing of enquiry | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
Address for account | Improvement in processing of enquiry | Consent / initiation/performance of the contractual relationship / processing of the request | Until purpose is achieved / end of obligation of verification |
Disclosure of data
Your personal data will not be disclosed to third parties for any purpose other than those listed below. We only pass on your personal data if:
- you have expressly consented to this,
- disclosure is required for the assertion, exercise or defence of legal claims and there is no reason to presume that you have an overriding legitimate interest in non-disclosure of your data,
- we are under legal obligation to disclose the data, and
- where this is legally permissible and necessary for the processing of contractual relationships with you.
Notification of data protection rights
a) Right to withdraw your data protection consent according to Art. 7(3) s. 1 GDPR
You can withdraw your consent to the processing of your personal data at any time with effect for the future. However, this does not affect the legality of the processing until revocation.
b) Right of access according to Art. 15 GDPR
You have the right to request confirmation whether we obtain personal data concerning you. In this case you have the right to get information about your personal data as well as further information, e.g. the purposes of processing, categories of personal data concerned, the recipients and the planed period of storage or the criteria used to determine that period.
c) Right to obtain rectification and completion according to Art. 16 GDPR
You have the right to obtain the correction of incorrect data without delay. Taking into account the purposes of the processing, you have the right to obtain the completion of incomplete data.
d) Right to erasure ("right to be forgotten") according to Art. 17 GDPR
You have a right of erasure, as far as the processing is not necessary. This is the case, if your data is no longer necessary for the original purposes, for example if you have withdrawn your consent or if the data was processed unlawfully.
e) Right restriction of processing according to Art. 18 GDPR
You have the right to obtain processing, e.g. if you believe that the personal data is incorrect.
f) Right to data portability according to Art. 20 GDPR
You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format.
g) Right to object according to Art. 21 GDPR
You have the right to object at any time to the processing of certain personal data concerning you for reasons arising from your particular situation. In the case of direct marketing, you as the data subject have the right to object at any time to the processing of personal data concerning you for the purpose of advertising; this also applies to profiling, insofar as it is associated with direct marketing.
h) Automated individual decision-making, including profiling according to Art. 22 GDPR
You have the right not to be subject to a decision based solely on automated processing - including profiling - except in the exceptional circumstances mentioned in Art. 22 GDPR. A decision based solely on automated processing - including profiling - does not take place.
i) Right to lodge a complaint with a data protection supervisory authority according to Art. 77 GDPR
You can also lodge a complaint with a data protection supervisory authority at any time, for example if you believe that data processing is not in compliance with data protection regulations.
Competent supervisory authority
Bavarian State Office for Data Protection Supervision
PO Box 606
91511 Ansbach
Germany
Telephone: +49 (0) 981 53 1300
Telefax: +49 (0) 981 53 98 1300
E-mail: poststelle@lda.bayern.de
Notification of possibility to lodge a complaint
In addition, you have the right to lodge a complaint with the responsible data protection supervisory authority regarding the processing of your personal data by us.
Notification of possibility to revoke consent
You are entitled to withdraw your consent to the processing of your personal data by us at any time. This also applies to the revocation of declarations of consent granted to us before the General Data Protection Regulation came into effect, that is, before 25 May 2018. Please note that such revocation is only effective for the future. It does not apply to processing of data which took place before consent was revoked.
Links to other websites
Our web pages may contain links to the websites of other providers. We expressly point out that this Data Privacy Statement applies exclusively to the websites of ESG. We have no control over nor do we monitor whether other providers comply with valid data protection regulations.
Changes to the Data Privacy Statement
We reserve the right to amend or adapt this Data Privacy Statement at any time, in compliance with the applicable data protection regulations.
Data privacy information for offline purposes
Data privacy information for offline purposes can be found here.