Data protection principles of www.cartechnic.de pursuant to art. 13 GDPR
The following data protection principles inform you about the collection, processing and use of personal data by the data controller within the scope of visiting this website.
1. Data controller within the meaning of art. 4 (7) GDPR
Main data controller:
(hereinafter referred to as ATR)
Phone: + 49 711 91 89 79-0
2. Communication by e-mail / telephone / post
Purpose of the data processing/ Legal basis: Any personal information you provide to us by telephone or in e-mails will be treated confidentially. We use your data exclusively for the purpose of processing your enquiry. The legal basis for the data processing is art. 6 para. 1 f) GDPR. The justified interest on the part of ATR results from the interest to answer the enquiries sent by our customers and visitors to this website and to maintain and promote customer satisfaction.
Recipients/ Categories of recipients: We exclude any transfer of data to third parties outside the ATR group of companies. In exceptional cases, data is processed on our behalf by contract processors. These are carefully selected, audited by us and contractually bound pursuant to art. 28 GDPR. Furthermore, it may be necessary for us to pass on extracts of your enquiry to contractual partners (e.g. suppliers for product-specific enquiries) in order to process your enquiry. In these cases, however, the request will be anonymized beforehand so that the third party cannot establish any reference to you. If, in individual cases, the disclosure of your personal information should be necessary, we will inform you of this in advance and obtain your consent.
Storage duration/ Criteria for determining the storage duration: All the personal data that you provide to us in enquiries (suggestions, praise or criticism) via this website or by e-mail will be deleted or securely anonymized by us at the latest 90 days after the final reply has been given to you. The reason for the storage period of 90 days is that, occasionally, you as a customer may contact us again about the same matter after a reply has been sent out and we must then be able to refer to the previous correspondence. Experience has shown that, as a rule, after 90 days there are no more questions relating to our replies.
Authorized persons may use the Extranet for shareholders and business partners on this website.
Purpose of the data processing/ Legal basis: We need an e-mail address to create the access. Your e-mail address is used solely as a user name for the use of and login into our website www.cartechnic.de.
The legal basis for the data processing within the scope of the use of the Extranet by you is art. 6 para. 1 f) GDPR. The justified interest on the part of ATR results from the interest in being able to provide the business partner with the desired and necessary information required for the partnership.
Processing of your access data beyond this purpose will not take place without your consent.
Recipients/ Categories of recipients: Within the ATR group of companies, the data of your Extranet account can only be used by the responsible departments for the technical administration of the Extranet accounts. Transfer to third parties outside of ATR does not take place.
Storage duration/ Criteria for determining the storage duration: Your Extranet account will generally remain stored indefinitely unless you delete your account, your partnership with ATR ends or you request us to delete it. The data will then be removed from our system if there are no retention periods or if the data is not still required in individual cases (for example, in the case of open claims to collect the claims).
The following subsections inform you about the individual purposes of the various cookies that may be used.
When you log into our website in the Extranet, a cookie is set on your device. These cookies are standard TYPO3 session cookies. With a user login, each cookie stores the session ID with which the logged-in user is recognized and granted access to protected areas. The cookies are deleted at the end of the browser session and do not remain on your computer. If you leave our pages, the temporary cookie is also discarded (session cookies).
The legal basis for this data processing is art. 6 para. 1 f) GDPR. The justified interest results from the interest in offering you a particularly user-friendly and transparent website.
Storage duration/ Criteria for setting the storage duration for cookies
Session cookies are deleted after the end of your Internet session (closure of the browser). Permanent cookies remain stored in your browser until they are manually deleted by you.
5. Storage of the IP address
We store the IP address transmitted by your web browser, strictly for the purpose intended, for the duration of seven days in order to be able to recognize, limit and eliminate attacks on our website. After this period has expired, we delete or anonymize the IP address.
The legal basis for this and for the processing of the following usage data is art. 6 para. 1 sentence 1 lit. f GDPR.
6. Usage data
When you visit our websites, our web server temporarily stores so-called usage data for statistical purposes as a protocol to improve the quality of our websites. This record consists of
- the page from which the file was requested,
- the name of the file,
- the date and time of the query,
- the amount of data transferred,
- the access status (file transferred, file not found),
- the description of the type of web browser used.
This information is used exclusively for the purpose of providing our services, and in no way allows conclusions to be drawn about you as a person. An evaluation of the data takes place exclusively in anonymous form. At the point where hypothetical conclusions about your person would be possible, e.g. with an IP address, we must ensure that a reference back to you personally is impossible.
Without your express consent, we will not use tracking tools to collect unsolicited personal information about you, to share such information with third parties and marketing platforms, or to associate the information with your personal information (name, address, etc.).
We take technical and organizational security measures in order to protect your data from unwanted access as comprehensively as possible. In addition to securing the operating environment, we use encryption procedures. The information you provide is transmitted in encrypted form using an SSL protocol (Secure Socket Layer) and authenticated to prevent misuse of the data by third parties. You can recognize this by the fact that the lock symbol in the status bar of your browser is closed and the address bar begins with "https...".
8. Your rights as a data subject
Pursuant to art. 15 para. 1 GDPR, you have the right to request information free of charge on the personal data stored by ATR about you.
In addition, you have a right to correction (art. 16 GDPR), deletion (art. 17 GDPR) and restriction of the processing (art. 18 GDPR) of your personal data if the legal requirements are met.
If the data processing is based on art. 6 para. 1 e) or f) GDPR, you have the right to object according to art. 21 GDPR. If you object to the data processing, this will not take place in the future, unless the data controller can prove compelling reasons worthy of protection for the further processing which outweigh the interest of the data subject in objecting.
If you have provided the processed data yourself, you have the right to data transfer in accordance with art. 20 GDPR.
If the data processing is based on consent pursuant to art. 6 para. 1 a) or art. 9 para. 2 a) GDPR, you may revoke the consent at any time with effect for the future without affecting the legality of the previous processing.
Please contact the data protection officer in writing or by e-mail in the aforementioned cases, for open questions or in the event of complaints.
In addition, you have the right to complain to a data protection supervisory authority. The data protection supervisory authority of the federal state in which you live or in which the data controller is based is responsible.
Unless otherwise stated in the previous chapters, the provision of personal data is not required by law or contract or necessary for the conclusion of a contract. You are not obliged to provide the personal data if no other information has been provided previously. Failure to provide your personal data may mean that we are unable to respond to your contact request.
9. Contact details of the data protection officer:
Datenschutz Süd GmbH