6. Log files
Each time you use the internet, certain information is automatically transmitted by your internet browser and stored by us in so-called log files.
Log files are stored by us for the purpose of identifying faults and for security reasons (e.g. to investigate attempted attacks) as long as necessary for the specified purposes, and then deleted or anonymized. Log files which must be stored for a further period for evidentiary purposes are not deleted until the incident in question has been definitively resolved, and in individual cases may be passed on to investigative authorities. We have a legitimate interest in storing log files, to ensure that our web pages function smoothly without disruption.
In particular, the following information is stored in log files:
- IP address (internet protocol address) of the device from which the online offering is accessed;
- Internet address of the prior website (source or referrer URL) which sent the user to the online offering;
- name of the service provider via which the online offering is accessed;
- name of the files or information retrieved;
- the date and time and duration of the retrieval;
- quantity of data sent;
- operating system and information about the internet browser used, including installed add-ons (e.g. for Flash Player);
- http status code (e.g. “request successful” or “requested file not found”).
7. User analysis
Analysis tools (e.g. etracker) are used on maxon’s web pages and on the online shop. Information collected about the use of the web pages is stored on the tool providers' servers.
Analysis tools enable us to collect and analyse data about how visitors use our web pages and online shop. This enables us to find out when web pages were viewed, and from which region.
The maxon Group has a legitimate interest in carrying out anonymised analysis of user behaviour, in order to optimise our web pages and the advertising. If your prior consent was requested when you visited our web pages (e.g. consent to the storage of cookies), processing is based on your consent, which you may revoke at any time with effect for the future.
8. Forwarding of data
Forwarding of data to other controllers
As a general rule, your personal data will only be transferred by us to other controllers if this is necessary for contractual performance, or if we or the third party have/has an overriding legitimate interest in forwarding the data, or if you have given your consent. For details about the legal basis and the recipients or categories of recipients, see Section 5 (Purpose of processing; legal basis).
If “maxon Group joint data controllers” are specified as possible data recipients, the data in question may be forwarded within the maxon Group, to ensure that you receive optimal support and advice from the maxon Group, in an effort to maintain good customer relations. Forwarding of data within the maxon Group thus benefits both you and us, and as mentioned in Section 5 is based inter alia on our legitimate interest in maintaining good customer relations with current and future customers. In addition, data may be transferred to other controllers, insofar as we are required to do so by law or pursuant to an enforceable official or court order.
Service providers (general)
We use external service providers who perform tasks such as marketing services, HR services, programming, data hosting and hotline services. We have carefully selected these service providers and monitor them regularly, in particular to ensure they are careful in the way they handle and protect data stored by them. All service providers are under contractual obligation to maintain confidentiality and to comply with legal requirements. Service providers may also be other companies within the maxon Group.
Forwarding of data to recipients outside the EEA
We may also forward personal data to recipients domiciled outside the EEA (non-EEA countries). In such cases, before forwarding the data we make sure the recipient contractually guarantees an adequate level of data protection, or if necessary we obtain your consent to forwarding of your data.
9. Storage periods; Duration of storage
As a general rule, we store your data for as long as is necessary to ensure we can provide our online offering and related services, or for as long as we have a legitimate interest in further storage (e.g. after fulfilment of a contract, we may still have a legitimate interest in marketing via physical mail). After that we will delete your personal data, except for data which we must continue to store in order to comply with legal obligations (e.g. tax-law and commercial-law retention periods require us to retain documents such as contracts and invoices for a certain period of time).
What is a cookie?
A cookie is a small quantity of data stored on your computer or mobile device by the websites you visit. Cookies (hereinafter: cookies) are often used to operate websites or to operate them more efficiently, and to transmit information to the operators of the website.
11. Social plugins
Our online offering includes social plugins from various social networks, as described below
When a plugin is used, your internet browser establishes a direct connection to the server of the relevant social network. The provider receives a notification that your internet browser has accessed a given page of our online offering, even if you do not have a user account with that provider or are not currently logged into it. Log files (including the IP address) are transmitted by your internet browser directly to a server of the respective provider and (if applicable) stored there. The provider or its server may be located outside the EU/EEA (e.g. in the USA).
A plugin is essentially an independent extension of the social network provider. We therefore have no control over the amount of data collected and stored by the social network provider.
If you do not want a social network provider to receive and (if applicable) store or reuse data via the online offering, do not use the plugin in question. If you have a user account with a given social network and are logged in, that social network may be able to assign your internet usage behaviors directly to your personal profile. You can prevent this by logging out of your user accounts.
Social plugins with double opt-in
Double opt-in ensures that your visit to our web pages is not recorded by a social network provider by default. If you visit a page on our website that includes a plugin, initially it is disabled. It will only be enabled if you click on the relevant button.
Facebook and Instagram plugins
Facebook and Instagram: www.facebook.com is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA; www.facebook.de is operated by Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (“Facebook”). An overview of Facebook plugins and how they are displayed can be found at: https://developers.facebook.com/docs/plugins/?locale=de_DE; Information on Facebook's data protection policy can be found here: http://www.facebook.com/policy.
Twitter is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). An overview of Twitter plugins and how they are displayed can be found here: https://developer.twitter.com/; Information on Twitter's data protection policy can be found here: https://twitter.com/de/privacy.
LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”). An overview of LinkedIn plugins and how they are displayed can be found here: https://developer.linkedin.com/plugins; Information about LinkedIn's data protection policy can be found here: https://www.linkedin.com/legal/privacy-policy.
Our web pages use functionalities of the video platform YouTube, which are provided by YouTube LLC, 901 Cherry Ave. San Bruno, CA 94066, USA (“YouTube”). YouTube is a platform that allows the playback of audio and video files.
When you visit the relevant web page on our site, the embedded YouTube player establishes a connection to YouTube so that the video or audio file can be transmitted and played back. Data are also transferred to YouTube as the controller. We are not responsible for the processing of this data by YouTube.
13. External links
Our online offering may contain links to third-party websites (providers that are not affiliated with us). Once you have clicked on the link, we no longer have any control over the collection, processing or use of any personal data transmitted to the third party by clicking on the link (e.g. IP address, or URL of the page on which the link is located), since the conduct of third parties is by nature beyond our control. We are not responsible for the processing of such personal data by third parties.
Our employees and the service providers engaged by us are obligated to maintain confidentiality and comply with the provisions of applicable data protection legislation.
We take all necessary technical and organizational measures to ensure an adequate level of protection and to protect your data we manage, in particular against the risks of accidental or unlawful destruction, manipulation, alteration, accidental or unlawful loss, unauthorized disclosure or access. Our security measures undergo ongoing improvement in line with technological developments.
15. User's rights
To assert your rights, see Section 2 (How to reach us). Please make sure that we can easily identify you.
Right to information; data subject's right to access stored personal data
You have the right to receive information from us about the processing of your data. As data subject you have the right to access your stored personal data.
Right to correction; right to deletion
You can ask us to correct incorrect data. Provided the legal requirements are met, you may request that incomplete data be completed, and you may also request that your data be deleted.
This does not apply to data which are required for billing and accounting purposes or are subject to statutory storage requirements. Insofar as access to those types of data is not required, you are entitled to place restrictions on the processing of said data (please see below).
Right to place restrictions on processing
Provided the legal requirements are met, you are entitled to instruct us to place restrictions on the processing of your data.
Provided the legal requirements are met, you have the right to receive data that you have made available to us in a structured, commonly used machine-readable format, or you may instruct us to transfer the data to a third party, insofar as technically feasible.
Right to object
Right to object to processing of your data for direct marketing purposes
At any time you may object to the processing of your personal data for direct marketing purposes (“right to object to processing of personal data for direct marketing purposes”). Please note: for organizational reasons, there may be an overlap between your objection and the use of your data in a campaign which is already in progress.
Right to object to processing of data where we claim a legitimate interest
At any time you are entitled to object to our processing your data where we claim a legitimate interest. We will then stop processing your data, unless we can demonstrate compelling grounds for further processing and those grounds outweigh your rights, as set forth by law.
If you have given consent to processing of your data, you may revoke your consent at any time with effect for the future. Processing of your data up until the date of revocation remains lawful.
Right to submit a complaint to the supervisory authority
You may have the right to lodge a complaint with the supervisory authority responsible for you, in particular with the data protection authority responsible for your place of residence.