The following is a translation that is intended for information purposes only. In the event of any inconsistency between the German original and the English translation, the German version shall prevail.
Processing of personal data on the basis of the EU General Data Protection Regulation
Controller responsible for the processing of your personal data
BMA Braunschweigische Maschinenbauanstalt AG
Am Alten Bahnhof 5
Phone: +49 5331804-0
Fax: + 49 5331804-260
Data protection officer
Our data protection officer:
Mr Tobias Lau
BEL NET GmbH
Contact details for our data protection officer:
Telephone: +49 531 2144-172
Fax: +49 531 2144-144
As an alternative to the browser Addon or within browsers on mobile devices, you can click the button below in order to opt-out from being tracked by Google Analytics within this website in the future (the opt-out applies only for the browser in which you set it and within this domain).
An opt-out cookie will be stored on your device, which means that you'll have to click this link again, if you delete your cookies.
Analysis services and advertising
This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States .
In case IP-anonymisation is activated on this website, your IP address will be truncated within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases the whole IP address will be first transfered to a Google server in the USA and truncated there. The IP-anonymisation is active on this website.
Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them other services relating to website activity and internet usage.
Google Web Fonts
In order to display fonts consistently, this site uses web fonts provided by Google. When you access a page, your browser will load the required web fonts in your browser cache to display texts and fonts correctly. For this purpose, the browser you are using has to contact the Google servers, as a result of which Google learns that your IP address has accessed our website. We use Google web fonts in the interest of displaying our online offerings consistently and attractively. This represents a legitimate interest within the meaning of Art. 6 Para. 1 (f) GDPR.
If your browser does not support web fonts, your computer will use a standard font.
You can find further information about Google web fonts at (This link opens in a new tab) https://developers.google.com/fonts/faq and in Google’s data privacy statement: (This link opens in a new tab) https://www.google.com/policies/privacy/.
The content management system we use offers statistics on the page views of our website. For this, only the number of views, the date and the URL are stored. No personal data such as your IP address are stored.
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This site uses the map service Google Maps via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the functions of Google Maps it is necessary to for your IP address to be stored. This information is generally sent to and stored on a Google server in the USA. The provider of this site has no influence over this data transmission. The use of Google Maps takes place in the interest of showing our online offerings appropriately and making it easy to find the places we mention on the website. This represents a legitimate interest within the meaning of Art. 6 Para. 1 (f) GDPR. You can find more information about the way in which user data is handled in Google’s data privacy statement: (This link opens in a new tab) https://www.google.de/intl/de/policies/privacy/.
Our website uses social plugins (“plugins”) from the social networks facebook.com, twitter.com, YouTube.com, induux.com, xing.de and LinkedIn (also referred to jointly below as “the providers”). The plugins are identified by the corresponding logos of the providers.
When you access our web pages, your browser establishes a direct connection with the providers’ servers. Through the integration of the plugin, the providers receive at least the information that you have accessed the website concerned, and as the case may be also further information depending on the respective plugin or service. If you are registered with and logged in with the respective provider, this provider can allocate your visit to your user account with them. If you interact with the plugin, for example by using the Facebook “Like” button or making a comment, the corresponding information will be transmitted directly from your browser to the provider and stored there, and also further processed if applicable. You can find details of the purpose and scope of such data collection and the further processing and use of the data by the respective provider, as well as your rights in this respect and options for adjusting the settings to protect your privacy, from the respective providers’ data privacy statements:
Our Online Offers use the YouTube video platform which is operated by YouTube, LLC, 901 Cherry Ave. San Bruno, CA 94066, USA („YouTube”). YouTube is a platform which allows the playback of audio and video files. When you access a respective site of our Online Offers that contains an embedded YouTube player, this creates a connection to YouTube so that the video or audio file can be transmitted and played back. In doing so, data is transferred to YouTube as a data processor. We are not responsible for the processing of such data by YouTube. Additional information on the scope and purpose of collected data, on further processing and usage of data by YouTube, on your rights and the privacy options available to be chosen by you, can be found in YouTube's data protection notice.
Our Online Offers use the map service Google Maps via an API. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. For the use of the functions of Google Maps it is necessary to store your IP address. This information is usually transmitted to a server of Google LLC in the USA and saved there. The provider of this page does not have any influence on this transmission of data.
The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy retrievability of the places listed by us on the website. This represents a predominant legitimate interest on our part within the meaning of article 6 section 1 lit. f GDPR.
Cooperation with commissioned processors and third parties
Insofar as within the context of our processing we disclose data to other persons and companies (commissioned processors or third parties), transmit data to them or grant them access to data otherwise, this only takes place on the basis of legal permission (e.g. if it is necessary to transmit the data to third parties or to payment service providers in accordance with Art. 6 Para. 1 (b) GDPR for the performance of a contract), if you have consented to this, if this is provided for by a legal obligation or on the basis of our legitimate interests (e.g. when using agents, web hosting providers, etc.). If we instruct third parties to process data on the basis of a so-called “commissioned data processing agreement”, this takes place on the basis of Art. 28 GDPR.
Facebook is operated under www.facebook.com by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, and under www.facebook.de by Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland ("Facebook"). Find an overview over Facebook's plugins and their appearance here: https://developers.facebook.com/docs/plugins; find information on data protection at Facebook here: http://www.facebook.com/policy.php.
Twitter is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter"). Find an overview over Twitter's plugins and their appearance here: https://developer.twitter.com/en/docs/twitter-for-websites/overview.html; find information on data protection at Twitter here: https://twitter.com/privacy.
Plugins of the social network LinkedIn, Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA are integrated on our website. When you visit our website, the plugin establishes a direct connection between your browser and the LinkedIn server. LinkedIn therefore receives information that you have visited our website, including your IP address. When you click the LinkedIn Share button while you are logged on to your LinkedIn account, you can link the content of our website to your LinkedIn profile. This allows LinkedIn to assign the visit to our website to your user account. Please note that we as the website provider receive no information about the content of the transmitted data or their use by LinkedIn. Further information is found in the LinkedIn data privacy statement under www.linkedin.com/legal/privacy-policy.If you do not want LinkedIn to be able to assign your visit to our website to your LinkedIn user account, please log off your LinkedIn user account.
Purposes and legal basis of data processing
We process your personal data exclusively in compliance with the statutory requirements of the EU General Data Protection Regulation (GDPR), the new Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG), and, where applicable, other relevant sector-specific laws. We therefore process your data only inasmuch as there is a contractual basis for this, you have given your consent to the processing of these data, or we are legally allowed or required to process your data.
Data processing for the purpose of performance of a contract or for taking steps prior to entering into a contract
We process the personal data you provide to us inasmuch as this is required for entering into a contract, performance of a contract, or termination of a contract. For details of the purposes of data processing, please refer to the relevant contract documentation.
The legal basis for data processing for the performance of a contract and taking steps prior to entering into a contract is normally Article 6 (1) Item b GDPR.
Data processing for the purpose of legitimate interests pursued by the controller or by a third party
We also process your data inasmuch as this is required for the purpose of legitimate interests pursued by us or by a third party. Processing by us for the purpose of legitimate interests includes regular direct marketing activities for our own products and services; preparing internal statistics; criminal investigations; and actions to ensure the correct functioning of our IT infrastructure.
The legal basis for data processing for legitimate interests pursued by us or by a third party is Article 6 (1) Item f GDPR.
Data processing for compliance with a legal obligation
Moreover, we process your data inasmuch as this is required for compliance with a legal obligation that we are subject to. Legal obligations that we are subject to include, in particular, record-keeping duties under the German tax and commercial codes.
The legal basis for data processing for compliance with a legal obligation is Article 6 (1) Item c GDPR, in combination with the relevant legal standard in each case.
Data processing based on consent and for other purposes
We may also process your personal data inasmuch as you have given your express consent to this (see also Article 6 (1) Item a GDPR). In these cases, we provide you separately with additional data protection information in the context of the consent procedure. You can withdraw your consent at any time using the above contact details.
Categories of recipients of personal data
Data processing within a group of undertakings
In the context of our administrative work and in the performance of the contract, it may become necessary for us to disclose your personal data to the company within our group of undertakings that is responsible for the relevant data processing task.
Under Article 28 GDPR, all external contractors performing data processing services on our behalf are bound by contract to handle all personal data in accordance with current rules. Inasmuch as these companies come into contact with your personal data, we have put in place legal, technical and administrative measures and perform regular monitoring to ensure that they comply with the rules of data protection and privacy legislation.
We may disclose your personal data to public authorities where this required in the context of our statutory duties of disclosure.
Data transfers to a third country
We will not normally transfer your personal data to third countries or international organisations outside the European Economic Area (EEA). Where we do effect such transfers in individual cases, this will only be to third countries for which an adequacy decision by the European Commission exists, or whose level of protection of personal data has been confirmed by suitable or appropriate safeguards (such as binding corporate rules or standard EU contractual clauses).
Length of data storage
We will store your personal data only for as long as this is required in the context of the purposes specified above, and for a period where the establishment of legal claims against us could be expected.
The statutory limitation period for such claims may in individual cases run for between three and thirty years.
We also store your personal data inasmuch as we are required to do so in the context of the statutory duties of documentation and record-keeping (such as under the German Commercial and Fiscal Codes or the Money Laundering Act).
Statutory retention periods may run for up to ten years. In exceptional cases, specific duties of documentation may exist, which require your personal data to be kept for longer.
Rights of data subjects
- As a data subject, you have the following rights under Article 15 ff. GDPR:
- Right of access
- You have the right to obtain from us confirmation as to whether or not we process personal data concerning you. Where this is the case, you have the right to request access to these personal data.
- Right to rectification
- You have the right to obtain from us rectification of inaccurate personal data concerning you.
- Right to erasure
- In certain cases, you have the right to obtain from us the erasure of personal data concerning you without undue delay.
- Right to restriction of processing
- In certain cases, you have the right to obtain from us the restriction of processing.
- Right to data portability
- You have the right to receive from us the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format.
- Right to object to processing
- You have the right to object at any time, on grounds relating to your particular situation, to the processing based on Article 6 (1) Items e or f GDPR of personal data concerning you. Inasmuch as we use your data for direct marketing purposes, you have the right to object to this at any time.
- Right to object
Inasmuch as you have given your consent to the use of personal data by us, you can withdraw this at any time.
Data protection supervisory authority
You also have the option of lodging a complaint with a data protection supervisory authority about our processing of personal data. The competent data protection supervisory authority is:
Die Landesbeauftragte für den Datenschutz Niedersachsen
If you have any further questions or comments, please do not hesitate to contact us or our data protection officer
c/o BEL NET GmbH
Oder per Mail an: dsb(at)bma-de.com