Data Privacy Policy

1. General provisions

1.1 Scope of processing of personal data

As a matter of principle, we only process our users’ personal data to the extent that this is necessary to provide a functional website and our content and services. Our users’ personal data is usually only processed with the user’s consent. An exception is made in those cases where prior consent cannot be obtained for factual reasons and processing of the data is permitted by law.


1.2 Legal basis for processing of personal data

The processing of personal data is lawful under Art. 6(1) a of the EU’s General Data Protection Regulation (GDPR) provided we obtain the consent of the data subject to processing activities involving personal data.

Art. 6(1) b GDPR serves as the legal basis when processing personal data required for the performance of a contract to which the data subject is a party. This also applies to processing which is necessary prior to entering into a contract.


The processing of personal data necessary for compliance with a legal obligation to which our company is subject is lawful under Art. 6(1) c GDPR.


The legal basis for processing which is necessary in order to protect the vital interests of the data subject or of another natural person is Art. 6(1) d GDPR.


Processing which is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, is lawful under Art. 6(1) f GDPR.


1.3 Data erasure and storage duration

The personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Personal data may also be stored if required by European or national laws, European Union regulations, laws or other legal provisions to which the responsible party is subject. Data is also blocked or erased if a period of storage stipulated in the stated legal provisions expires, unless the data must continue to be stored for the purpose of entering or fulfilling a contract.


2. Name and address of the accountable company:

Accountable company within the meaning of the General Data Protection Regulation and other national data protection laws of the member states and other data protection provisions is:


VDI Verlag GmbH

VDI-Platz 1

40468 Düsseldorf

Germany


Tel.: +49 211 6188-0

E-mail: geschaeftsfuehrung@vdi-nachrichten.com

Website: www.vdi-verlag.de


3. Contact for data protection enquiries

If you have any questions regarding data protection, please contact us at datenschutz@vdi-nachrichten.com


4. Use of cookies

a) Description and scope of data processing

We use cookies on our website. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. If a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that allows the browser to be uniquely identified when you return to the website.

The cookies we use serve various purposes:


4.1 Technically required cookies

These cookies serve the technical provision of our internet services. In particular, they are required to identify certain functions such as logging into your user account, identifying your browser for the duration of your visit, including visiting various pages, or accessing personal settings.


b) Lawfulness of data processing

The legal basis for processing personal data while using cookies is Art. 6(1) f GDPR.


c) Purpose of data processing

The purpose of using technically required cookies is to simplify website use for users. Some functions of our website cannot be offered without using cookies. For these functions it is necessary that the browser is recognised even after a page change.


The user data collected through technically required cookies is not used to create user profiles.


d) Duration of storage, possibility of objection and removal

Cookies are stored on the user’s computer and thence transmitted to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Already stored cookies can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.


5. Provision of the website and creation of log files

5.1 Description and scope of data processing

Whenever you visit our website, our system automatically collects data and information from the computer system of the computer being used. The following data is collected:


  1. the date and time you access one of our Internet pages
  2. your browser type
  3. your browser settings
  4. your IP address
  5. the pages you visit
  6. the Internet address of the website from which you came to our website by clicking a link (so-called referrer).


The data is also stored in the log files of our system. This data is not stored together with the user’s other personal data.


5.2 Lawfulness of data processing

The legal basis for temporary storage of the data and log files is Art. 6(1) f GDPR.


5.3 Purpose of data processing

The data is stored in log files to ensure the functionality of the website. Furthermore, the data helps us to optimise the website and to ensure the security of our information technology systems. The data is not analysed for marketing purposes in this context. These purposes also include our legitimate interest in data processing in accordance with Art. 6(1) f GDPR.


5.4 Duration of storage

The data will be deleted as soon as it is no longer required for the purpose for which it was collected. If data is stored in log files, it must be deleted no later than seven days. The data may be stored for longer than this. In this case, the IP addresses of the users are deleted or alienated in such a way that they can no longer be assigned to the calling client.


5.5 Possibility of objection and removal

The collection of data for delivering the website and the storage of data in log files is mandatory for running the website. Consequently, the user has no possibility of objection.


6. Contact via e-mail

You can contact us via the e-mail address provided in the legal notice. In this case the user’s personal data transmitted with the e-mail is stored.

The data is not passed on to third parties in this context. The data is used exclusively for processing the conversation and only after the user’s consent in the sense of Art. 6(1) a GDPR.

The legal basis for processing the data transmitted in the course of sending the e-mail is Art. 6(1) f GDPR. If the purpose of contact via e-mail is to conclude a contract, the additional legal basis for the processing is Art. 6(1) b GDPR.


6.1 Purpose of data processing

The processing of personal data from the entry form solely helps us to process the contact. In the case of contacting us via e-mail, this is also the necessary legitimate interest in processing the data.


6.2 Duration of storage

The data will be deleted as soon as it is no longer required for the purpose for which it was collected. For the personal data from the entry form of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation ends when it is clear from the circumstances that the matter in question has been definitively settled.

Any additional personal data collected during the sending process will be deleted after a period of seven days at the latest.


6.3 Possibility of objection and removal

The user has the option of revoking his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case the conversation cannot be continued.


A description follows of how to revoke consent and object to storage. All personal data stored during the contact will be deleted in this case.


7. Data subject rights

The following list includes all the rights of the data subjects under the GDPR. Rights that are not relevant to our website do not need to be mentioned. In this respect the list may be shortened.

If your personal data is processed, you are a data subject within the meaning of the GDPR and you are entitled to the following rights vis-à-vis the responsible party:


7.1 Right of notification

You can request confirmation from the data responsible party of whether personal data relating to you is being processed by us.


If personal data relating to you is being processed, you can request the following information from the responsible party:


  1. the purposes for which the personal data is processed;
  2. the categories of personal data which are processed;
  3. the recipients or categories of recipients to whom the personal data relating to you has been or will be disclosed;
  4. the intended duration of storage of the personal data relating to you or, if it is not possible to give specific details, criteria for determining the duration of storage;
  5. the existence of a right of rectification or erasure of personal data relating to you, a right to have the processing limited by the responsible party or a right to object to such processing;
  6. the existence of a right of appeal to a supervisory authority;
  7. any available information as to the source of the data if the personal data has not been collected from the data subject;
  8. the existence of automated decision making, including profiling, in accordance with Art. 22 (1) and (4) GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing on the data subject. You have the right to request information as to whether personal data relating to you is being transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees under Art. 46 GDPR in connection with the transfer.


7.2 Right to rectification

You have the right to obtain the rectification of personal data relating to you and the supplementation of incomplete personal data from the data responsible party. The data responsible party will comply without undue delay.


7.3 Right to restriction of processing

When one of the following applies you have the right to obtain from the responsible party restriction of processing:


  1. if you dispute the accuracy of the personal data relating to you for a period of time which enables the responsible party to verify the accuracy of the personal data;
  2. if the processing is unlawful and you object to the erasure of the personal data and instead request that use of the personal data be restricted;
  3. if the responsible party no longer needs the personal data for the purposes of the processing but you need it for the purpose of asserting, exercising or defending legal claims, or
  4. if you object to the processing pursuant to Art. 21 (1) GDPR and it has not yet been established whether the legitimate reasons of the responsible party override your reasons. Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with the data subject’s consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. If you have obtained restriction of processing pursuant to the above the responsible party will inform you before the restriction of processing is lifted.


7.4 Right to erasure

A) Duty of erasure

You have the right to obtain from the responsible party the erasure of personal data relating to you without undue delay and the responsible party has the obligation to erase personal data without undue delay where one of the following reasons applies:


  1. The personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
  2. You withdraw your consent on which the processing is based pursuant to Art. 6(1) a) or Art. 9(2) a GDPR, and where there is no other legal basis for the processing.
  3. You object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing pursuant to Art. 21(2) GDPR.
  4. The personal data relating to you has been unlawfully processed.
  5. The personal data has to be erased in compliance with a legal obligation in European Union or Member State law to which the responsible party is subject.
  6. The personal data has been collected in relation to the offer of information society services referred to in Art. 8(1) GDPR.

B) Information to third parties

Where the responsible party has made the personal data relating to you public and is obliged pursuant to Art. 17(1) GDPR to erase the personal data, the responsible party, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform responsible partys which are processing the personal data the data subject has requested the erasure by such responsible parties of any links to, or copy or replication of, that personal data.


c) Exceptions

The right of erasure shall not apply insofar as processing is necessary


  1. for the exercise of the right to freedom of expression and information;
  2. to comply with a legal obligation to which the processing is subject under European Union or Member State law to which the responsible party is subject or in the performance of a task carried out in the public interest or in the exercise of official authority vested in the responsible party;
  3. for reasons of public interest relating to public health pursuant to Art. 9 (2) h and i as well as Art. 9 (3) GDPR;
  4. for archiving, scientific or historical research purposes in the public interest or for statistical purposes in accordance with Art. 89 (1) GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously prejudice the attainment of the objectives of such processing, or
  5. to assert, exercise or defend legal claims.


7.5 Right to notification

If you have exercised your right of any rectification or erasure of personal data or restriction of processing vis-a-vis the responsible party, the responsible party is required to communicate any rectification, erasure or restriction of processing of personal data to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.

You have the right to obtain information from the responsible party about those recipients.


7.6 Right to data portability

You have the right to receive your personal data which you have provided to a responsible party, in a structured, commonly used and machine-readable format Furthermore, you have the right to transfer this data to another responsible party without hindrance by the responsible party to whom the personal data has been made available, provided that

  1. the processing is based on consent pursuant to Art. 6 (1) a GDPR or Art. 9 (2) a GDPR or on a contract pursuant to Art. 6 (1) b GDPR and
  2. the processing is carried out with the aid of automated processes.

In exercising this right to data portability you also have the right to have the personal data transmitted directly from one responsible party to another, where technically feasible. This may not adversely affect the rights and freedoms of others.


The right to data transferability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the responsible party.


7.7 Right to object

You have the right to object, for reasons arising from your particular situation, at any time to processing of personal data relating to you on the basis of Art. 6(1) e or f GDPR; including profiling based on these provisions.

The responsible party will no longer process the personal data relating to you unless it can demonstrate compelling legitimate reasons for the processing which override your interests, rights and freedoms, or the processing is necessary for the assertion, exercise or defence of legal claims.


Where personal data relating to you is processed for direct marketing purposes, you have the right to object at any time to processing of personal data for such marketing purposes, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data relating to you will no longer be processed for such purposes.


In the context of the use of information society services, and notwithstanding Directive 202/58/EC, you may exercise your right to object by automated means using technical specifications.


7.8 Right to revoke consent

You have the right to revoke your declaration of consent under data protection law at any time. This does not affect the lawfulness of processing up to the time of revocation.


7.9 Automated, individual decision-making, including profiling

You have the right not to be subject to a decision based exclusively on automated processing - including profiling - that has legal effect on you or significantly impairs you in a similar manner. This shall not apply if the decision


  1. is necessary for the conclusion or performance of a contract between you and the responsible party,
  2. is authorised by European Union or Member State legal provisions to which the responsible party is subject and such legal provisions provide for appropriate measures to safeguard your rights and freedoms and your legitimate interests, or
  3. is made with your express consent.


However, these decisions may not be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests. With regard to the cases referred to in (1) and (3), the responsible party shall take appropriate measures to safeguard the rights and freedoms and your legitimate interests, which shall include at least the right to obtain the intervention of any person from the responsible party, to express your point of view and to challenge the decision.


7.10 Right of appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to appeal to a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.


The supervisory authority to which you appeal shall inform the appellant about the status and outcome of the appeal, including the right to an effective judicial remedy pursuant to Art. 78 GDPR.


8 Data privacy policy on the use of Google Tag Manager

“This website uses Google Tag Manager. This services allows website tags to be managed using an interface. The Google Tag Manager only implements tags. This means: No cookies are used and no personal data is collected. The Google Tag Manager causes other tags to be activated which may, in turn, collect data under certain circumstances. However, the Google Tag Manager does not access this data. If recording has been deactivated on domain or cookie level, this setting will remain in place for all tracking tags implemented with Google Tag Manager.


More information about the Google Tag Manager can be found here:


http://www.google.de/tagmanager/faq.html

http://www.google.de/tagmanager/use-policy.html


9 Google Analytics

For the purpose of designing our website to meet the needs of our users and for the continuous optimisation of our website, we use Google Analytics, a web analysis service provided by Google Inc. ("Google"). Web analysis is the acquisition, collection and evaluation of data on the behaviour of website visitors. Among other things, a web analysis service collects data on the website from which a visitor accesses a website (so-called referrer), which subpages of the website were accessed or how often and for how long a subpage of the website was accessed or how often and for how long a subpage was viewed. A web analysis service is predominantly used in order to optimise a website and to analyse the value for money of Internet advertising.


The provider of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.


The use is lawful under Art. 6(1) sentence 1 f GDPR. Google Analytics uses “cookies”; these are text files which are stored on your computer to analyse the way you use the website. The information generated by the cookie about your use of the website such as

Browser type / version,

operating system used,

referrer URL (the previously visited page),

host name of the computer used for access (IP address),

time of server requestare transmitted to servers and stored there. The information is used to evaluate use of the website, to compile reports on website activities and to provide further services associated with use of the website and the Internet for the purposes of market research and the design of this website as needed. If necessary, this information may also be transferred to third parties to the extent that this is prescribed by law or where third parties process the data on commission.


Under no circumstances will the IP address be linked to other data relating to the user. We use the suffix “_gat._anonymizeIp” for web analysis with Google Analytics. Using this suffix, the IP address of the Internet connection is truncated and anonymised by Google, if our website is accessed from a European Union Member State or another state that is a party to the Agreement on the European Economic Area.


The user may prevent the installation of cookies by selecting the appropriate settings on the browser; however, we would like inform you that in this case the full functionality of this website might not be available.

The user can object to the creation of user profiles at any time. To do so, you must download and install a browser add-on, via the link https://tools.google.com/dlpage/gaoptout?hl=de. This browser add-on informs Google Analytics via JavaScript that no data or information on website visits may be transferred to Google Analytics. The installation of the browser add-on is recognised by Google as an opt out. If the information technology system of the data subject is deleted, reformatted or reinstalled at a later point in time then you must reinstall the browser add-on, in order to deactivate Google Analytics again. If the browser add-on is de-installed or deactivated by you or by another person within your sphere of influence, it is possible to reinstall or reactivate the browser add-on.


Further information on the Google privacy policy can be found at https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html. An explanation of Google Analytics is provided at https://marketingplatform.google.com/about/.