Privacy Policy

(Date: 06/2020)

It is especially important to us to protect your personal data and responsibly handle the information that you entrust to us. AMF-Bruns Forschungs- und Entwicklungsgesellschaft mbH & Co. KG (AMF-Bruns R&D) only processes personal data in accordance with statutory regulations, especially the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). 

 

In this Privacy Policy, we disclose the legal bases on which, the extent to which and for which purposes we process personal data when

  • you use our website (section 2.),
  • you conclude contracts with us (section 3.),
  • you visit our premises (video surveillance) (section 4.),
  • visiting the business and production facilities (visitor process) (see section 5.),
  • you apply for a position (section 6.),
  • you provide your contact details during the usual establishment of contact in the ordinary course of business (see section 7.).

We also disclose the recipients of your personal data within the European Economic Area (EEA) (section 8.), within third countries (section 9.), the deletion of your personal data and corresponding retention periods (section 10.), your rights as the data subject (section 11.) and whether automated decision-making is used (section 12.).

1. Controller and Data Protection Officer

Controller: AMF-Bruns Forschungs- und Entwicklungsgesellschaft mbH & Co. KG, Hauptstrasse 101, 26689 Apen, Germany, testcenter@amf-bruns.de

Data Protection Officer: PLANIT // LEGAL Rechtsanwaltsgesellschaft mbH, Jungfernstieg 1, 20095 Hamburg, Germany; mail@planit.legal

2. Processing of personal data on our website

In order to use this website, it is necessary to process personal data to the extent described in section 2.1 in order to enable you to use it (usage data), as described in section 2.1.. In addition, we process personal data for other purposes as described in section 2.2. ff..

2.1. Data processing to enable website usage

When you visit our website, we collect personal data to enable your usage of the site (usage data). This includes your IP address and data about the start and end points of your usage of the website and why you are using the website and potentially also identification data (such as your login data if you log in to a secure area). This also includes the technical data transmitted from your browser such as its type/version, the referrer URL, monitor resolution, operating system and any device information (e.g. device type), etc. It is in our legitimate interest to process this data in order to provide our website and design it such that it meets user needs (Article 6 (1) (f) GDPR). If you would like detailed information on the balancing of interests, please contact one of the people mentioned in section 1.

2.2. Cookie banner: Consent to cookies and pseudonymous user profiles

When you visit our website, information may be stored on your terminal in the form of cookies. A cookie is a small text file that is sent to your browser by a server and stored on your terminal. If you visit our website again, cookie data will be transferred to our server. This will allow us to recognise you for example and account for your individual settings in the presentation of the website. Cookies can be divided into first-party cookies (placed by AMF-Bruns R&D) and third-party cookies (placed by third parties). Moreover, we categorise cookies as follows:

 

Type Description

Category 1:

Technically necessary cookies

These cookies are necessary to ensure the technical functionality of the website (e.g. to provide the shopping basket function or to enable login during a session, etc.). The site cannot be used properly without these cookies.

Category 2:

Functional cookies

These cookies are used to provide the most pleasant browsing experience on our website; to adapt to the user’s individual usage behaviour to the maximum extent possible (e.g. to allow a user to stay logged in throughout a session, to facilitate fast browsing by providing search suggestions, or to allow storage of individual page settings such as language or text size, etc.).

Category 3:

Performance cookies

These cookies serve to constantly optimise our website and continuously improve the browsing experience (e.g. by evaluating the use of the available website features, reporting display errors, etc.).

Category 4:

Social network and advertising cookies

Some of these cookies allow you to connect with your social networks and share content. The rest of the cookies serve to better individualise advertising for you by tailoring it to your interests by collecting information.

Cookies of the category 2, 3 and 4 may be placed in the scope of web analysis, which helps to analyse web traffic. They may be combined with other information on your activities on our website and processed in pseudonymous user profiles. This helps us to analyse web traffic and improve our website to tailor it to users’ needs. We only use this information for statistical analyses. In addition to cookie-based web analysis, there is non-cookie-based web analysis using other means such as your individual device settings in order to recognise you when you visit our website again.

 

The legal basis for the use of category 1 cookies is our legitimate interest in making our website available in accordance with Art. 6 (1) (f) GDPR. 

 

The legal basis for the use of cookies of categories 2, 3 and 4 and web analyses is your consent pursuant to Art. 6 (1) (a) GDPR. When you visit our website and, where applicable, on subsequent visits, we will inform you about the use of cookies and ask for your consent. In order to declare your consent, we will show you a corresponding banner „Cookie Policy“. In this banner you can declare your consent to the use of all cookies by clicking on "Accept all". You can also consent to the use of individual cookies only by selecting them in the cookie banner and then clicking on "Accept only selected". You are not obliged to give consent. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation. You can send the revocation to one of the addresses mentioned in paragraph 1. You can also manage and change your cookie settings including your consent under the footer link "Cookie Policy". You can restrict the consent in whole or in part by configuring your browser settings and deactivating cookies in whole or in part. You can also install a browser plug-in. Plugins offer the possibility to prevent web analytics - e.g. AdBlock, Ghostery, NoScript or uBlock Origin (please refer to the privacy policy of the respective plugin provider).

 

Some web analysis providers are also members of industry associations whose websites allow users to prevent the use of web analysis centrally. Links to these associations’ websites can be found below, allowing you to declare your choices as regards web analysis and data processing in pseudonymous profiles.

 

"European Interactive Digital Advertising Alliance" (EDAA): http://www.youronlinechoices.com/uk/your-ad-choices

 

"Digital Advertising Alliance" (DAA): www.aboutads.info/choices/

 

"Network Advertising Initiative" (NAI): http://www.networkadvertising.org/choices/

 

If you do not consent to the use of cookies or delete cookies from your terminal, this may have an adverse effect on your ability to use the website or its individual functions. Detailed information on the individual cookies used on our website can be found in the footer link "Cookie Policy" on our website https://www.amf-bruns-testcenter.com/.

 

You can prevent web analyses, for example, by storing an "anti-tracking cookie" on your end device, which prevents the provider from collecting usage data from your end device. Please note: If you delete cookies from your device, you may need to place the ‘anti-tracking cookie‘ again.

2.3. Web analysis technologies

For advertising, market research and to make your experience on our website as pleasant as possible, AMF-Bruns R&D uses web analysis technology that is based on cookies, among other things (not necessary first-party cookies and third-party cookies). Data on usage of our website is stored in the form of pseudonymous user profiles (your IP address is anonymised). This enables us to further develop our website and tailor our content to your needs.

 

Pseudonymous user profiles are not combined with personal data. Before we process your data for the purposes mentioned in this section, we obtain your consent (see section 2.2. and cookies of category 2, 3 and 4).

 

The following table shows the web analysis technologies used on our website and the associated providers who process personal data in pseudonymous profiles for the purposes specified. Links are also provided to the providers’ privacy policies and an explanation is given as to how you can prevent the individual service providers from tracking your online activities, which they will stop doing once you take the relevant action. In such cases, an ‘anti-tracking cookie’ is usually stored on your terminal that prevents the provider from collecting your terminal’s usage data in future. Please note that if you delete cookies from your terminal, you may need to place the anti-tracking cookie again.

 

Tool / Provider Purpose

Link to the porvider's privacy policy /

preventing processing

Google Analytics: Google LLC., 1600 Amphitheatre Parkway, Mountain View,
CA 94043, USA

Web analysis, interest-based advertising

https://www.google.de/intl/de/policies/

 

Prevent processing: Use a browser plug-in (see add-on) and additional information in section 2.4.

Google Double-Click, Google AdWords Conversion, Google Dynamic Remarketing: Google LLC., 1600 Amphitheatre Parkway, Mountain View,
CA 94043, USA

Web analysis, interest-based advertising

https://www.google.de/intl/de/policies/

 

Prevent processing: Use Google Ad Settings; see the additional information in section 2.5.

2.4. Google Analytics

This website uses Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google). Google Analytics employs cookies (see section 2.2.) to enable analysis of website usage. The information generated by the cookie about your use of this website is generally transmitted to a Google server in the USA, where it is then stored. However, your IP address is truncated and anonymised by Google within Member States of the European Union and other countries party to the Agreement on the European Economic Area before it is transferred. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and then truncated. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports about website activities and to provide for the website operator further services connected to the website use and the Internet use. The IP address transmitted from your browser for purposes of Google Analytics is not combined with other data held by Google.

 

You can prevent the storage of cookies by configuring your browser software accordingly or utilising a privacy plug-in (see section 2.2.). You can also prevent recorded data generated by the cookie concerning your use of the website (including your IP address) from being sent to Google and the processing of this data by Google by downloading and installing the browser plug-in available via the following link: http://tools.google.com/dlpage/gaoptout?hl=de

 

For more information about data protection on Google Analytics, see: https://www.google.de/intl/de/policies/

2.5. Google Double-Click (including Floodlight and Spotlight), Google AdWords Conversion, Google Dynamic Remarketing

We utilise Google Analytics for statistical analysis of data derived from the Google AdWords and DoubleClick services. This enables us to analyse behaviour after a user clicks on our ad – whether the user purchased our product or viewed the ad from a mobile phone, for example – and thereby improve our offers. These services are also utilised so that you receive interest-based advertising. Your consent is required for this (section 2.2.). If you do not want this, you can prevent this using the option described in section 2.2. and using Google Ad Settings: http://www.google.com/settings/ads/onweb/?hl=de

 

DoubleClick places a cookie on your computer in order to track your browsing behaviour on various websites and to show you advertising based on your interests. If you do not want this, you can download a plug-in using the following link to block the DoubleClick cookie: https://www.google.com/settings/u/0/ads/plugin?hl=de, or proceed as described under section 2.3.

2.6. Google Fonts

Our website uses ‘Google Fonts’ from Google to present fonts uniformly. When you access a page, your browser loads the fonts required in your browser cache so that the texts and fonts can be displayed correctly. In this process, your IP address will be transmitted to Google’s servers, among other things. Standard fonts will be used if your browser does not support Google Fonts.

 

Further information on Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy.

2.7. Google Maps

There is a plug-in on the contact page that shows a map from Google Maps. Google Maps is an online service that displays interactive maps, showing geographical information visually. This service shows you our location and makes it easier for you to visit us.

 

To this end, a connection is established between your browser and Google’s servers – as is the case when you visit Google’s search engine page. If you are logged in on Google, your data will be assigned directly to your account. If you do not want this data to be assigned to your profile on Google, you must log out before enabling the button. Google itself is responsible for its data processing. Google does not track activities on our website.

 

If you do not agree to the future transmission of your data to Google when using Google Maps, it is also possible to fully disable Google Maps by turning off JavaScript on your browser. As a result, it will not be possible to use Google Maps and therefore to display maps on this website.

 

Further information on using Google Maps can be found in Google Maps’ terms of use. Information on data protection at Google can be found in Google’s privacy policy.

2.8. Contact form

We process your personal data when you use our contact form. If you contact us using the contact form provided, your information will be stored so that it can be accessed to process and respond to your query. Please note that there may be security gaps when data is transferred online. Data cannot be protected completely against third-party access.

 

Depending on the nature of your query, the legal basis for this data processing will be the admissibility of processing in the scope of contract preparation, a contract or our legitimate interest in the provision of a contact form for general queries (Article 6 Sec. 1 (b) or (f) GDPR). You are neither obliged to contact us via the contact form nor to provide personal data. If you do not provide your personal data, we may not be able to process your request. Otherwise there will be no consequences for you. If you would like detailed information on the balancing of interests, please contact one of the people mentioned in section 1.

3. Conclusion and execution of contracts

We process your personal data in order to conclude and execute contracts with you (purchase contract).

3.1. Legal basis

Article 6 (1) (b) GDPR

3.2. Purpose and necessity of the provision of your personal data

We process your personal data to establish and execute the contractual relationship with you. You must provide your personal data for this purpose. You are not obliged to provide your personal data, but if you do not, it will not be possible to establish and execute the contractual relationship. There will otherwise be no consequences for you.

4. Visiting our premises (video surveillance)

If you visit our premises, please note that we monitor some of the exterior area and car park with video cameras.

These areas are identified by the following pictogram:

4.1. Legal basis

Article 6 (1) (f) GDPR and Section 4 (1) no. (2) and no. (3) BDSG

4.2. Purpose and necessity of the processing of your personal data

The purpose we pursue is to prevent, detect and investigate offences, to safeguard our property rights and to guarantee traffic safety. Our legitimate interest as defined by Article 6 (1) (f) GDPR is the protection of our property as well as the property and physical integrity of all visitors and employees. If you would like detailed information on the balancing of interests, please contact one of the people mentioned in section 1.

5. Visiting the business premises and production facilities (visitor process)

If you visit our business premises or production facilities as a guest, we process the following data: [surname, first name, employer, date of the visit].

5.1 Legal basis

Article 6 (1) (lf) GDPR

5.2. Purpose and necessity of processing your personal data

The purpose we pursue is to prevent, detect and investigate offences, to safeguard our property rights and to guarantee traffic safety. Our legitimate interest as defined by Article 6 (1) (f) GDPR is the protection of our property as well as the property and physical integrity of all visitors and employees. If you would like detailed information on the balancing of interests, please contact one of the people mentioned in section 1.

6. Applying for a job

We process your personal data during the application process.

6.1. Legal basis

Section 26 (1), (8) s. (2) BDSG or Section 26 (2), (8) s. (2) BDSG

6.2. Purpose and necessity of the processing of personal data

We process your personal data in order to contact you and to assess your suitability for the position you are applying for.

 

You cannot apply for a position at AMF-Bruns R&D if you do not provide your personal data. You are not obliged to apply for a position at AMF-Bruns R&D, nor are you obliged to provide your personal data. We may not be able to consider your application if you do not provide us with your personal data. There will otherwise be no consequences for you.

7. Usual establishment of contact in the ordinary course of business

This paragraph describes those circumstances that entail processing of personal data that are usual in the ordinary course of business.

 

These are mainly such cases as the spontaneous exchange of contact data at trade fairs, events, business meals or other business activities, e.g. through the exchange of business cards, or even the initial contact by AMF-Bruns R&D or by you with a business content, e.g. through entry in a contact form. We also process your personal data if you contact us via other channels (email or similar).

7.1. Legal basis

Article 6 (1) (b) or (f) GDPR - depending on the purpose of the provision of your personal data or the contact.

7.2. Purpose and necessity of the processing of personal data

We collect the following categories of personal data when you or we contact you: contact data, such as your name, address, e-mail or telephone number, data about your company, such as address, e-mail, business area, job description, title, data about your input/enquiry, such as content, time of enquiry, means of communication. The processing of this data is carried out for storage in our contact databases in the context of business activities, such as e-mail programs, telephone directories, card indexes, etc. for the purpose of resuming contact and/or processing your request and further handling.

 

Our legitimate interest is the establishment of contact for a possible business initiation, the resumption of contact and/or processing of your request and the further handling as well as the general communication with you. If you would like detailed information on the balancing of interests, please write to one of the addresses mentioned in section 1.

8. Transmission to recipients of personal data within the EEA

We only forward the personal data described here insofar as this is necessary to perform our service or required by law in this context. For the purposes specified here, personal data is forwarded to the service providers that work for us and in particular help us to provide our services. These service providers are bound by the statutory obligation to comply with all data protection provisions, and we also impose additional contractual obligations relating to data protection on them. This includes in particular an obligation as a processor in accordance with Article 28 GDPR. We forward personal data to the following types of service providers in particular:

  • Accountants, financial institutions, tax and legal advisers
  • IT service and infrastructure
  • IT support and maintenance
  • Data destruction and facility services

In addition to the aforementioned types, other types of service providers may exist or be added at any time.

 

Otherwise, we only transmit personal data to other recipients if we are legally permitted to do so or you have consented to this in advance. Any consent granted may be revoked at any time with effect for the future. We only pass on your data to government bodies in accordance with statutory obligations or as a result of an official order or court decision and only to the extent permitted under data protection law.

9. Transmission to recipients of personal data in countries outside the EEA

We will transmit your data to recipients outside the EU insofar as required for our purposes. This is the case in particular if we have to pass on this data to recipients in such countries in the context of contract performance or on account of statutory requirements. Otherwise, we only transmit data to third countries if it is ensured that the recipient of the data has implemented an adequate level of data protection as defined by Article 45 GDPR or suitable guarantees within the meaning of Article 46 (2) and (3) and no other legitimate interests preclude the data transmission. To ensure an adequate level of protection at the data recipient, we use the EU Commission’s standard contract clauses in particular to transmit personal data to third countries, unless an adequacy decision as defined by Article 45 (1) GDPR has been made by the EU Commission (processor-to-processor; processor-to-processor transmission). We forward personal data to the following types of service providers in particular:

  • Web analysis
  • Internal processing and data transmission

In addition to the aforementioned types, other types of service providers may exist or be added at any time.

10. Deletion

We delete your personal data when it is no longer required for the aforementioned processing purposes, if there are no compelling, legitimate grounds on the part of AMF-Bruns R&D that preclude deletion in the event of objection, or if there is no legal basis for the processing in the event of revocation. In certain cases, for example in the event of a statutory retention obligation, your personal data will initially be blocked and deleted at the end of the retention period.

 

CCTV images are generally deleted after a period of no more than 72 hours. In justified individual cases, particularly for criminal investigations or to preserve evidence, recordings may be kept for longer and deleted once they have fulfilled this purpose.

 

Position-related data is retained until a decision has been made and then deleted after no more than six months or, in the event of a successful application, transferred to personnel files.

11. Your rights

As the data subject, you have the following rights:

  • A right to confirmation as to whether your personal data has been processed by AMF-Bruns R&D and, if this is the case, the right of access to this personal data (Article 15 GDPR)
  • A right to rectification of your incorrect data (Article 16 GDPR)
  • A right to erasure (Article 17 GDPR)
  • A right to restriction (blocking) of your data (Article 18 GDPR)

If processing is based on Article 6 (1) (e) or (f) GDPR, you may also object to the processing (Article 21 GDPR), although you must have a special reason, apart from in the case of direct advertising. You can ask for data to be transferred where you have provided it (Article 20 GDPR). The aforementioned regulations legally define whether and to which extent these rights exist in individual cases and the conditions under which they apply. If the processing is based on consent as defined by Article 6 (1) (a) or Article 9 (2) (a) GDPR, you may revoke this at any time with effect for the future (Article 7 (3) GDPR). You also have the right to contact the competent data protection authority (Article 77 GDPR).

 

If you have any questions or complaints relating to data protection at AMF-Bruns, please contact our Data Protection Officer in the first instance (contact details can be found in section 1.).

12. No automated decision-making

We do not use personal data for automated decision-making as defined by Article 22 (1) GDPR.

13. Changes to the Privacy Policy

We may need to amend our Privacy Policy as a result of new legal requirements, corporate decisions and technical developments. The Privacy Policy will be amended accordingly. The most recent version can be found on our website.