Organic and Printed Electronics Association
A Working Group within VDMA
VDMA e. V.
Mechanical Engineering Industry Association
Lyoner Str. 18
60528 Frankfurt/Main, Germany
PO Box 71 08 64
60498 Frankfurt/Main, Germany
Phone: 49 69 6603 1737
Fax: 49 69 6603 2896
E-mail: info@oe-a.org
President VDMA: Karl Haeusgen
Managing Director VDMA: Thilo Brodtmann
Register of Association at the Local Court Frankfurt am Main
No. VR4278
Protection of your personal data
1. Controller
The controller responsible for the data processing is:
VDMA e. V.
Lyoner Straße 18
60528 Frankfurt
Tel.: + 49 69 6603-0
E-Mail: datenschutz@vdma.org
2. Data protection officer
You can contact our data protection officer as follows:
Scheja und Partner Rechtsanwälte mbB
Adenauerallee 136
53113 Bonn
Tel.: +49 228 227 226-0
E-Mail: info@scheja-partner.de
https://www.scheja-partner.de/kontakt/kontakt.html
3. Rights of the data subject
As data subject you have the following rights in accordance to the General Data Protection Regulation (GDPR) as far as the respective legal requirements are met:
- Right to object
- Individual right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Art. 6 sec. 1, including profiling based on those provisions. We will then no longer process the personal data for those purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims.
- Right to object to processing for direct marketing purposes
In some cases we process your data for direct marketing. You have the right to object to the processing of your personal data for those purposes at any time. This applies to profiling as far as it is associated with such direct marketing. If you object to the processing for direct marketing purposes, your personal data will not be processed for those purposes any longer.
- Access:
You have the right to obtain information about your personal data processed by us.
- Rectification:
You can obtain the rectification of inaccurate personal data concerning you. Furthermore you can obtain the completion of incomplete personal data.
- Erasure:
In specific cases you can obtain the erasure of your personal data.
- Restriction of processing:
In specific cases you can obtain restriction of processing of your personal data.
- Data portability:
If you provided data to us based on a contract or your consent you can demand that you receive the provided data in a structured, commonly used and machine-readable format or that we transmit the data directly to another controller.
- Withdrawal of consent:
If you gave your consent to the processing of your personal data you can withdraw your consent at any time with future effect. The lawfulness of the processing of your personal data until your withdrawal will not be affected. In addition to the options stated under ‘enforcement of your rights’ you can explain your withdrawal according to the respective information concerning ‘exercising the right to object’ in the section ‘Services & Cookies’.
- Enforcements of your rights:
To exercise the aforementioned rights please contact datenschutz@vdma.org or by post to the address stated under number 1. When doing so please make sure an unambiguous identification of yourself is possible.
- Right of appeal:
You have the right to lodge a complaint with a data protection supervisory authority, particularly one in the member state of your habitual residence, work place or the place of the suspected violation, if you are of the view that the processing of your personal data is unlawful.
4. Details on services, cookies & co.
4.1 Our own service
Logfiles
Data categories
Accessed URL, IP address, Date and time of access, amount of transferred data, website where the user came from (‘referrer’), websites accessed by the user’s system from our website, http-status, information about the browser type and the used version, operating system, internet service provider
Purpose(s)
Statistical evaluations, optimizing the website, system security (fraud prevention), error diagnosis
Legal basis
Article 6 section 1 b) and f) GDPR
Pursued legitimate interests
See purposes
Recipients or categories of recipients
Hosting provider, internal departments, external service provider for technical support government agencies on demand
Third country transfer: Adequacy decision (yes/no):
No
Safeguards and access possibilities to those:
Storage periods or criteria for their determination:
7 days after creation
Duty to provide personal data and possible consequences of failure to provide:
No duty to provide, automatic collection by accessing the service
Exercising the right to object:
Data sources:
Direct collection when accessing website/service
Contact form
Data categories
Name of the contacting person, postal address, phone number, e-Mail address, content of the message
Purpose(s)
Receipt and handling of requests, complaints and other feedback
Legal basis
Article 6 section 1 b) and f) GDPR
Pursued legitimate interests
See purposes
Recipients or categories of recipients
Hosting provider, internal departments, government agencies on demand
Third country transfer: Adequacy decision (yes/no)
No
Safeguards and access possibilities to those:
Standard data protection clauses Art. 46 sec. 2 GDPR, copies to be retrieved from contact stated in number 1
Storage periods or criteria for their determination
After handling the request
Duty to provide personal data and possible consequences of failure to provide
Mandatory details in the contact form marked with ‘*’, other information is not mandatory but serves faster handling of the request
Exercising the right to object
Data sources
Direct collection in the contact form
Newsletter registration
Data categories
Name of recipient, title, E-Mail address, date and time of registration
Purpose(s)
Sending out newsletters for customers
Legal basis
Article 6 section 1 a) GDPR
Pursued legitimate interests
See purposes
Recipients or categories of recipients
internal departments especially marketing, hosting provider, processor for sending out newsletters, government agencies on demand
Third country transfer: Adequacy decision (yes/no)
No
Safeguards and access possibilities to those
Storage periods or criteria for their determination
After newsletter cancellation
Duty to provide personal data and possible consequences of failure to provide
No duty to provide
Exercising the right to object
Cancellation link in every newsletter
Data sources
Direct collection in the newsletter registration form
Commenting
Data categories
Name of pseudonym, content of comment
Purpose(s)
Allowing commenting on website content
Legal basis
Article 6 section 1 f) GDPR
Pursued legitimate interests
See purposes
Recipients or categories of recipients
Hosting provider, internal departments especially customer service
Third country transfer: Adequacy decision (yes/no)
No
Safeguards and access possibilities to those
Standard data protection clauses Art. 46 sec. 2 GDPR, copies to be retrieved from contact stated in number 1
Storage periods or criteria for their determination
After deletion of the article that could be commented on, also possible deletion of illegal content
Duty to provide personal data and possible consequences of failure to provide
Exercising the right to object
Data sources
Direct collection in commenting form
4.2 Integration of third party services
We use third party services to enable you to use their functions, services and features. These integrated services are designed and provided by the respective third party. Therefore we have no influence on the design, contents and function of those services or the processing of personal data by the provider. Please obtain further information directly from the providers of those integrated services.
Google Analytics
Provider/recipient
Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA
Purpose(s)
Legal basis
Article 6 section 1 b) and f) GDPR
Pursued legitimate interests
Improvement of the platform and the content offered
The provider’s data protection notice
– Google Privacy Policy (https://www.google.com/intl/de/policies/privacy/index.html)
– Protection and security of your data (https://support.google.com/analytics/answer/6004245?hl=de)
– Browser add-on for disabling Google Analytics (https://tools.google.com/dlpage/gaoptout?hl=de)
Further information
Google Maps
Provider/recipient
Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA
Purpose(s)
Providing map service Google Maps
Legal basis
Article 6 section 1 b) and f) GDPR
Pursued legitimate interests
Providing the Google map service
The provider’s data protection notice
https://www.google.com/intl/de/policies/privacy/index.html
Further information
To prevent a connection to Google Maps, java script can be deactivated in the browser settings
Facebook Social Plugin
Provider/recipient
Facebook, Inc., 1601 Willow Road, Menlo Park, California 94025, USA
Purpose(s)
Communication with Facebook profile
Legal basis
Article 6 section 1 f) GDPR
Pursued legitimate interests
Allowing communication via Facebook profile
The provider’s data protection notice
https://www.facebook.com/policy.php
Further information
We use the Shariff-solution, the browser only establishes a direct connection to Facebook after clicking on the Facebook button
YouTube-Videos
Provider/recipient
YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA (vertreten durch Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA)
Purpose(s)
Display of YouTube videos
Legal basis
Article 6 section 1 f) GDPR
Pursued legitimate interests
Allowing the viewing of YouTube videos
The provider’s data protection notice
https://policies.google.com/privacy?hl=de&gl=de
Further information
Integration uses the ‘extended data protection mode’ of YouTube
On-Demand- and Lifestream-Videos
Provider/recipient
Linda und Sören Steinmann GbR – Video-Stream-Hosting, Am Sennehügel 20, 32052 Herford
Purpose(s)
Allowing the viewing of videos
Legal basis
Article 6 section 1 f) GDPR
Pursued legitimate interests
Allowing the viewing of videos
The provider’s data protection notice
Privacy Policy
Further information
4.4. Responsibility for services shared with third parties
In some cases, we are a joint controller together with a third party. This can include the integration of the third party’s services on our website or can include our presence in the third party’s offering. Information on the data processing of the respective third party is available in the third party’s data protection notices. You can assert your rights as a data subject both vis-à-vis our Association and directly via-à-vis the respective third-party service provider. The service provider will be able to respond to processes under its immediate responsibility, which is why we recommend contacting the third party directly.
Facebook Fanpage
We operate the Facebook Fanpage as joint controllers with Facebook Ireland Limited, 4 Grand Canal Square Dublin 2, Ireland and Facebook Inc., Facebook Headquarters, 471 Emerson St., Palo Alto, CA 94301-160, USA (contact the data protection officer). We also have access to the Facebook Insight service via our Facebook Fanpage; however, this service only provides us with statistical usage data.
You can access the data protection notices for the controllers sharing responsibility for the Facebook Fanpage by clicking the data guideline link (Facebook Ireland).
You can use the following functions on our Facebook Fanpage:
- Interaction by/with users
- Restriction of your own contributions
- Customer Chat Plugin
- Integration of Instagram
The following data is processed on our Facebook Fanpage during the interaction by/with you as a user:
- Date and time of the interaction
- Type of end device
- Operating system used, where applicable
- Type and content of the interaction (e.g. Likes, direct messages, comments)
- Profile name
- Profile picture
This data is processed on the basis of Article 6 para.1 b) and f) of the EU General Data Protection Regulation (GDPR) for the interaction with you as the user, for the improvement of the usage experience as well as for the purpose of the receipt and processing of queries, complaints or other feedback.
In doing so, we pursue a justified interest corresponding to the respective purpose.
Internal departments are the recipients of this personal data. We refer to our data protection notices with regard to the recipients of the joint controllers.
We shall not transfer your data to third countries. However, we do want to point out that the party sharing responsibility with us, Facebook Inc, has its headquarters in a third country without an adequacy decision. We refer to our data protection notices with regard to the transfer of data to a third country by the joint controllers.
We shall generally delete your personal data, provided no statutory retention obligations exist, after the termination of the usage relationship or after the completed response to your direct communication or following the deletion of the contribution to be commented on. If necessary, we shall also delete any illegal content. We refer to our data protection notices with regard to the storing of data by the joint controllers.
The data is exclusively collected under a direct collection during interactions with you. There is no obligation to provide any personal data.
General information on the handling of personal data in VDMA and its bodies
VDMA and its bodies (hereinafter referred to as “we”) thank you for your interest in our association as well as the products and services of VDMA, the VDMA service companies, the research associations and the foundations and partner organizations in mechanical engineering.
We take the protection of your personal data and its confidential handling very seriously. The processing of your personal data takes place solely in accordance with the respectively applicable statutory data protection requirements, in particular the EU General Data Protection Regulation (hereinafter referred to as “GDPR”).
We process personal data of employees of our association members and business partners. This personal data is the subject of this data protection information. We would like to use this document to inform you about the scope of the processing of your personal data and your data protection rights within the scope of association membership and/or your business relationship with us.
1. The controller and data protection officer responsible for data processing; contact
The data processing controllers in the meaning of data protection laws are:
1 VDMA e. V.
Verband Deutscher Maschinen- und Anlagenbau e. V.
Lyoner Straße 18
60528 Frankfurt
2 Gesellschaft zur Förderung des Maschinenbaues mbH
Lyoner Straße 18
60528 Frankfurt
3 VSMA GmbH
Lyoner Straße 18
60528 Frankfurt
4 VDMA Verlag GmbH
Lyoner Straße 18
60528 Frankfurt
5 MBI GmbH
Maschinenbau Institut Gesellschaft für
Weiterbildung und Einzelberatung mbH
Lyoner Straße 18
60528 Frankfurt
6 VFI GmbH
VDMA Gesellschaft für Forschung und Innovation (VFI) mbH
Lyoner Straße 18
60528 Frankfurt
7 ECB GmbH
European Certification Body GmbH
Lyoner Straße 18
60528 Frankfurt
8 FVA e. V.
Forschungsvereinigung Antriebstechnik e. V.
Lyoner Straße 18
60528 Frankfurt
9 FLT e. V.
Forschungsvereinigung Luft- und Trocknungstechnik e. V.
Lyoner Straße 18
60528 Frankfurt
10 FVA GmbH
Lyoner Straße 18
60528 Frankfurt
11 FVV e. V.
Forschungsvereinigung Verbrennungskraftmaschinen e. V.
Lyoner Straße 18
60528 Frankfurt
12 FKM e. V.
Forschungskuratorium Maschinenbau e. V.
Lyoner Straße 18
60528 Frankfurt
13 ESSA e.V.
European Security Systems Association e.V.
Lyoner Straße 18
60528 Frankfurt
14 ProWood Stiftung
Lyoner Straße 18
60528 Frankfurt
15 Printpromotion GmbH
Lyoner Straße 18
60528 Frankfurt
16 Impulsstiftung
Lyoner Straße 18
60528 Frankfurt
17 Mobima e. V.
Lyoner Straße 18
60528 Frankfurt
18 DFAM e. V.
Deutsche Forschungsgesellschaft für Automatisierung und Mikroelektronik e. V.
Lyoner Straße 18
60528 Frankfurt
19 FKT e. V.
Forschungsrat Kältetechnik e. V.
Lyoner Straße 18
60528 Frankfurt
20 FGD e. V.
Forschungsgesellschaft Druckmaschinen e. V.
Lyoner Straße 18
60528 Frankfurt
21 IFL e. V.
Forschungsgemeinschaft Intralogistik/Fördertechnik & Logistiksysteme e. V.
Lyoner Straße 18
60528 Frankfurt
22 FVB e. V.
Forschungsvereinigung Bau- und Baustoffmaschinen e. V.
Lyoner Straße 18
60528 Frankfurt
23 FPH e. V.
Forschungsplattform Holzbearbeitungstechnologie
Lyoner Straße 18
60528 Frankfurt
24 FOGI e. V.
Forschungsgemeinschaft Industrieofenbau e. V.
Lyoner Straße 18
60528 Frankfurt
25 FGMA e. V.
Fachbetriebsgemeinschaft Maschinenbau e. V.
Lyoner Straße 18
60528 Frankfurt
26 Stiftung der Landmaschinenindustrie
Lyoner Straße 18
60528 Frankfurt
27 GTDE e. V.
Graphical Tool Data Exchange – Standard OpenBase e.V.
Lyoner Straße 18
60528 Frankfurt
28 Walter Reiners-Stiftung
Lyoner Straße 18
60528 Frankfurt
29 Dr.- Ing. E. H. Hubert H.A. Sternberg-Stiftung
Lyoner Straße 18
60528 Frankfurt
30 Stiftung Druck- und Papiertechnik
Lyoner Straße 18
60528 Frankfurt am Main
31 VDW e. V.
Verein Deutscher Werkzeugmaschinenfabriken e. V.
Corneliusstraße 4
60325 Frankfurt
32 VDW – Forschungsinstitut e. V.
Corneliusstraße 4
60325 Frankfurt
33 Nachwuchsstiftung Maschinenbau gGmbH
Corneliusstraße 4
60325 Frankfurt
Please contact us at any time should you have any questions or suggestions concerning data protection.
Data protection coordinators for all the named organizations:
Sven Laux
VDMA e. V.
Head of Department for Human Resources
Lyoner Straße 18
60528 Frankfurt
Tel.: + 49 69 6603-1640
Email: datenschutz@vdma.org
Thomas Zopick
VDMA e. V.
Head of IT Department
Lyoner Straße 18
60528 Frankfurt
Tel.: + 49 69 6603-1868
Email: datenschutz@vdma.org
You can contact our data protection officer at:
For the organizations listed from 1 to 15, also 31 and 32
Scheja und Partner Rechtsanwälte mbB
Adenauerallee 136
53113 Bonn
Tel.: +49 228 227 226-0
Email: info@scheja-partner.de
https://www.scheja-partner.de/kontakt/kontakt.html
For the organization listed under 33
Daniel Kaup (internal data protection officer)
Nachwuchsstiftung Maschinenbau gGmbH
Niederlassung Bielefeld
Gildemeisterstraße 60
33589 Bielefeld
Tel.: + 49 5205 74 2561
Email: daniel.kaup@nws-mb.de
2. The subject of data protection
This data protection information covers personal data. This personal data includes all information that relates to an identified or identifiable natural person (so-called affected person). This data includes, for example, information on the name, postal address, email address or telephone number, but also includes information that is required during the association membership and/or business relationship, such as details on the beginning, end and scope of the usage of the membership, products and services.
3. Purposes and legal grounds of data processing
In the following, you will receive an overview of the purposes and legal grounds of data processing within the scope of the membership and/or business relationship with you.
3.1 Processing and execution of individual association work within the membership and/or business relationship
We generally process data that is created based on a business relationship with companies. We do, however, also process personal data when this is necessary for the preparation and performance of a contract with you personally.
Additional details on the purposes of the data processing can be obtained in the respective agreements and/or contract documents.
Data processing is performed on the basis of Article 6 para. 1 b) GDPR. You must specify the personal data which is necessary for the preparation and performance of the membership and/or the business relationship with you. We will not be able to process your query or fulfill the contract without this data.
We shall delete the data when it is not longer needed for the pursued purposes and no other legal grounds exist. Should the latter apply, we shall delete the data once the other legal grounds no longer exist.
3.2 Fulfillment of legal obligations
We also process your personal data to comply with legal obligations that we are subject to. The obligations may arise, for example, from association, commercial, tax, money laundering, finance or penal legislation. The purposes for the processing arise from the respective legal obligation; the processing generally serves the purpose of complying with federal control and information obligations.
Data processing is performed on the basis of Article 6 para. 1 c) GDPR. When we collect personal data due to a legal obligation, you must provide the personal data required to fulfill the legal obligation. We may not be able to process your query should you not provide this personal data.
We shall delete the personal data once the legal obligation no longer exists, provided that no other legal grounds exist. Should the latter apply, we shall delete the data once the other legal grounds no longer exist.
3.3 Safeguarding legitimate interests
We also process your personal data to safeguard our legitimate interests or those of third parties. We pursue the following interests, which are also the respective purposes:
Shared responsibility in accordance with Article 26 GDPR | Individual data processing by the controller | |
Management of association memberships, documentation of services received from VDMA and its bodies (including the preparation of interest profiles, see Section 7) | X | |
Query management incl. group-internal workflows and documentation | X | |
Participation management incl. participant documentation for – Surveys – Statistical surveys – Market exploration trips – Symposia – Visitor delegations – Events (domestic and abroad) – Committee meetings | X | |
Execution of – Surveys – Statistical surveys – Market exploration trips – Symposia – Visitor delegations – Events (domestic and abroad) – Committee meetings | X | |
Coordination of the collaboration in – National, European, international bodies – Sector committees – Associations and organizations – National and international standardization committees – National and international research projects | X | |
Execution of the collaboration in – National, European, international bodies – Sector committees – Associations and organizations – National and international standardization committees – National and international research projects | X | |
Recording of contacts from national and international organizations, authorities and ministries | X | |
Execution of individual consultations | X | |
Brokering of cooperation and sales queries | X | |
Safeguarding technical operations, elimination of errors and disruptions | X | |
Ensuring data security and data availability | X | |
Business management and controlling | X | |
Access to closed user networks, such as myVDMA.org and the THEMIS knowledge portal provided by the VDMA research associations | X | |
Mailing of newsletters and automated forwarding of information with non-advertising character, provided you have not objected | X | |
Direct marketing, provided you have not objected | X |
Within the comprehensive support provided by VDMA e. V. and its bodies, we together document the service portfolio in a jointly used member and customer database. All responsible organizations are obligated to comply with lawful data processing in accordance with Article 26 GDPR in the case of joint data processing. The controller for individual rights in joint data processing is VDMA e. V., Lyoner Straße 18, 60528 Frankfurt.
The data processing is performed on the basis of Article 6 para. 1 f) GDPR. We shall explicitly point out those cases in which you have to provide data. We may not be able to process your query should you not provide this personal data.
We shall delete the data when it is not longer needed for the pursued purposes and no other legal grounds exist. Should the latter apply, we shall delete the data once the other legal grounds no longer exist.
3.4 Consent
If you have provided your consent for specific purposes, the respective purposes shall arise from the contents of the submitted consent.
The data processing is performed on the basis of Article 6 para. 1 a) GDPR. We shall explicitly point out those cases in which you have to provide data. Without the provision of this data, we may not be able to process the request covered by the consent. You may revoke your consent at any time. However, this shall not affect the lawfulness of the processing conducted, based on the consent, until the revocation.
We shall delete the data when it is no longer needed for the pursued purposes, or if you have revoked the consent and no other legal grounds exist. Should the latter apply, we shall delete the data once the other legal grounds no longer exist.
4. Recipient of personal data
4.1. Internal recipient
Only those persons who require the data for the purposes stated under Section 3 shall have access.
4.2. Joint responsibility
In case of data processing conducted within the scope of shared responsibility in accordance with Article 26 GDPR, VDMA e. V. and its bodies are the reciprocal recipients.
4.3. External recipients
We shall only forward your personal data to external recipients when this is necessary for the completion or processing of your query, if another legal permission to do so exists or if you have provided your consent for this purpose.
4.3.1 External recipients may include:
a) Commissioned processors
External processors we commission to perform services, for example in technical infrastructure and maintenance or the provision of contents relevant for agreements and contracts. We select these commissioned processors very carefully and review their activities regularly to ensure the protection of your personal data. The service provider may only use the personal data for the purposes we specify.
b) Public bodies
Authorities and government institutions, such as district attorneys, courts or finance authorities, to which we must provide personal data based on mandatory and statutory grounds.
c) Other bodies
Cooperation partners to which personal data is transferred based on consent or legal grounds, for example to trade fair companies, standardization and research institutions, congress and event organizations, national and international associations.
5. Data processing in third countries
If a data transfer takes place to bodies whose registered office or their place of data processing is not in a member state of the European Union or in another party to the Agreement on the European Economic Area, prior to transfer we ensure that, outside of legally permitted exceptional cases at the recipient, either an appropriate level of data protection exists (e.g. under an adequacy decision from the European Commission, through suitable guarantees by the recipient such as self-certification according to the EU-US Privacy Shield or the agreement of so-called standard contractual clauses in the European Union with the recipient) or that adequate consent has been granted.
We can provide you with an overview of the recipients in third countries and a copy of specifically agreed provisions for safeguarding the appropriate level of data protection. Please use the information provided in Section 1 to request this.
6. Sources and data categories for third-party collection
We not only process personal data which we receive directly from you: We also receive some personal data from third parties. An overview of the sources and data categories used in data collection from third parties to safeguard our legitimate interests (verification and updating of our database) is provided in the following. Use of such data strictly follows the purposes specified in Section 3. Use of personal data for advertising pitches shall only take place if we have the corresponding authorization.
- Bureau van Dijk Electronic Publishing GmbH
Hanauer Landstraße 175-179
60314 Frankfurt am Main
Data:
– Companies with valid company name and unique identifiers
– Detailed shareholding structures including determination of beneficial owner
– Management and supervisory board
- CRIF Bürgel GmbH
Radlkoferstraße 2
81373 Munich
Data:
– Companies with valid company name and unique identifiers
– Detailed shareholding structures including determination of beneficial owner
– Management and supervisory board
- Echobot Media Technologies GmbH
Echobot Media Technologies GmbH
Südendstr.52
D-76135 Karlsruhe
Daten:
– Companies with valid company name and unique identifiers
– News from online media
– Top-level management
- XING SE
Dammtorstraße 30
20354 Hamburg
- LinkedIn Ireland Unlimited Company
Wilton Place,
Dublin 2, Irland
- Vereinigte Fachverlage GmbH
Lise-Meitner-Straße 2
55129 Mainz
- Kompass – Zentrum für Existenzgründungen Frankfurt am Main gGmbH
Hanauer Landstraße 521
60386 Frankfurt am Main
- Hoppenstedt
Bisnode Deutschland GmbH
Robert-Bosch-Straße 11
64293 Darmstadt
7. Interest profiles
VDMA e. V. compiles interest profiles within the scope of association membership in order to provide you with targeted information. Compiling an interest profile serves to inform you, within the scope of your company’s membership, with tailored information on topics and services provided by VDMA and which are relevant to you, while minimizing information which is of little or no relevance for you. The data described in the following and your interest profile is only used by VDMA e. V. for this purpose and is not forwarded to other third parties.
To this end, we use your contact data, data from the CRM system concerning services you have used, such as your participation in events or queries you have submitted, and possibly publicly accessible data from the external sources named in Section 6. We also use, to the extent provided, the topics and interests you listed in your my.VDMA account as well as the topics highlighted in the newsletters you subscribe to.
We only use other data when you have provided us with separate consent.
The above-mentioned data is used to automatically determine the relevance of specific topics for you and represent them accordingly in your interest profile. The interest profile contains a value for every topic that reflects the relevance of this topic for you.
The right to object against the use of your personal data as described in Section 10 also applies in relation to your interest profile and the personal data used for it.
8. Retention period
The retention period for personal data is provided in the respective section on data processing.
Also generally applicable: We only store personal data for as long as it is necessary to fulfill the respective purposes or – in case of consent – until you revoke your consent. In case of objection, we delete your personal data, unless its processing is permitted under the relevant statutory provisions.
We also delete your personal data when we are obligated to do so due to legal grounds.
9. Rights of affected persons
You have numerous rights as a person affected by the data processing. In detail:
- Right of access
You have the right to receive information from us on the personal data we have stored about you. - Right to rectification and erasure
You can demand that we rectify any inaccurate personal data and – to the extent that legal requirements are met – the deletion of your personal data. - Right to the restriction of processing
You can demand that we – to the extent that legal requirements are met – restrict the processing of your personal data. - Data portability
If you have provided us with data based on an agreement and/or a contract or your consent, you have the right, when the legal requirements are given, to receive your personal data in a structured, commonly used and machine-readable format and have the right to demand that we transmit this data to another controller. - Withdrawal of consent
If you have consented to the processing of your personal data, you may withdraw this consent at any time with effect for the future. The lawfulness of the processing of your personal data up to the time of withdrawal remains unaffected. - Right to lodge a complaint with a supervisory authority
You may also file a complaint with the responsible supervisory authority when you are of the opinion that the processing of your personal data violates applicable law. To do so, you may turn to the data protection authority which is responsible for your place of residence or your country; you may also contact the data protection authority which is responsible for us.
10. Right to object
Objecting to data processing on legal grounds of a “legitimate interest”:
You have the right, based on reasons arising from your special situation, to object to our processing of your personal data at any time, provided this objection is based on the legal grounds of a “legitimate interest”. If you assert your right to object, we shall stop processing your personal data, unless we can document – in accordance with statutory provisions – compelling legitimate grounds for the continued processing which override your rights.
Objection to data processing for direct advertising purposes:
We process personal data based on the legal grounds of a “legitimate interest” and to conduct direct advertising. You have the right to object to such processing at any time.
11. Your contact to us and the assertion of your rights
You may contact us, at no charge, should you have any questions on the processing of your personal data, your rights as an affected person and any consent you may have granted. To assert all of your above-mentioned rights, please contact datenschutz@vdma.org or one of the parties stated in Section 1 above. Please make sure that we can clearly identify your person.
12. Version
The current version of this data protection information, version 1.0, shall apply. Version June 18, 2018.