Privacy statement according to the GDPR
I. Name and address of the person responsible
The person responsible for the purpose of the General Data Protection Regulation, and others national data protection laws of the member states, as well as other data protection regulations, is the:
ASA Automation GmbH
II. Name and address of the data protection officer
The data protection officer of the responsible institution is:
III. Our internet offer
is hosted by schoenmueller GmbH, Klingholzstraße 14, 65189 Wiesbaden. Phone: +49 611 360 852-0, fax: +49 611 360 852-10
IV. General information about data processing
1. Scope of processing of personal data
In principle, we collect and use personal data of our users only to the extent necessary for the provision of a functional website, our content, and services. The collection and use of personal data of our users takes place only with the consent of the user. An exception applies to cases in which prior consent can not be obtained and the processing of the data is permitted by law.
2. Legal basis for the processing of personal data
Provided that we obtain the consent of the data subject for processing of personal data, Art. 6 (1) lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data.
In the processing of personal data necessary for the fulfillment of a contract to which the data subject is a party, Art. 6 (1) lit. b GDPR serves as legal basis. This also applies to processing operations required to carry out pre-contractual actions.
Insofar as processing of personal data is required to fulfill a legal obligation that is subject to our company, Art. 6 (1) lit. c GDPR serves as legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) lit. d GDPR serves as legal basis.
If processing is necessary to safeguard the legitimate interests of our company or a third party, and if the interests, fundamental rights and freedoms of the data subject do not prevail over the first interest, Art. 6 (1) lit. f GDPR serves as legal basis for data processing.
3. Data deletion and storage duration
The personal data of the data subject will be blocked or disabled as soon as the purpose of the storage is forfeited. In addition, storage may take place if provided for by the European or national legislator in EU regulations, laws, or other regulations to which the responsible person is subject. Blocking or deletion of the data also takes place when a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for conclusion or fulfillment of the contract.
V. Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer. The following data is collected:
(1) Information about the browser type and version used
(2) The operating system of the user
(3) The Internet service provider of the user
(4) The IP address of the user
(5) Date and time of access
(6) Websites from which the system of the user comes to our website
(7) Websites accessed by the user's system through our website
The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.
2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 (1) lit. f GDPR.
3. Purpose of the data processin
The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. To do this, the user's IP address must be stored for the duration of the session.
Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website, and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
For these purposes, our legitimate interest lies in the processing of data according to Art. 6 (1) lit. f GDPR.
4. Duration of storage
The data will be deleted as soon as the purpose of its collection is achieved. In the case of collecting the data for providing the website, this is the case when the respective session is completed.
In the case of storing the data in log files, this is the case after no more than seven days. Continuous storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.
5. Opposition and possibility of removal
The collection of data for the provision of the website, and the storage of the data in log files is essential for the operation of the website. Consequently, there is no possibility of contradiction for the user.
The websites‘ cookies contain personal data. Cookies save you from having to enter data multiple times, facilitate the transmission of specific content and help us to identify particularly popular areas of our website. They enable us to constantly improve the structure and content of our website.
7. Map service from Google Maps
8. Web analysis by Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called "cookies", text files, which are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Due to the activation of IP anonymization on this website, however, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there.
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by adjusting your browser settings accordingly. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent.
You can also prevent Google from collecting the data generated by cookies, which is related to your use of the website (including your IP address) and from processing this data through Google by downloading and installing the browser plug-in available under the following link: Browser-Add-on zur Deaktivierung von Google Analytics
9. Social Media Bookmarks
No social media plugins are set on our website, but rather so-called social bookmarks. These are only included on our website as a link to the corresponding services. After clicking on the integrated graphic, you will be forwarded to the website of the respective provider. We would like to point out that you use the website of the respective provider and its functions at your own risk. This applies in particular to the use of the interactive functions (e.g. sharing, rating). In addition, if a link to a website is forwarded via the "Share this content" button, it is possible for the corresponding website to become visible on Twitter, Facebook etc. and to be seen there as an activity in the user's respective profile.
We run our own YouTube channel (YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Inc. with headquarters at 1600 Amphitheater Parkway, Mountain View, CA 94043, USA).
When you visit our website, a connection to YouTube and the "Double Click Network" is established. When you play the videos on our website, a connection to a YouTube server is established. This action tells YouTube which of our websites you have visited. Playing a video can trigger further data processing operations over which we, as the website operator, have no influence.
If you are logged in to YouTube as a member, YouTube assigns this information to your personal user account. When using the service, such as clicking the start button of a video, this information is also assigned to your user account. You can prevent this association by logging out of your YouTube user account and other user accounts of the companies YouTube LLC and Google Inc. before using our website and deleting the corresponding cookies from the aforementioned companies. Further information on data processing and information on data protection by YouTube can be found at www.google.de/intl/de/policies/privacy/
We operate a Twitter account and use the technical platform and services of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 USA. Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland is responsible for the data processing of persons living outside the United States.
We would like to point out that using the short message service and its functions will be at your own risk. This applies in particular to the use of the interactive functions (e.g. sharing, rating). Information about which data is processed by Twitter and for what purposes can be found in Twitter's data https://twitter.com/de/privacy. Twitter Inc. is committed to the principles of the EU-US Privacy Shield. For more information, see: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active
We have no influence on the type and scope of the data processed by Twitter, the type of processing and use or the transfer of this data to third parties. We also have no effective control options in this respect. Through the use of Twitter, your personal information will be collected, transmitted, stored, disclosed and used by Twitter Inc., regardless of your residency in the United States, Ireland and any other country in which Twitter Inc. operates. On the one hand, Twitter processes your voluntarily entered data such as name and username, e-mail address, telephone number or the contacts in your address book if you upload or synchronize it. On the other hand, Twitter also evaluates the content you share to determine which topics you are interested in, stores and processes confidential messages that you send directly to other users and can determine your location using GPS data, information about wireless networks or your IP address, in order to send you advertising or other content.
Twitter Inc. may use analysis tools such as Twitter or Google Analytics for evaluation. We have no influence on the use of such tools by Twitter Inc. and have not been informed of such potential use. If tools of this kind are used by Twitter Inc. for one of our accounts, we have neither commissioned nor approved them nor supported them in any other way. The data obtained during the analysis is also not made available to us. Only certain, non-personal information about tweet activity, such as the number of profile clicks or link clicks from a specific tweet, is visible to us through our accounts. Furthermore, we have no way of preventing or turning off the use of such tools on our Twitter accounts. Finally, Twitter also receives information when you view content, even if you have not created an account. This so-called "log data" may include the IP address, the browser type, the operating system, information about previously accessed websites and the pages currently accessed, your location, your mobile phone provider, the end device you are using (including devices ID and Application ID), the search terms you use and cookie information. You have options for restricting the processing of your data in the general settings of your Twitter account and under "Privacy and security". In addition, you can restrict access from Twitter to contact and calendar data, photos, location data, etc. on mobile devices (smartphones, tablet computers) in the setting options. However, this depends on the operating system used. More information on these points is available on the following Twitter support pages: https://support.twitter.com/articles/105576# and https://help.twitter.com/de/search?q=datenschutz
You can find out more about the possibility of viewing your own data on Twitter here: https://support.twitter.com/articles/20172711#
Information about the conclusions drawn about you by Twitter can be found here: https://twitter.com/your_twitter_data
Information on the existing personalization and data protection setting options can be found here (with further references): https://twitter.com/personalization
We also process your data. We do not collect any data ourselves via our Twitter accounts. However, the data you enter on Twitter, in particular your user name and the content published under your account, will be processed by us insofar as we may retweet or reply to your tweets or compose tweets that refer to your account. The data you freely published and distributed on Twitter may be used by us and made accessible to our followers.
We operate a so-called Facebook page with the provider Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland. Facebook is a social network. The respective "share button" can be recognized by the Facebook logo.
We would like to point out that you use this Facebook page and its functions at your own risk. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). When you visit our Facebook pages, Facebook collects, among other things, your IP address and other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more information on this under the following link: https://de-de.facebook.com/help/pages/insights
The data collected about you in this context will be processed by Facebook Ltd. processed and possibly transferred to countries outside the European Union. Facebook describes which information it receives and how it is used in its data usage guidelines. There you will also find information about how to contact Facebook and how to change advertisement settings.
The data usage guidelines are available at the following link: https://de-de.facebook.com/about/privacy
You can find Facebook's full data policies here: https://de-de.facebook.com/full_data_use_policy
How Facebook uses the data from visiting Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is passed on to third parties passed on, is not finally and clearly named by Facebook and is not known to us.
When you access a Facebook page, the IP address assigned to your device is transmitted to Facebook. According to information from Facebook, this IP address is made anonymous (in the case of "German" IP addresses) and deleted after 90 days. Facebook also stores information about its users' end devices (e.g. as part of the "registration notification" function); it may be possible for Facebook to assign IP addresses to individual users.
If you are currently logged in to Facebook as a user, there will be a cookie with your Facebook ID on your device. This enables Facebook to understand that you have visited this site and how you have used it. This also applies to all other Facebook pages. Facebook buttons integrated into websites enable Facebook to record your visits to these websites and assign them to your Facebook profile. Based on this data, content or advertising tailored to you may be offered.
If you want to avoid this, you should log out of Facebook or deactivate the "stay logged in" function, delete the cookies on your device and exit and restart your browser. In this way, Facebook information that can be used to identify you directly is deleted. This allows you to use our Facebook page without revealing your Facebook ID. When you access interactive features of the site (like, comment, share, message, etc.), a Facebook login screen appears. After you have logged in, you will be recognized again by Facebook as a specific user.
Information on how to manage or delete existing information about yourself can be found on the following Facebook support pages: https://de-de.facebook.com/about/privacy#
We also process your data. We do not collect any data about our Facebook accounts ourselves. However, the data you enter on Facebook, in particular your username and the content published under your account, will be processed by us insofar as we may comment on or reply to your posts or write posts from us that refer to your account. The data you freely published and distributed on Facebook are included in our offer and made accessible to other users.
13. Google My Business
We operate a company page from Google My Business at Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
We run an Instagram channel. For this we use the services of Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.
Instagram is an online photo and video sharing service and is part of Facebook (meta). Information on the processing of personal data by Facebook (Meta) can be found under Section IV. 10 of their data protection declaration.
We would like to point out that you use this Instagram page and its functions at your own risk. This applies in particular to the use of the interactive functions (e.g. commenting or rating).
When you visit our Instagram page, Instagram records, among other things, your IP address and other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the Instagram pages, with statistical information about the use of the Instagram page.
How Instagram uses the data from visiting Instagram pages for its own purposes, to what extent activities on the Instagram page are assigned to individual users, how long Instagram stores this data and whether data from a visit to the Instagram page is passed on to third parties, is not named conclusively and clearly by Instagram and is not known to us.
When you access an Instagram page, the IP address assigned to your device is transmitted to Instagram. According to information from Instagram, this IP address is made anonymous (in the case of "German" IP addresses) and deleted after 90 days. Instagram also stores information about its users’ end devices (e.g. as part of the “login notification” function); if necessary, Instagram is thus able to allocate IP addresses to individual users.
If you are currently logged in to Instagram as a user, there is a cookie with your Instagram ID on your device. This enables Instagram to understand that you have visited this page and how you have used it. This also applies to all other Instagram pages. Instagram buttons integrated into websites enable Instagram to record your visits to these websites and assign them to your Instagram profile. Based on this data, content or advertising individually tailored can be offered.
If you want to avoid this, you should log out of Instagram or deactivate the "remember me" function, delete the cookies on your device and exit and restart your browser. In this way, Instagram information that can be used to identify you directly is deleted. This allows you to use our Instagram page without revealing your Instagram ID. When you access interactive features of the site (like, comment, message, and more), an Instagram login screen appears. After you have logged in, Instagram will recognize you again as a specific user. For information on how to manage or delete information held about you, visit the Instagram Help Center.We do not collect or process any data from your use of our service.
ASA Automation maintains a page on the Xing network. The Xing network is operated by New Work SE, Dammtorstraße 30, 20354 Hamburg. The data protection declaration can be accessed at https://privacy.xing.com/de/datenschutzerklaerung [PD1]. We would like to point out that you use the short message service offered and its functions at your own risk. This applies in particular to the use of the interactive functions (e.g. sharing, rating).
Xing also provides us with statistics. These are generated without our assistance and made available to us. The data includes interactions and statistical data.
In its data protection declaration, Xing refers to various options for setting your privacy on Xing, which you can read about on Xing.
We do not collect or process any personal data via Xing.
The LinkedIn Services require data to be transferred from the European Union (EU), the European Economic Area (EEA) and Switzerland to the United States of America (USA) and back. You can find a statement on data security during this transfer at https://www.linkedin.com/help/linkedin/answer/62533 [PD3].
LinkedIn also provides us with statistics. These are generated without our assistance and made available to us. The data includes interactions and statistical data. You can strongly influence the processing of your data on LinkedIn in various ways if you are logged in. ASA Automation does not collect or process any personal data via LinkedIn.
VI. Contact form and email contact
1. Description and scope of data processing
Our website offers a contact form, which can be used for electronic contact. If a user chooses this option, the data entered in the input mask will be transmitted to us and saved. These data are:
(2) Email address
(3) The IP address of the user
(4) Date and time of registration
Alternatively, contact via the provided email addresses is possible. In this case, the user's personal data transmitted via email will be stored.
In this context, the data is not shared with third parties. The data is used exclusively for processing the conversation.
2. Legal basis for data processing
Legal basis for the processing of data, in the presence of user’s consent is the the Art. 6 (1) lit. a GDPR.
The legal basis for the processing of the data transmitted in the course of sending an email is Art. 6 (1) lit. f GDPR.
If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 (1) lit. b GDPR.
3. Purpose of the data processing
The processing of personal data from the input mask serves us solely to process the contact. In the case of contact via email, this also includes the required legitimate interest in the processing of the data.
The other personal data processed during the sending process, serves to prevent misuse of the contact form, and to ensure the security of our information technology systems.
4. Duration of storage
The data will be deleted as soon as the purpose of its collection is achieved. Personal data from the input form of the contact form and those sent by email, will be deleted when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified.
5. Opposition and possibility of removal
The user has the possibility at any time to revoke his consent to the processing of the personal data. If the user contacts us via email, he may object to the storage of his personal data at any time. In such a case, the conversation can not continue.
Revocation of consent and the objection of storage is possible by email firstname.lastname@example.org. All personal data stored in the course of contacting will be deleted in this case.
VII. Rights of the person concerned
If your personal data is processed by us, you are a subject within the meaning of the GDPR, and you have the following rights towards the person responsible:
1. Right to information
You may ask the person responsible to confirm if personal data concerning you is processed by us.
If such processing is available, you can request information from the person responsible about the following information:
(1) the purposes for which the personal data are processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;
(4) the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;
(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
(6) the existence of a right of appeal to a supervisory authority;
(7) all available information on the source of the data if the personal data is not collected from the data subject;
(8) the existence of automated decision-making including profiling under Article 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved, and the scope and intended impact of such processing on the data subject.
You have the right to request information about whether your personal information is being transferred to a third country or to an international organization. In this context, you can ask about the appropriate guarantees in accordance with Art. 46 GDPR to be taught in the context of the submission.
2. Right to rectification
You have a right to rectification and/or completion, if the personal data you processed is incorrect, or incomplete. The responsible person must make the correction without delay.
3. Right to restriction of processing
You may request the restriction of the processing of your personal data under the following conditions:
(1) if you contest the accuracy of your personal information for a period of time that enables the controller to verify the accuracy of your personal information;
(2) the processing is unlawful and you refuse the deletion of the personal data and instead demand the restriction of the use of the personal data;
(3) the controller no longer needs the personal data for the purposes of processing, but you need it to assert, exercise or defend legal claims; or
(4) if you have objected to the processing pursuant to Art. 21 (1) GDPR and it is not yet certain whether the legitimate reasons of the person responsible outweigh your reasons.
If the processing of personal data concerning you has been restricted, this data may only be used with your consent or for the purpose of asserting, exercising or defending legal claims, or protecting the rights of another natural or legal person, or for reasons of important public interest by the European Union or a member state.
If the restriction on processing has been restricted in accordance with the above conditions, you will be notified by the person responsible before the restriction is lifted.
4. Right to deletion
a) Obligation to delete
You may require the controller to delete your personal information without delay, and the controller is required to delete that information immediately if one of the following is true:
(1) Personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent, which sustained the processing acc. Art. 6 (1) lit. a or Art. 9 (2) lit. GDPR and there is no other legal basis for processing.
(3) In accordance with Art. 21 (1) GDPR, you object to the processing and there are no legitimate reasons for the processing, or you object to the processing in accordance with Art. 21 (2) GDPR.
(4) Your personal data have been processed unlawfully.
(5) The deletion of personal data concerning you shall be required to fulfill a legal obligation under European Union law, or the law of the member states to which the controller is subject.
(6) The personal data concerning you were collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.
The right to erasure does not exist if the processing is necessary:
(1) to exercise the right to freedom of expression and information;
(2) to fulfill a legal obligation required by the law of the European Union or of the member states to which the controller is subject, or to carry out a task which is in the public interest, or in the exercise of official authority delegated to the controller;
(3) for reasons of public interest in the field of public health pursuant to Art. 9 (2) lit. h and i and Art. 9 (3) GDPR;
(4) for archival purposes of public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) GDPR, to the extent that the law referred to in (a) is likely to render impossible or seriously affect the achievement of the objectives of that processing, or
(5) to assert, exercise or defend legal claims.
5. Right to information
If you have asserted the right of rectification, erasure or restriction of the processing to the controller, he / she is obliged to notify all recipients to whom the personal data relating to you have been disclosed about the rectification or erasure, or restriction of processing, except this proves impossible or would involve disproportionate effort.
You are entitled to the person responsible to be informed about these recipients.
6. Right to data portability
You have the right to receive personally identifiable information you provide to the controller in a structured, common and machine-readable format. In addition, you have the right to transfer this data to another person without hindrance, by the person responsible for providing the personal data, provided that
(1) the processing is based on a consent in accordance with Art. 6 (1) lit. a GDPR or Art. 9 (2) lit. a GDPR or based on a contract pursuant to Art. 6 (1) lit. b GDPR and
(2) the processing is done by automated means.
In exercising this right, you also have the right that personal data relating to you be transmitted directly from one controller to another, as far as technically feasible. Freedoms and rights of other persons may not be affected.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the controller.
7. Right to object
You have the right at any time, for reasons that arise from your particular situation, to raise objection to the processing of your personal data, which pursuant to Art. 6 (1) lit. e or f GDPR; this also applies to profiling based on these provisions.
The controller will no longer process the personal data concerning you, unless he can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, exercising or defending legal claims.
If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data, for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
Regardless of Directive 2002/58 / EC, you have the option, in the context of the use of information society services, of exercising your right to object through automated procedures that use technical specifications.
8. Right to revoke the data protection consent declaration
You have the right to revoke your data protection declaration at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
9. Automated decision on a case-by-case basis, including profiling
You have the right not to be subjected to a decision based solely on automated processing - including profiling - that will have legal effect or similarly affect you in a similar manner. This does not apply if the decision
(1) to conclude or fulfill a contract between you and the controller is required,
(2) is permitted by the European Union or member state legislation to which the controller is subject, and where such legislation contains appropriate measures to safeguard your rights and freedoms and legitimate interests, or
(3) is made with your express consent.
However, these decisions must not be based on special categories of personal data under Art. 9 (1) GDPR, unless Art. 9 (2) lit. a or g and reasonable measures have been taken to protect the rights and freedoms and your legitimate interests.
10. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority, in particular in the member state of your residence, place of work or place of alleged infringement, if you believe that the processing of the personal data concerning you is violating the GDPR. The supervisory authority to which the complaint has been submitted, shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Art.78 GDPR.