Data-protection information

We, Joyson Safety Systems Aschaffenburg GmbH, Bahnweg 1, 63743 Aschaffenburg, (privacyteam@eu.joysonsafety.com), hereby inform you about our processing of personal data.

Our External Data Protection Officer is:
Nikolaus Bertermann
daspro GmbH
Kurfürstendamm 21
10719 Berlin
E-Mail: joyson@daspro.de

In the following, we have compiled the most important information about the typical data processing for you according to the affected groups. The information requirements for certain types of data processing which only concern specific groups are fulfilled separately.

In this text, the term "data" only applies to personal data as defined by the European General Data Protection Regulation ("GDPR").

1. Visitors to the website
2. Business partners and their employees
3. Interested parties, communication partners
4. General information and rights of the persons concerned

1. Visitors to the website
1.1 Server log data
With each request, our web server processes a series of data, which your browser automatically transmits to our web server. These are the IP address currently assigned to your device, the date and time of the request, the time zone, the specific page or file viewed, the http status code, and the volume of data transferred; in addition, the website from which your request came, the browser used, the operating system of your device and the language set. This data is used by the web server to display the contents of this website in the best possible way on your device.
1.2 The purpose of the data processing is the representation of our enterprise and its online services as well as the exchange with communication partners. The purpose of the evaluation of the user behavior on the website is the needs-based design of the website.
1.3 The legal basis for processing is Article 6 (1) lit. f) GDPR (legitimate interest, operation of an Internet presence and communication with communication partners). The legal basis for the analysis of user behavior is Article 6 (1) lit. f) GDPR (legitimate interest, namely the needs-based design of the website).
1.4 The disclosure of protocol and communication data to any third parties is subject to particular circumstances. If a crime is suspected or in preliminary investigations, data can be transmitted to the police and the public prosecutor. We also use service providers for the rendering of services, in particular for the provision, maintenance and care of IT systems.
1.5 IP addresses will be anonymized after seven days at the latest. Pseudonymous usage data are deleted after three months.
1.6 It is not possible to use the website without disclosure of personally identifiable information such as the IP address. Communication via the website without information is not possible. The use of the website is also possible if the pseudonymous usage analysis has been objected to.

2. Business partners and their employees
2.1 Purpose of the processing is the preparation and execution of contracts as well as communication with employees of business partners.
2.2 Legal bases for the processing are contracts with natural persons Article 6 (1) lit. b) GDPR (preparation and implementation of the contract), in the case of contracts with legal entities, Article 6 (1) lit. f) GDPR (entitled interest, namely communication with contractually relevant contact persons) as well as always Article 6 (1) lit. c) GDPR (statutory duties, in particular tax and commercial law).
2.3 Banks may be recipients of data for the settlement of payments. Authorities and offices may be beneficiaries whilst carrying out their duties as far as we are obliged or entitled to transmit data. We also use service providers for the rendering of services, in particular for the provision, maintenance and care of IT systems.
2.4 All data relevant to the contract and the booking shall be stored in accordance with tax and commercial retention periods for a period of ten calendar years after the end of the contract.
2.5 The provision of data is legally binding as well as contractually binding for business partners and employees of business partners. Without providing any data, the business relationship cannot be justified and carried out.

3. Interested partners, communication partners
3.1 We process the data of interested parties and communication partners for the purpose of communication with those affected.
3.2 The legal basis for the processing of data of interested parties and other communication partners is Article 6 (1) lit. f) GDPR (legitimate interest, namely communication with interested parties and communication partners).
3.3 Inquiries are forwarded internally to the responsible employees. We also use service providers for the rendering of services, in particular for the provision, maintenance and care of IT systems.
3.4 Requests and communications are automatically deleted after ten calendar years. 3.5 The declaration of data is required for interested parties and communication partners. Without declaration of data, communication is not possible.

4. General information and rights of the persons concerned
4.1 We do not use automated single processing procedures.
4.2 You have the right to request information about any personal data that we process from you at any time.
4.3 If your personal data is incorrect or incomplete, you have a right to rectification and amendment of it.
4.4 You may request the deletion of your personal data at any time, unless we are legally obliged or entitled to further process your data.
4.5 If the legal requirements are met, you may request a restriction of the processing of your personal data.
4.6 You have the right to object to the processing, as far as the processing of data is carried out for the purpose of direct advertising or profiling. If the processing is carried out on the basis of a balancing of interests, you may object to processing, stating reasons that arise from your particular situation.
4.7 If data processing takes place on the basis of your consent or under a contract, you have the right to transfer the data provided by you, given that this does not affect the rights and freedoms of others.
4.8 If we process your data on the basis of a declaration of consent, you have the right to revoke this consent with effect for the future at any time. Such revocation does not affect the processing carried out prior to the revocation.
4.9 Furthermore, you also have the right at any time to lodge a complaint with a data protection authority if you believe that data has been processed in violation of applicable law.

21 September 2018