Skip to main navigation Skip to main content Skip to page footer
My Site Package My Site Package

Privacy policy of Neue ZWL Zahnradwerk Leipzig GmbH

Foreword

We, Neue ZWL Zahnradwerk Leipzig GmbH and our subsidiaries, take the protection of your personal data seriously and would like to take this opportunity to inform you about data protection in our company.

Within the scope of our data protection responsibilities under the General Data Protection Regulation (GDPR), we have been assigned obligations to ensure the protection of personal data of the data subject affected by processing.

Insofar as we decide, either alone or jointly with others, on the purposes and means of data processing, this primarily includes the obligation to inform you transparently about the nature, scope, purpose, duration and legal basis of the processing (Articles 13 and 14 GDPR). With this declaration (hereinafter referred to as data protection information), we inform you about how we process your personal data.

  1. General

1. Definitions

Based on Art. 4 GDPR, this privacy policy is based on the following definitions.

  • ‘Personal data’ (Art. 4 No. 1 GDPR) is any information relating to an identified or identifiable person (data subject). A person is identifiable if they can be identified directly or indirectly, in particular by means of an identifier, location data or information about their physical, psychological, genetic, mental, economic, cultural or social identity. Identifiability may also be given by linking such information or other additional knowledge. The form or embodiment of the information is irrelevant.
  • ‘Processing’ (Art. 4 No. 2 GDPR) is any operation involving personal data, whether or not with the aid of automated processes. This includes, in particular, the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data, as well as the change of a purpose or objective originally underlying data processing.
  • ‘Controller’ (Art. 4 No. 7 GDPR) is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
  • ‘Processor’ (Art. 4 No. 8 GDPR) is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller, in particular in accordance with its instructions.
  • ‘Consent’ (Art. 4 No. 11 GDPR) of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Name and address of the controller

The controller responsible for the processing of your personal data within the meaning of Art. 4 No. 7 GDPR is us, the

Neue ZWL Zahnradwerk Leipzig GmbH

Ostende 5, 04288 Leipzig

+49 34297 85202

Email gf.sekretariat@nzwl.de

For further information about our company, please refer to the legal notice on our website.

3. Contact details of the data protection officer

Our company data protection officer is available at any time to answer any questions you may have and to act as your contact person for data protection issues. His contact details are:

Lawyer Olaf Köhler

Gustav-Mahler-Str. 8, 04109 Leipzig

Email datenschutz@nzwl.de

4. Legal basis for data processing

By law, any processing of personal data is prohibited in principle and is only permitted if the data processing falls under one of the following justifications.

  • Art. 6 (1) (a) GDPR (consent). Where the data subject has freely given, specifically, informed and unambiguous consent for the processing of his or her personal data for one or more specific purposes;
  • Art. 6(1)(b) GDPR.

If processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; Art. 6(1)(c) GDPR. If processing is necessary for compliance with a legal obligation to which the controller is subject (e.g. statutory retention obligations);

  • Art. 6(1)(d) GDPR. If processing is necessary to protect the vital interests of the data subject or another natural person;
  • Art. 6(1)(e) GDPR. If processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; or
  • Art. 6 (1) (f) GDPR (legitimate interests). If processing is necessary to safeguard the legitimate (in particular legal or economic) interests of the controller or a third party, unless the opposing interests or rights of the data subject prevail.

5. Data deletion and storage period

Unless an explicit storage period is specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for storage no longer applies.

However, storage may continue beyond the specified period in the event of a (threatened) legal dispute with you or other legal proceedings, or if storage is required by legal provisions to which we as the controller are subject (e.g. Section 257 of the German Commercial Code (HGB), Section 147 of the German Fiscal Code (AO)). Tax retention periods are generally 10 years, for example. When the storage period prescribed by law expires, the personal data will be blocked or deleted, unless further storage by us is necessary and there is a legal basis for this.

6. Data security

We use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties, taking into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing as well as the existing risks of a data breach for the data subject. Our security measures are continuously improved in line with technological developments.

We will be happy to provide you with further information on request. Please contact our data protection officer for this purpose.

7. Recipients of data

Within our company, those departments that need your data to fulfil our contractual and legal obligations have access to it. Service providers and vicarious agents employed by us (e.g. technical service providers, shipping companies, waste disposal companies) may also receive data for these purposes. We limit the disclosure of your personal data to what is necessary, taking into account data protection regulations.

Finally, in individual cases, we transfer personal data to our advisors in legal or tax matters, whereby these recipients are obliged to maintain special confidentiality and secrecy due to their professional status.

8. Cooperation with processors

As with any large company, we also use external service providers to handle our business transactions. These service providers only act on our instructions and are contractually obliged to comply with data protection regulations in accordance with Art. 28 GDPR.

9. No automated decision-making (including profiling)

We do not intend to use personal data collected from you for automated decision-making (including profiling).

10. No obligation to provide personal data

We do not make the conclusion of contracts with us dependent on you providing us with personal data in advance. As a customer, you are generally not under any legal or contractual obligation to provide us with your personal data, but we may only be able to provide certain offers to a limited extent or not at all if you do not provide the necessary data.

11. Legal obligation to transfer certain data

Under certain circumstances, we may be subject to a specific legal or regulatory obligation to provide lawfully processed personal data to third parties, in particular public authorities (Art. 6(1)(c) GDPR).

12. Your rights

You can exercise your rights as a data subject with regard to your processed personal data at any time by contacting us using the contact details provided. As a data subject, you have the right

  • under Art. 15 GDPR to request information about your data processed by us. If this is the case, you are also entitled under Art. 15 GDPR to information about this personal data and certain other information (including processing purposes, categories of personal data, categories of recipients, planned storage period, origin of the data, use of automated decision-making and, in the case of third-country transfers, the appropriate safeguards) and a copy of your data. The restrictions of § 34 BDSG apply;
  • pursuant to Art. 16 GDPR, to request the immediate correction of incorrect data or the completion of your data stored by us;
  • pursuant to Art. 17 GDPR, to request the deletion of your data stored by us. The right to erasure does not apply if the processing of personal data is necessary, e.g. to fulfil a legal obligation (e.g. statutory retention obligations) or to assert, exercise or defend legal claims. In addition, the restrictions of § 35 BDSG apply.
  • to request the restriction of the processing of your data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you or the processing is unlawful
  • to request that we provide you with the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format in accordance with Art. 20 GDPR.

pursuant to Art. 7(3) GDPR, to revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent that were given to us before the GDPR came into force, i.e. before 25 May 2018. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected. To declare the revocation, an informal notification by e-mail to us is sufficient.

  • In accordance with Art. 21 GDPR, you have the right to object to the processing of your personal data, in which case we must stop processing your personal data. The right to object only applies within the limits set out in Art. 21 GDPR. In addition, our interests may prevent us from stopping processing, in which case we are entitled to process your personal data despite your objection.
  • If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. The objection can be raised informally by email to us.
  • In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data in our company, for example with the data protection supervisory authority responsible for us. The competent data protection supervisory authority is the

Saxon Data Protection and Transparency Commissioner

Postfach 11 01 32

01330 Dresden

Email post@sdtb.sachsen.de

13. Changes to the data protection information

In the context of the further development of data protection law and technological and organisational changes, our data protection information is regularly reviewed for the need for adjustments and additions. We will inform you of any changes in particular on our website at www.nzwl.de.

B. Visiting our website

Information about our company and the services we offer can be found in particular at www.nzwl.de. When you visit our website, your personal data may be processed.

For the technical provision of the website, it is necessary for us to process certain information automatically transmitted by your browser so that our website can be displayed in your browser and you can use the website. This information is automatically collected each time you visit our website and automatically stored in so-called server log files. This includes:

  • Browser type and browser version
  • Operating system used
  • Website from which access is made (referrer URL)
  • Host name of the accessing computer
  • Date and time of access
  • IP address of the requesting computer

The storage of the aforementioned access data is necessary for technical reasons to provide a functional website and to ensure system security. This also applies to the storage of your IP address, which is necessary and, under certain conditions, may at least theoretically enable your personal identification. Beyond the aforementioned purposes, we use server log files exclusively for the needs-based design and optimisation of our website, purely for statistical purposes and without any conclusions being drawn about your person. This data is not merged with other data sources, nor is it evaluated for marketing purposes.

The access data collected during the use of our website is only stored for the period of time required to achieve the above purposes. Your IP address is stored on our web server for a maximum of 7 days for IT security purposes.

If you visit our website to find out about our range of products and services or to use them, the basis for the temporary storage and processing of access data is Art. 6 (1) (b) GDPR (legal basis), which permits the processing of data for the performance of a contract or for the implementation of pre-contractual measures. In addition, Art. 6 (1) (f) GDPR serves as the legal basis for the temporary storage of technical access data. Our legitimate interest here is to be able to provide you with a technically functional and user-friendly website and to ensure the security of our systems.

1. Processing of data from your end devices (cookies)

We use so-called cookies on our website in some cases. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure and to enable the provision of certain functions. Cookies are small text files that are stored on your computer and saved by your browser. A cookie contains a characteristic string of characters that enables your browser to be uniquely identified when you visit the website again.

Most of the cookies we use are so-called ‘session cookies’. They are automatically deleted at the end of your visit or browser session (so-called transient cookies). Other cookies remain stored on your device for a specified period of time or until you delete them (so-called persistent cookies). These cookies enable us to recognise your browser the next time you visit. Upon written request, we will be happy to provide further information about the functional cookies we use. Please contact datenschutz@nzwl.de

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close your browser. You can regularly obtain information on how to deactivate cookies via the ‘Help’ function of your internet browser. Deactivating cookies may restrict the functionality and/or complete availability of this website.

Any use of cookies that is not technically necessary constitutes data processing, which is only permitted with your express and active consent in accordance with Art. 6 (1) (a) GDPR. We only use these cookies with your consent, which you can select on your first visit to our website using the cookie consent tool. The functions are only activated with your consent and can be used in particular to analyse and improve visits to our website, to make it easier for you to use different browsers or end devices, to recognise you when you visit, or to display advertising.

You can revoke your consent at any time without affecting the lawfulness of the processing until revocation.

C – IR Service (newsletter)

Description and scope of data processing

Our IR Service contains up-to-date information on the activities of Mutares SE & Co. KGaA and its portfolio companies. We use the double opt-in procedure for registration for our IR Service. This means that after you have entered your email address, we will send a confirmation email to the address you provided, asking you to confirm that you wish to receive the IR Service. If you do not confirm this, your registration will be automatically deleted. If you confirm your wish to receive the IR service, we will store the following personal data at the time of registration and confirmation until you unsubscribe from the IR service:

 

Email address

Surname

First name

IP address of the accessing computer

Date and time of registration

Your consent will be obtained for the processing of the data during the registration process and reference will be made to this privacy policy.

 

No data will be passed on to third parties in connection with data processing for the purpose of sending newsletters. The data will be used exclusively for sending the newsletter.

 

Purpose of data processing

The user's email address is collected for the purpose of delivering the newsletter.

 

Other personal data is collected during the registration process to prevent misuse of the services or the email address used.

 

Legal basis for data processing

The legal basis for processing the data after the user has registered for the newsletter is Art. 6 para. 1 sentence 1 lit. a GDPR, provided the user has given their consent.

 

Duration of storage

The data will be deleted as soon as it is no longer required for the purpose for which it was collected. The user's email address will therefore be stored for as long as the newsletter subscription is active.

 

The other personal data collected during the registration process is usually deleted after a period of thirty days.

 

Exercising your rights

The newsletter subscription can be cancelled by the user concerned at any time. This can be done at any time by notifying us; the easiest way to unsubscribe is to click on the link provided in every IR Service email or to send an email to the email address given in the legal notice.

 

This also allows you to revoke your consent to the storage of personal data collected during the registration process.