With the following information, we would like to give you as a “data subject” an overview of the processing of your personal data by us and your rights under data protection laws. In principle, it is possible to use our Internet pages without entering personal data. However, if you want to use special services of our enterprise via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain consent from you.
As the controller, we have implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, you are free to transmit personal data to us by alternative means, for example by telephone or by mail..
2. responsible person
DMS Technology GmbH Steinbacherstr. 62, 64658 Fürth, Germany
Phone: +49 6253 / 806021-0
Fax: +49 6253 / 806021-29
Representatives of the responsible person: Adam Geiß
3. data protection officer
You can contact our data protection officer directly at any time with all questions and suggestions regarding data protection.
1. personal data
Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2. Data Subject
Data subject is any identified or identifiable natural person whose personal data are processed by the controller (our company).
Processing is any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
4. restriction of processing
Restriction of processing is the marking of stored personal data with the aim of restricting their future processing.
Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or change of location.
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.
Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.
9. Third Party
Third party means any natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons who, under the direct responsibility of the controller or the processor, are authorized to process the personal data.
Consent is any expression of will given voluntarily by the data subject for the specific case in an informed manner and unambiguously in the form of a statement or other unambiguous affirmative act by which the data subject indicates that he or she consents to the processing of personal data relating to him or her.
5. legal basis of the processing
If the processing of personal data is necessary for the performance of a contract to which you are a party, as is the case, for example, with processing operations that are necessary for a delivery of goods or the provision of another service or consideration, the processing is based on Article 6 (1) lit. b DS-GVO. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services.
If our company is subject to a legal obligation by which a processing of personal data becomes necessary, such as for the fulfillment of tax obligations, the processing is based on Art. 6 (1) lit. c DS-GVO.
In rare cases, the processing of personal data might become necessary to protect vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were to be injured on our premises and as a result his or her name, age, health insurance data or other vital information had to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 (1) lit. d DS-GVO.
Finally, processing operations could be based on Art. 6(1)(f) DS-GVO. Processing operations which are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary for the protection of a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden. Such processing operations are permitted to us in particular because they were specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if you are a customer of our company (recital 47 sentence 2 DS-GVO).
6. transmission of data to third parties
We will only pass on your personal data to third parties if:
1. you have given your express consent to this in accordance with Art. 6 para. 1 p. 1 lit. a DS-GVO,
2. the disclosure is permissible under Art. 6 para. 1 p. 1 lit. f DS-GVO to protect our legitimate interests and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
3. in the event that a legal obligation exists for the disclosure pursuant to Art. 6 para. 1 p. 1 lit. c DS-GVO, as well as
4. this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b DS-GVO for the processing of contractual relationships with you.
In order to protect your data and to allow us to transfer data to third countries (outside the EU/EEA)if necessary, we have concluded commissioned processing agreements based on the standard contractual clauses of the European Commission.
This site uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content, such as orders, login data or contact requests that you send to us as the operator. You can recognize an encrypted connection by the fact that there is a “https://” instead of a “http://” in the address line of the browser and by the lock symbol in your browser line.
We use this technology to protect your transmitted data.
7.2 Data collection when visiting the website
During the merely informational use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect such data that your browser transmits to our server (in so-called “server log files”). Our website collects a series of general data and information with each call of a page by you or an automated system. This general data and information is stored in the server log files. Collected can be the
1. browser types and versions used,
2. the operating system used by the accessing system,
3. the website from which an accessing system arrives at our website (so-called referrer),
4. the sub-websites which are accessed via an accessing system on our website,
5. the date and time of an access to the Internet page,
6. an Internet protocol address (IP address),
7. the Internet service provider of the accessing system,
When using this general data and information, we do not draw any conclusions about your person. Rather, this information is needed to
1. deliver the contents of our website correctly,
2. optimize the content of our website and the advertising for it,
3. to ensure the long-term functionality of our IT systems and the technology of our website as well as
4. to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.
Therefore, the data and information collected is, on the one hand, statistically analyzed by us and, on the other hand, it is evaluated with the aim of increasing the data protection and data security of our enterprise, and ultimately ensuring an optimal level of protection for the personal data we process. The data of the server log files are stored separately from any personal data provided by a data subject.
The legal basis for the data processing is Art. 6 para. 1 p. 1 lit. f DS-GVO. Our legitimate interest follows from the purposes for data collection listed above.