Data Privacy Statement

Staus 22.5.2018

Preamble

The sections below contain information on the collection of personal data during use of our website. Personal data is defined as all specific information which can be traced back to you personally, e.g. name, address, e-mail addresses, user behaviour.

Responsible company / Data Protection Officer

Company responsible for data processing Data Protection Officer of the company responsible
ESG Elektroniksystem- und Logistik-GmbH
Ingolstädter Straße 45
80807 München
Germany

Legal representative:
Horten, Kai, Board of Management and
Ohlsen, Jörg, Board of Management

Heussen Rechtsanwaltsgesellschaft mbH
Dr. Georg Schröder
Brienner Straße 9
80333 München

Germany

Contact data privacy

General data collection when our website is accessed

When you access our website merely for informational purposes, that is, if you do not register with us or otherwise submit information to us, we collect only the personal data transmitted to our server by your browser. If you wish to view our website, we collect the following data, which we require for technical reasons in order to display our website to you and to guarantee stability and security (the legal basis is legitimate interest in accordance with Art. 6 Paragraph. 1 S. 1 lit. f GDPR):

Data Purpose of processing Storage duration
Adress and full path of the requested website with optional request parameters in the URL Display of the Website The data are deleted, at the end of the respective request
Operating system used Evaluation by device to ensure optimised display of the website The data are deleted at the end of the respective session.
Information on browser type and version used Evaluation of browsers in order to optimise our web pages for their use The data are deleted at the end of the respective session.
IP address Display of the website on the respective device The data are deleted at the end of the respective session.
Date and time of access Ensuring proper operation of the website The data are deleted at the end of the respective session.
Where applicable, manufacturer and type designation of smartphones, tablet computers or other end devices Evaluation of device manufacturers and end device types for statistical purposes The data are deleted at the end of the respective session.
Log files with response code of the request und all data in this table Ensuring proper operation of the website The data will be made anonymous after 7 days. The data will be deleted when the web servers are reset every few years.

The collection of data for provision of the website and the storage of data in log files is essential for operation of the website. Consequently, users have no right of objection to this use of their data.

 

Cookies - general information

Our website uses cookies. Cookies are text files stored in the Internet browser or transferred by the Internet browser to the user’s computer system. When a user accesses a website, a cookie may be stored in the user’s operating system. This cookie contains a distinctive character string which allows clear identification of the browser if the website is accessed again.

Cookies – distinction between cookie types

a) Technically essential cookies

We use cookies in order to make our website more user-friendly. Some elements of our website make it necessary to identify the accessing browser even after switching to another web page.

Name of the cookie Purpose of processing Legal basis for processing Storage duration
__RequestVerificationToken_
(followed by a sequence of digits and letters)
verification of the request legitimate interest till the end of the session
atlassian.xsrf.token Jira legitimate interest till the end of the session
defaultLanguage support multiple languages legitimate interest one month
ESGIpSession Portal legitimate interest till the end of the session
ESGLogin Portal legitimate interest till the end of the session
ext-expires Taranis legitimate interest one week
fe_typo_user process contact forms and registration forms for courses legitimate interest till the end of the session
JSESSIONID Jira,VDI legitimate interest till the end of the session
nc_sameSiteCookielax Nextcloud legitimate interest till january 2101
nc_sameSiteCookiestrict Nextcloud legitimate interest till january 2101
occ(followed by a sequence of digits and letters) Nextcloud legitimate interest till the end of the session
oc_sessionPassphrase Nextcloud legitimate interest till the end of the session
PHPSESSID PHP Application legitimate interest till the end of the session
sid jobs, session legitimate interest one hour
TaranisApplication Taranis legitimate interest till the end of the session
WPITStartupTestSession Issue Tracker legitimate interest till the end of the session
WPITStartupTestPersistent Issue Tracker legitimate interest one month
cookieconsent_status Tracking  legitimate interest one year
PIWIK_SESSID Tracking  legitimate interest one year
 _pk_id.1.(Ziffer/Buchstabenfolge) Tracking  legitimate interest one year
_pk_ses.1.(Ziffer/Buchstabenfolge) Tracking  legitimate interest one year

Technically essential cookies are not always necessary in order to display the website. However, some functions of the website, e.g. contact form, registering for a course etc. cannot be used correctly without these cookies. Users consequently have no right of objection, though these cookies can be deactivated in the settings of the respective browser.

 

Analysis service

We use Matomo, a web analytics open-source software. Matomo uses "cookies", which are text files placed on your computer to help us analyse how users use the website. The information generated by the cookie about your use of the website will be stored on our servers in Germany and used to help optimise the website. As your IP address is anonymised immediately, you remain anonymous to us. The information is not passed on to third-parties. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. If you do not agree with the storage and analysis of this data from your use of the website, you can withdraw your consent below at any time (Opt-out):

The legal basis for the processing of personal data is Art. 6 (1), sentence 1, lit. f GDPR. Matomo is an open-source project. Find more Information at:

https://matomo.org/privacy-policy/

Please note: If you delete your cookies, this means that the opt-out cookie will also be deleted and may need to be re-activated by you.

 

Contact form

You can contact us at any time via our e-mail address or the contact form. The personal data submitted by you in this manner will, of course, be used exclusively for the purpose for which you provided it.

Data Purpose of processing Legal basis for processing Storage duration
IP address on registration Transmission of the content of the form to the web server Consent / initiation/performance of the contractual relationship / processing of the request Until connection is established
Message Processing the request Consent / initiation/performance of the contractual relationship / processing of the request Until purpose is achieved / end of obligation of verification
Form of address direct address Consent / initiation/performance of the contractual relationship / processing of the request Until purpose is achieved / end of obligation of verification
Surname direct address Consent / initiation/performance of the contractual relationship / processing of the request Until purpose is achieved / end of obligation of verification
Last name direct address Consent / initiation/performance of the contractual relationship / processing of the request Until purpose is achieved / end of obligation of verification
E-Mail-Address Responding to the inquiry Consent / initiation/performance of the contractual relationship / processing of the request Until purpose is achieved / end of obligation of verification
phone number Responding to the inquiry Consent / initiation/performance of the contractual relationship / processing of the request Until purpose is achieved / end of obligation of verification

 

Registered users on website esg-defencesecurity.com/en/ncore

Upon request, we will register you on this website. For registration we request and store the following personal data :

Data Purpose of processing Legal basis for processing Storage duration
User name Creation of customer account Execution of the usage contract 2 years after last login
Password Creation of customer account Execution of the usage contract 2 years after last login
E-mail address Creation of customer account Execution of the usage contract 2 years after last login
IP address on registration Transmission of data to web server on registration Execution of the usage contract Until connection is established
organisation Communication with customers Consent / initiation/performance of the contractual relationship Until revoked by user
Country Communication with customers Consent / initiation/performance of the contractual relationship Until revoked by user


Disclosure of data

Your personal data will not be disclosed to third parties for any purpose other than those listed below.

We only pass on your personal data if:

  • you have expressly consented to this,
  • disclosure is required for the assertion, exercise or defence of legal claims and there is no reason to presume that you have an overriding legitimate interest in non-disclosure of your data,
  • we are under legal obligation to disclose the data, and
  • where this is legally permissible and necessary for the processing of contractual relationships with you.

 

Notification of data protection rights

a) Right to withdraw your data protection consent according to Art. 7(3) s. 1 GDPR
You can withdraw your consent to the processing of your personal data at any time with effect for the future. However, this does not affect the legality of the processing until revocation.

b) Right of access according to Art. 15 GDPR
You have the right to request confirmation whether we obtain personal data concerning you.
In this case you have the right to get information about your personal data as well as further information, e.g. the purposes of processing, categories of personal data concerned, the recipients and the planed period of storage or the criteria used to determine that period.

c) Right to obtain rectification and completion according to Art. 16 GDPR
You have the right to obtain the correction of incorrect data without delay. Taking into account the purposes of the processing, you have the right to obtain the completion of incomplete data.

d) Right to erasure ("right to be forgotten") according to Art. 17 GDPR
You have a right of erasure, as far as the processing is not necessary. This is the case, if your data is no longer necessary for the original purposes, for example if you have withdrawn your consent or if the data was processed unlawfully.     
    
e) Right restriction of processing according to Art. 18 GDPR
You have the right to obtain processing, e.g. if you believe that the personal data is incorrect.

f) Right to data portability according to Art. 20 GDPR
You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format.

g) Right to object according to Art. 21 GDPR
You have the right to object at any time to the processing of certain personal data concerning you for reasons arising from your particular situation.

In the case of direct marketing, you as the data subject have the right to object at any time to the processing of personal data concerning you for the purpose of advertising; this also applies to profiling, insofar as it is associated with direct marketing.

h) Automated individual decision-making, including profiling according to Art. 22 GDPR
You have the right not to be subject to a decision based solely on automated processing - including profiling - except in the exceptional circumstances mentioned in Art. 22 GDPR.

A decision based solely on automated processing - including profiling - does not take place.

i) Right to lodge a complaint with a data protection supervisory authority according to Art. 77 GDPR
You can also lodge a complaint with a data protection supervisory authority at any time, for example if you believe that data processing is not in compliance with data protection regulations.

Competent supervisory authority:
Bavarian State Office for Data Protection Supervision    
PO Box 606    
91511 Ansbach    
Germany

Telephone: +49 (0) 981 53 1300
Telefax: +49 (0) 981 53 98 1300
E-mail: poststelle@lda.bayern.de

 

Notification of possibility to lodge a complaint

In addition, you have the right to lodge a complaint with the responsible data protection supervisory authority regarding the processing of your personal data by us.

 

Notification of possibility to revoke consent

You are entitled to withdraw your consent to the processing of your personal data by us at any time. This also applies to the revocation of declarations of consent granted to us before the General Data Protection Regulation came into effect, that is, before 25 May 2018. Please note that such revocation is only effective for the future. It does not apply to processing of data which took place before consent was revoked.

 

Links to other websites

Our web pages may contain links to the websites of other providers. We expressly point out that this Data Privacy Statement applies exclusively to the websites of ESG. We have no control over nor do we monitor whether other providers comply with valid data protection regulations.

 

Changes to the Data Privacy Statement

We reserve the right to amend or adapt this Data Privacy Statement at any time, in compliance with the applicable data protection regulations.