Data Privacy Statement
All data collected here is handled within our area of responsibility according to the provisions of the European General Data Protection Regulation (GDPR) and in accordance with the applicable state-specific data protection provisions such as the Federal Data Protection Act (BDSG) and the German Telemedia Act (TMG).
Name and address of the controller
The controller in the sense of the General Data Protection Regulation and other national data protection laws in the Member States as well as other statutory data protection provisions is:
SYSTEMA Systementwicklung Dipl.-Inf. Manfred Austen GmbH
Authorized Company Representative: Manfred Austen, CEO
Manfred-von-Ardenne-Ring 6
01099 Dresden
Germany
Tel.: +49 (0) 351 8824 - 60
Fax: +49 (0) 351 - 8824 - 772
info@innovation-forum-automation.com
www.innovation-forum-automation.com
SSL encryption
The website operators use SSL encryption to provide the best possible protection for your data. You can identify an encrypted connection by the prefix “https://” in the page link in your browser’s address line. SSL encryption protects all data that you provide to this website – for instance during inquiries or logins – from third-party access.
General information about data protection
1. Scope of processing for personal data
We fundamentally process our users’ personal data only to the extent that this is necessary in order to provide them with a functional website along with our content and services. As a rule, our users’ personal data is only processed with the user’s consent. Exceptions apply in cases where it is not possible to obtain prior consent for practical reasons, and where processing of the data is permitted by statutory provisions.
2. Legal basis for processing personal data
If and to the extent that we obtain consent from the data subject for processing transactions, Art. 6 Sec. 1 lt. a EU General Data Protection Regulation (GDPR) serves as the legal basis. In processing personal data that is needed in order to fulfill a contract with the data subject, Art. 6 Sec. 1 lt. b GDPR serves as the legal basis. This also applies to processing transactions that are necessary in order to perform pre-contractual measures. If and to the extent that personal data must be processed in order to fulfill a legal obligation to which our company is subject, Art. 6 Sec. 1 lt. c GDPR serves as the legal basis. In the event that vital interests of the data subject or another natural person require personal data to be processed, Art. 6 Sec. 1 lt. d GDPR serves as the legal basis. If processing is necessary in order to protect a legitimate interest of our company or a third party and unless the data subject’s interests, basic rights and basic freedoms override the former interest, Art. 6 Sec. 1 lt. f GDPR serves as the legal basis for processing.
3. Data erasure and storage period
The data subject’s personal data shall be erased or blocked as soon as the storage purpose no longer applies. Longer storage may occur where required by European or national law in Union ordinances, laws or other regulations to which the controller is subject. The data shall also be blocked or erased if a storage period established by the abovementioned standards expires, unless the data must continue to be stored in order to conclude or fulfill a contract.
Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information about the accessing computer system. This includes information about the browser type and version used, the user’s operating system, the user’s internet service provider and IP address, date and time of access, websites from which the user’s system accesses our web page, and websites that the user’s system accesses via our website. This data is stored in log files in our system, with the exception of the user’s IP addresses or other data that can be used to identify a user. This data is not stored together with other personal data concerning the user.
2. Legal basis for storage
The legal basis for temporary storage of the data is Art. 6 Sec. 1 lt. f GDPR.
3. Purpose of data processing
The system must temporarily store the IP address in order to deliver the website to the user’s computer. To this end, the user’s IP address must be stored for the duration of the session. This also constitutes our legitimate interest in data processing as per Art. 6 Sec. 1 lt. f GDPR.
4. Duration of storage
Data shall be erased as soon as it is no longer needed to achieve the purpose for which it was collected. In the case of data collection for the purpose of making the website available, this is the case when each session ends.
5. Objection right
Data must be collected in order to make the website available, and stored in log files in order to operate the website. Therefore, the user does not have the right to object to this.
Cookies
Like many other websites, we also use so-called “cookies”. Cookies are small text files that are transferred from a website server to your hard drive. Cookies can not be used to launch programs or to transfer viruses to a computer. In no case the collected data will be passed by us on to third parties or a link with personal data will be established without your consent.
We automatically receive certain data, such as: IP address, browser used, operating system from your computer and your connection to the Internet. The information contained in cookies enables us to facilitate navigation, enable the correct display of our websites and optimize the server, the websites and the contents. The storage of cookies is based of Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in the anonymous analysis of user behavior in order to optimize both our website and our advertising.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, the acceptance of cookies for certain cases or generally exclude and enable the automatic deletion of cookies when closing the browser. Please use the help features of your internet browser to find out how to change these settings or visit http://www.allaboutcookies.org/ge/cookies-management/. Please note that some features of our website may not work if you have disabled the use of cookies.
Consent Manager
We use the cookie/consent management tool by Objectis Ltd’s on our website. (Objectis Ltd., Laisves st. 60, LT-05120 Vilnius, Lithuania; www.cookie-script.com; “Consent Manager”).
The tool enables you to give consent to data processing via the website, in particular the setting of cookies, and to make use of your right of withdrawal for consent that has already been given.
Data processing serves the purpose of obtaining and documenting the necessary consent to data processing and thus complying with legal obligations. Cookies may be used. Among other things, the following information is collected and transmitted to the consent manager: date and time of the page view, information about the browser you are using and the device you are using, anonymized IP address, opt-in and opt-out data. This data will not be passed on to other third parties.
The data is processed to fulfill a legal obligation on the basis of Article 6 Paragraph 1 Letter c GDPR and our legitimate interest in accordance with Article 6 Paragraph 1 Letter f GDPR.
You can find more information about the data protection of the consent manager at: https://cookie-script.com/privacy-policy.html
Email contact
1. Description and scope of data processing
Our website provides an email address that you can use to contact us. In this case, the user’s personal data provided in the email shall be stored. Data provided in this context is shared with the AND member companies AIS Automation Dresden GmbH, Fabmatics GmbH, Systema GmbH and XENON Automatisierungstechnik GmbH. The data is exclusively used to process the conversation.
2. Legal basis for data processing
The legal basis for processing data provided while sending an email is Art. 6 Sec. 1 lt. f GDPR. If the aim of the email contact is to conclude a contract, an additional legal basis for processing is Art. 6 Sec. 1 lt. b GDPR.
3. Purpose of data processing
Processing of personal data from the email exclusively allows us to process the contact request. This also constitutes our necessary legitimate interest in processing the data.
4. Duration of storage
The data shall be deleted as soon as it is no longer needed to achieve the purpose for which it was collected, in other words when the respective conversation with the user has ended. The conversation has ended when circumstances indicate that the issue in question has been definitively resolved.
5. Objection right
The user has the right to object to the storage of his or her personal data at any time. In order to assert this objection right, please send an email to the following address: info@innovation-forum-automation.com. All personal data stored in the context of the contact request shall then be erased. In this case, the conversation cannot be continued.
Contact form
1. Description and scope of data processing
Our website provides a contact form which can be used to contact us electronically. If a user takes advantage of this option, data entered on the entry screen shall be transmitted to us and stored. At a minimum, this data includes the name, email address and message. When the message is sent, the user’s IP address and the date and time of the contact are also stored. In this case, the user’s personal data provided in the email shall be stored. Data provided in this context is shared with the AND member companies AIS Automation Dresden GmbH, Fabmatics GmbH, Systema GmbH and XENON Automatisierungstechnik GmbH. The data is exclusively used for the purpose of processing the conversation.
The following declaration of consent is provided with reference to this Data Privacy Statement:
“I agree that my data will be used to respond to my inquiry according to the Data Privacy Statement. I can withdraw this consent at any time with effect for the future by sending an email to info@innovation-forum-automation.com”
2. Legal basis for data processing
The legal basis for processing data where consent has been provided by the user is Art. 6 Sec. 1 lt. a GDPR.
3. Purpose of data processing
We exclusively process personal data from the entry screen in order to handle your contact request. All other personal data processed during the submission transaction is used to prevent misuse of the contact form and to ensure the security of our IT systems.
4. Duration of storage
Data from the contact form shall be erased as soon as it is no longer needed to achieve the purpose for which it was collected, in other words when the respective conversation with the user has ended. The conversation has ended when circumstances indicate that the issue in question has been definitively resolved. Any additional personal data collected during the submission transaction shall be erased within seven days at the latest.
5. Withdrawal right
The user has the right at any time to withdraw his or her consent for the processing of personal data. In order to assert this right, please send an email to the following address: info@innovation-forum-automation.com. All personal data stored in the context of the contact request shall then be erased. In this case, the conversation cannot be continued.
Newsletter
1. Description and scope of data processing
Our website provides the option of subscribing to our free newsletter (provide name, topic). When you subscribe to the newsletter, your email address as well as the name and address provided on the entry screen are transmitted to us. In addition, we collect the IP address of the accessing computer and the date and time of your registration. The newsletter shall be sent via our internal newsletter delivery system through our server area. Newsletters contain a “web beacon,” a pixel-sized file that is accessed by our delivery service when the newsletter is opened. This access initially includes technical information, such as information about the browser and your system, as well as your IP address and the time of access. The statistical information collected also determines whether the newsletter was opened, when it was opened and which links were clicked. The following declaration of consent is obtained in order to process data for the registration process, including a reference to this Data Privacy Statement:
“I agree that my data will be used to deliver the newsletter according to the Data Privacy Statement, and that newsletter tracking will be used to track my behavior in using the newsletter as well as to improve the newsletter. I can unsubscribe from the newsletter at any time by clicking on the corresponding link in the newsletter.”
No data shall be shared. Data shall exclusively be used to deliver and improve the newsletter.
2. Legal basis for data processing
The legal basis for processing data following the user’s registration for the newsletter, where the user has provided consent, is Art. 6 Sec. 1 lt. a GDPR.
3. Purpose of data processing
Collecting the user’s email address allows us to deliver the newsletter. The collection of other personal data in the context of the registration process allows us to prevent misuse of the services and of the provided email address. Information obtained from tracking shall be used for making technical improvements to the services using the technical data or target groups as well as your reading behavior, based on the access locations (which can be determined using the IP address) or access times. For technical reasons, this information can be assigned to individual newsletter recipients, but it shall only be analyzed in order to identify our users’ reading habits and to tailor our content to them, or to deliver varying content according to our users’ interests.
4. Duration of storage
Data shall be erased as soon as it is no longer needed to achieve the purpose for which it was collected. Thus, the user’s email address shall be stored as long as the newsletter subscription is active and/or where other legal bases continue to apply. As a rule, other personal data collected in the context of the registration process shall be erased within seven days.
5. Withdrawal right
The user in question can unsubscribe from the newsletter at any time. To this end, each newsletter includes a corresponding link, which is also used to withdraw consent for storage of the personal data collected during registration.
Eventbrite
We process the bookings on our website via "Eventbrite". The provider of this booking service is Eventbrite Inc, a Delaware registered company headquartered at 155 5th Street, Floor 7, San Francisco, CA 94103, USA (hereinafter "Eventbrite"). When you request a booking on our website, you will be redirected to Eventbrite's website. Your browser establishes a direct connection to the servers of Eventbrite, Inc. By redirection Eventbrite receives the information that your browser has called up the corresponding page of our website. This information (including your IP address) is transmitted directly from your browser to an Eventbrite server in the USA and stored there.
The purpose and scope of the data collection and the further processing and use of the data by Eventbrite, Inc. and your rights and setting options for the protection of your privacy can be found in the data protection information of Eventbrite, Inc. which you can access at https://www.eventbrite.de/support/articles/de/Troubleshooting/datenschutzrichtlinien-von-eventbrite?lg=en. The terms of use can be found at https://www.eventbrite.de/support/articles/de/Troubleshooting/nutzungsbedingungen-von-eventbrite?lg=en.
The data processing supplement published by Eventbrite for organizers, which expresses that personal data are treated strictly according to the principles of the EU-GDPR and the BDSG, can be found at https://www.eventbrite.de/support/articles/de/Troubleshooting/datenverarbeitungsnachtrag-fuer-veranstalter?lg=en The transmission of your data to Eventbrite Inc. takes place on the basis of Art. 6 para. 1 lit. a DSGVO (consent) and Art. 6 para. 1 lit. b GDPR (processing to fulfil a contract). You have the possibility to revoke your consent to data processing at any time. A revocation has no effect on the effectiveness of data processing operations in the past.
Google Maps
1. Scope of data processing
This website uses Google Maps API to visually represent geographic information. When Google Maps is used, Google also collects, processes and uses data about visitors’ use of the map function. More information about data processing by Google can be found in the Google privacy statement.
2. Legal basis
The legal basis is Art. 6 Section 1 Sentence 1 f GDPR.
3. Purpose
The purpose and our legitimate interest consist in providing you with the clearest possible directions.
4. Duration of storage, blocking right
Detailed instructions for managing your own data in conjunction with Google products can be found here. You can also change your personal data protection settings in the privacy center.
Embedded YouTube videos
1. Scope of data processing
We embed YouTube videos on some of our web pages. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. As a rule, when a page containing YouTube videos is opened, cookies are placed and information is collected about the visitor. However, we have embedded the videos in expanded data protection mode, which means that a connection shall be established with YouTube, but cookies shall only be placed if you actually open the video. If you have an account with the service or with partners of the service and are logged in to this account, your surfing behavior can be assigned to you personally when a cookie is placed. You can prevent this by logging out of the service account before opening the video.
2. Legal basis
The legal basis is Art. 6 Section 1 Sentence 1 lt. f GDPR.
3. Purpose
The purpose of embedding videos is to ensure effective publicity for the Automation Network Dresden. This also constitutes our legitimate interest.
4. Duration, blocking right
Information about the service’s data protection policies, particularly the storage and erasure periods, can be found in the provider’s data privacy policy under:
https://www.google.de/intl/de/policies/privacy/
Rights of the data subject
If personal data concerning you is processed, you are considered a data subject in the sense of the GDPR and you have the following rights with regard to the Controller:
1. Right of access
You have the right to request confirmation from the Controller as to whether personal data concerning you is being processed by us. Where this is the case, you can request information from the Controller about the following:
(1) the purposes for which personal data is being processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom the personal data has been or shall be disclosed;
(4) the envisaged period for which your personal data shall be stored, or, if this is not known, the criteria used to determine that period;
(5) the existence of a right to request from the Controller rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing;
(6) the existence of a right to lodge a complaint with a supervisory authority;
(7) all available information as to the source of the data, where the personal data was not collected from the data subject;
(8) the existence of automated decision-making, including profiling, pursuant to Art. 22 Sec. 1 and 4 GDPR and, at least in these cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information as to whether your personal data is transferred to a third country or an international organization. In this context, you can request information about the appropriate safeguards pursuant to Art. 46 GDPR relating to the transfer.
2. Right to rectification
You have the right to obtain from the Controller the rectification and/or completion of inaccurate personal data concerning you if your processed personal data is incorrect or incomplete. The Controller shall perform such rectification without undue delay.
3. Right to restriction of processing
Under the following conditions, you can request a restriction of processing for your personal data:
(1) if you contest the accuracy of your personal data, for a period enabling the Controller to verify the accuracy of the personal data;
(2) if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
(3) if the Controller no longer needs the personal data for the purposes of the processing, but you require it in order to establish, exercise or defend legal claims; or
(4) if you have objected to processing pursuant to Art. 21 Sec. 1 GDPR pending verification of whether the legitimate grounds of the Controller override your ground.
Where processing of your personal data has been restricted, this data shall, with the exception of storage, only be processed with your consent or in order to establish, exercise or defend legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.
If processing has been restricted pursuant to the above requirements, you shall be informed by the Controller before the restriction is lifted.
4. Right to erasure
a) Erasure obligation
You have the right to obtain from the Controller the erasure of personal data concerning you, and the Controller has the obligation to erase such data without undue delay where one of the following grounds applies:
(1) Your personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
(2) You withdraw your consent on which the processing was based pursuant to Art. 6 Sec. 1 lt. a or Art. 9 Sec. 2 lt. a GDPR, and where there is no other legal basis for the processing.
(3) You object to the processing pursuant to Art. 21 Sec. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 Sec. 2 GDPR.
(4) Your personal data was unlawfully processed.
(5) Your personal data must be erased for compliance with a legal obligation under Union or Member State law to which the Controller is subject.
(6) Your personal data was collected in relation to the offer of information society services pursuant to Art. 8 Sec. 1 GDPR.
b) Information shared with third parties
Where the Controller has made your personal data public and is obliged pursuant to Art. 17 Sec. 1 GDPR to erase the personal data, the Controller, taking account of the available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers that are processing the personal data that you as the data subject have requested the erasure by such controllers of any links to, or copy or replication of, this personal data.
c) Exceptions
The erasure right shall not apply to the extent that processing is necessary:
(1) for exercising the right of freedom of expression and information;
(2) for compliance with a legal obligation that requires processing under Union or Member State law to which the Controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;
(3) for reasons of public interest in the area of public health pursuant to Art. 9 Sec. 2 lt. h and i as well as Art. 9 Sec. 3 GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Art. 89 Sec. 1 GDPR, in so far as the right referred to in paragraph a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
(5) to establish, exercise or defend legal claims.
5. Notification right
If you have asserted your right to rectification, erasure or restriction of processing toward the Controller, the Controller shall notify all recipients to whom your personal data has been disclosed about this rectification or erasure of personal data or restriction of processing, unless this proves impossible or involves disproportionate effort. You have the right to obtain information from the Controller about these recipients.
6. Right to data portability
You have the right to receive your personal data, which you have provided to the Controller, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data was provided, where:
(1) the processing is based on consent pursuant to Art. 6 Sec. 1 lt. a GDPR or Art. 9 Sec. 2 lt. a GDPR or on a contract pursuant to Art. 6 Sec. 1 lt. b GDPR and
(2) the processing is carried out by automated means.
In exercising this right, you also have the right to have your personal data transmitted directly from one controller to another, where technically feasible. This shall not adversely affect the rights and freedoms of others. The right to data portability shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.
7. Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, which is based on Art. 6 Sec. 1 lt. e or f GDPR, including profiling based on these provisions. The Controller shall no longer process your personal data unless the Controller can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or unless the processing serves the purpose of establishing, exercising or defending legal claims. Where your personal data is processed for direct marketing purposes, you shall have the right to object at any time to the processing of your personal data for the purpose of such marketing; this includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, your personal data shall no longer be processed for such purposes. In the context of the use of information society services, notwithstanding Directive 2002/58/EC, you may exercise your objection right by automated means using technical specifications.
8. Right to withdraw consent under data protection law
You have the right to withdraw your declaration of consent under data protection law at any time. Withdrawal of your consent shall not affect the lawfulness of any processing that took place on the basis of your consent before the time of the withdrawal.
9. Automated individual decision-making, including profiling
You shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision:
(1) is necessary for entering into, or performance of, a contract between you and the Controller,
(2) is authorized by Union or Member State law to which the Controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or
(3) is based on your explicit consent.
However, such decisions shall not be based on special categories of personal data pursuant to Art. 9 Sec. 1 GDPR unless Art. 9 Sec. 2 lt. a or g GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place. In the cases referred to in points (1) and (3), the Controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the Controller, to express your own point of view and to contest the decision.
10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant about the progress and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.