1. Who is responsible for data processing and whom can I contact?
The responsible party is either Maag Germany GmbH, Ostring 19, 63762 Grossostheim, or Maag Ettlinger GmbH, Messerschmittring 49, 86343 Königsbrunn or Maag Witte GmbH, Lise-Meitner-Allee 20, 25436 Tornesch, depending on which company you have a business relationship with.
The data protection officer appointed for both companies, Jhcon Datenschutzberatung, Dipl.-Ing. Jörg Hagen, Königstraße 50a, 30175 Hannover, can be contacted by e-mail: info@jhcon.de
2. What sources and data do we use?
a) We process your personal data to manage our business relationship with the company you represent.
This is in particular the following data:
• Name, first name and contact details of contact persons
• Name, first name and contact details of interested parties
• Planning and project data, such as project steps, coordination dates, information dates, etc.
• in the case of the use of electronic media: IT usage data
b) However, if you as a customer or business partner are a natural person, the following data, which we collect from you in order to carry out pre-contractual and contractual measures, will be processed in addition to the above-mentioned data:
• Contact data
• Planning data, such as project steps, coordination dates, information dates, etc.
• Account details
• Any information that is not absolutely necessary, e.g. date of birth (voluntary)
c) If you visit us directly or book appointments for trade fair visits, we process, depending on the purpose, the personal data you provide during a visit:
• Name, first name
• Company name
• Address,
• Time of arrival and departure
• Destination
• Vehicle registration number, if applicable (delivery traffic on the premises)
• Recording data from the operation of video surveillance systems processed
d) If you attend a webinar, online conference, online seminar or participate in an online interview, we process the following personal data provided by you for the purpose of conducting the event:
• Name, first name
• Company name
• Email address
• Contact details
• Planning data
• Video recordings, if applicable
• Voice transmissions/recordings
3. What do we process your data for - the purpose of the processing - and on what legal basis?
to 2. a):
In order to initiate or process contracts with our customers or business partners, we process your personal data as a contact person for the legitimate interests of the person responsible. In doing so, we always balance these with your personal rights. Therefore, as a rule, only the name and business contact details are used to document the business relationship and personal contact. The legal basis for this is Art. 6 para. 1 lit. f GDPR.
If private data is processed, this is based exclusively on your consent according to Art. 6 para. 1 lit. a GDPR.
to 2. b):
Your personal data that are required for the fulfilment of a contract or pre-contractual measures with you are processed. The legal basis for this is Art. 6 (1) lit. b GDPR.
If information that is not absolutely necessary is processed, this is based exclusively on your consent in accordance with Art. 6 Para. 1 lit. a GDPR.
to 2. a and b):
AAs a person interested in information and products, we process your personal data either in the context of consent (Art. 6 para. 1 lit. a DS-GVO, e.g. marketing measures) or out of legitimate interest of the responsible party in consideration of your personal rights (Art. 6 para. 1 lit. f GDPR). In particular, the special requirements of the Unfair Competition Act (UWG) are taken into account.
to 2. c):
As a visitor, we process your personal data as proof of the visit and, in the case of prior invitation to pre-announce a visit, in order to document which persons have entered the secured company area on the basis of Art. 32 GDPR.
In order to make our processes on the company premises demonstrably secure and to prevent damage to property and theft or to be able to document these in the event of damage, we operate a designated video surveillance system. This data collection is based on Art. 6 Para. 1 lit f GDPR.
to 2. d):
As participants, we process their personal data for the invitation and implementation of the above-mentioned online events on the basis of our legitimate interest in consideration of their personal rights (Art. 6 para. 1 lit f GDPR) and voice recordings exclusively after prior consent on the basis of Art. 6 para. 1 lit a GDPR.
to 2. a, b and c):
In order to implement the status of an authorized economic operator (AEO) in accordance with Article 76 of the Customs Code (Regulation (EEC) No. 2913/92) and Article 253 et seq. of the Customs Code (Regulation (EEC) No. 2454/93) and/or in compliance with the EU regulations on combating terrorism (EC 881/2002 and 2580/2001), random checks are carried out at irregular intervals to determine whether you are suspected of being a terrorist.
4. Who gets your data?
We do not pass on your data to unauthorised third parties.
However, data is passed on to the necessary extent within the scope of contract processing with natural persons to
• Financial companies (bank transfers),
• external contractors in accordance with Art. 28 of the GDPR,
• if the service provider is located in a third country in accordance with Art. 44 et seq. of the GDPR
5. Will your data be transferred to a third country or international organisations?
Data transfer to a third country is possible within the framework of the Group structure to the parent company in the USA and, due to software used throughout the Group, also in the USA.
6. How long do we store your data?
Your personal data will be deleted after expiry of the statutory retention periods, which result, for example, from the German Civil Code (BGB), the German Commercial Code (HGB) and the German Fiscal Code (AO).
If data is not affected by this, it is deleted when the purpose no longer applies.
Video surveillance data is deleted after 2 days.
Recorded information from online events is deleted at the latest when the purpose no longer applies.
7. What rights do you have?
• Information about your stored personal data (Art. 15 GDPR)
• Correction of data if it is incorrect, out of date or otherwise inaccurate (Art. 16 GDPR)
• Deletion if the storage is inadmissible, the purpose of the processing is fulfilled and the storage is therefore no longer necessary or you revoke a given consent to the processing of certain personal data (Art. 17 GDPR)
• Restriction of processing if one of the conditions listed in Art. 18(1)(a) to (d) GDPR is met
• Data portability of the provided personal data concerning you (Art. 20 GDPR)
• Revocation of consent given, whereby the revocation does not affect the lawfulness of the processing carried out until then on the basis of the consent (Art. 7 (3) GDPR)
• Complaint to a supervisory authority (Art. 77 GDPR).
8. What rights of objection do you have?
If you have given your consent for the processing of your data (Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a) GDPR), you have the right to revoke this consent at any time.
You may also object to other processing that we base on a legitimate interest within the meaning of Art. 6 (1) (f) GDPR at any time in accordance with Art. 21 GDPR for reasons arising from the particular situation for you, stating these reasons. In the event of a justified objection, we will in principle no longer process the personal data for the purposes in question and delete the data unless we can demonstrate compelling reasons for the processing which override your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
For concerns of this nature, please contact us at the above address.
9. Is the provision of personal data required or prescribed by law or contract?
If you are a natural person as a customer or business partner, your information is absolutely necessary for the proper processing of the business relationship within the scope of the contract processing and for contact persons of customers and business partners. Without your information, the legal transaction (debt relationship), the business relationship cannot be properly processed, which could lead to the cancellation of the contract or the non-payment.
Status: December 2024
