Data Privacy

AMF-Bruns GmbH & Co. KG Privacy Policy

It is especially important to us to protect your personal data and responsibly handle the information that you entrust to us. AMF-Bruns GmbH & Co. KG (AMF-Bruns) only processes personal data in accordance with statutory regulations, especially the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). This Privacy Policy applies to the AMF-Bruns Conveyor Technology division, including the sub-website www.amf-foerderanlagen.de/en/home/and the landing website www.amf-bruns.de/en/intro/. The Privacy Policy for the AMF-Bruns Mobility division can be found on the AMF-Bruns Mobility subwebsite at www.amf-bruns-mobility.com/privacy/.

In this Privacy Policy, we disclose the legal basis on which, the extent to which and for which purposes we process personal data when

  • you use our website (section 2.)
  • visiting our Facebook fan page and Instagram profile (Insights) (see section 3.),
  • you visit our presence in social networks (LinkedIn) (see section 4.),
  • you conclude contracts with us (section 5.)
  • you visit our premises (video surveillance) (section 6.)
  • visiting the business and production facilities (visitor process) (see section 7.)
  • you apply for a position (section 8.)
  • you provide your contact details during the usual establishment of contact in the ordinary course of business (e.g. trade fair) (see section 9.),
  • we send advertising and information flyers (section 10.)

We also disclose the recipients of your personal data within the European Economic Area (EEA) (section 11.), within third countries (section 12.), the deletion of your personal data and corresponding retention periods (section13.), your rights as the data subject (section 14.) and whether automated decision-making is used (section 15.).

  1. Controller and Data Protection Officer
    Controller: AMF-Bruns GmbH & Co. KG, Hauptstrasse 101, 26689 Apen; info(at)amf-bruns.de
    Data Protection Officer: AMF-Bruns GmbH & Co. KG, Data Protection Officer, Hauptstrasse 101, 26689 Apen; datenschutz@amf-bruns.de
  1. Processing of personal data on our website
    In order to use the website www.amf-bruns.de/en/intro/(AMF-Bruns landing website) and the sub-website www.amf-foerderanlagen.de/en/home/of AMF-Bruns Conveyor Technology division, it is necessary to process personal data to the extent described in section 2.1. in order to enable you to use it (usage data), as described in section 2.1. In addition, we process personal data for other purposes as described in section 2.2. ff. In the following, you will find information on the legal basis, the purposes and, if applicable, legitimate interests and the necessity of processing your personal data.

    1. Data processing to enable website usage
      When you visit our website, we collect personal data to enable your usage of the site (usage data). This includes your IP address and data about the start and end points of your usage of the website and why you are using the website, and potentially also identification data (such as your login data if you log in to a secure area). This also includes the technical data transmitted from your browser such as its type/version, the referrer URL, monitor resolution, operating system and any device information (e.g. device type), etc. It is in our legitimate interest to process this data in order to provide our website and design it such that it meets user needs (Article 6 (1) (f) GDPR). If you would like detailed information on the balancing of interests, please contact one of the people mentioned in section 1.

    2. GoogleFonts
      Our website uses ‘Google Fonts’ from Google to present fonts uniformly. When you access a page, your browser loads the fonts required in your browser cache so that the texts and fonts can be displayed correctly. In this process, your IP address will be transmitted to Google’s servers, among other things. Standard fonts will be used if your browser does not support Google Fonts.

      Further information on Google Fonts can be found at https://developers.google.com/fonts/faqand in Google’s privacy policy.

    3. GoogleMaps
      There is a plug-in on the contact page that shows a map from Google Maps. Google Maps is an online service that displays interactive maps, showing geographical information visually. This service shows you our location and makes it easier for you to visit us.

      To this end, a connection is established between your browser and Google’s servers – as is the case when you visit Google’s search engine page. If you are logged in on Google, your data will be assigned directly to your account. If you do not want this data to be assigned to your profile on Google, you must log out before enabling the button. Google itself is responsible for its data processing. Google does not track activities on our website.

      If you do not agree to the future transmission of your data to Google when using Google Maps, it is also possible to fully disable Google Maps by turning off JavaScript on your browser. As a result, it will not be possible to use Google Maps and therefore to display maps on this website.

      Further information on using Google Maps can be found in Google Maps’ terms of use. Information on data protection at Google can be found in Google’s privacy policy.

    4. ContactForm
      We process your personal data when you use our contact form. If you contact us using the contact form provided, your information will be stored so that it can be accessed to process and respond to your query. Please note that there may be security gaps when data is transferred online. Data cannot be protected completely against third-party access.

      Depending on the nature of your query, the legal basis for this data processing will be the admissibility of processing in the scope of contract preparation, a contract or our legitimate interest in the provision of a contact form for general queries (Article 6 (1) (b) or (f) GDPR). You are neither obliged to contact us via the contact form nor to provide personal data. If you do not provide your personal data, we may not be able to process your request. Otherwise there will be no consequences for you. If you would like detailed information on the balancing of interests, please contact one of the addresses mentioned in section 1.
  1. Visit our Facebook fan page and our Instagram profile (Insights)
    When you visit or interact with our Facebook fan page or Instagram profile, your personal information (e.g., "like" information) is processed as described in this section.

    1. Joint Controllers
      Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland, ("Facebook") provides us with statistics and insights to help us understand how our Fan Page or Instagram profile is used ("Page Insights"). In this case, Facebook and AMF-Bruns are jointly responsible for data processing ("Joint Controllers"). Instagram is a service of Facebook. The following information applies to both our Facebook fan page and our Instagram profile.

    2. Legal basis, purpose and necessity of processing your personal data
      The legal basis for the processing of your personal data is Art. 6 (1) (f) GDPR. We use information that you provide to us via your Facebook profile or by visiting our fan page via your browser to provide the functionalities of our fan page. This may include checking the range of our posts, defining our audience more precisely, adapting ads to our audience and designing our Facebook fan page to match the actual interests of our visitors. This may include:
      · age
      · gender
      · location

      We process this data in our legitimate interest to maintain the functions of our fan page, to check our reach and to design and display our fan page according to your interests. If you would like detailed information on the weighing of interests, please contact one of the addresses listed in section 1.

    3. Further information about Facebook and AMF-Bruns as Joint Controller
      In order to transparently and explicitly define the responsibilities for compliance with the obligations arising from the GDPR between AMF-Bruns and Facebook, we have reached an agreement with Facebook which states that Facebook is primarily responsible for data processing when visiting our fan page. In particular, Facebook is responsible if you exercise your rights under Art. 12 and 13 GDPR, Art. 15 to 22 GDPR, and for compliance with the obligations in Art. 32 to 34 GDPR.

      You can also send your request for data processing in connection with our fan page to us at any time or exercise your rights at the address mentioned in section 1. (for further information on your rights, please refer to section 14.). Insofar as it is necessary to execute your request or exercise your rights, we will forward your matter to Facebook.

      For more information on Page-Insight data and the exercise of your rights, please refer to the information provided by Facebook: https://www.facebook.com/legal/terms/information_about_page_insights_data.

      For more information on the definition of responsibilities within the joint responsibility in accordance with Art. 26 GDPR, see the agreement with Facebook: https://www.facebook.com/legal/terms/page_controller_addendum.

      For more information about setting cookies when visiting our fan page, please see Facebook's Cookie Policy: https://www.facebook.com/policies/cookies/

      For more information about protecting your privacy on Facebook, please see Facebook's privacy policy: https://www.facebook.com/privacy/explanation.

      For more information about Instagram's privacy policy, please visit: https://help.instagram.com/519522125107875/?helpref=hc_fnav&bc[0]=Instagram-Hilfebereich&bc[1]=Privatsph%C3%A4re%20und%20Sicherheit 
  1. Our presence in social networks (LinkedIn)
    We maintain an online presence within the social network "LinkedIn" in order to communicate with the users active there or to offer information about us there.

    For a detailed presentation of the respective forms of processing by LinkedIn and the possibilities of objection, we refer to the data protection declarations and information provided by LinkedIn as the operator of the network. Also in the case of requests for information and the assertion of rights of data subjects, we would like to point out that these can be most effectively asserted with LinkedIn as the provider, since only the provider has access to the users' data and can directly take appropriate measures and provide information. Should you nevertheless require assistance, please contact us.

    The service provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (LinkedIn). The LinkedIn privacy policy can be found at https://www.linkedin.com/legal/privacy-policy. For information on the Privacy Shield (guaranteeing the level of data protection when processing data in the USA), please see https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active; for an opt-out, please see https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

    The legal basis for the processing of your personal data is in the legitimate interest of offering an online presence in a social network with appropriate functionalities in order to communicate with the users active there or to be able to offer information there, Art. 6 (1) (f) GDPR. 
  1. Conclusion and execution of contracts
    We process your personal data in order to conclude and execute contracts with you (purchase contract).

    1. Legal basis
      Article 6 (1) (b) GDPR

    2. Purpose and necessity of the provision of your personal data
      We process your personal data to establish and execute the contractual relationship with you. You must provide your personal data for this purpose. You are not obliged to provide your personal data, but if you do not, it will not be possible to establish and execute the contractual relationship. There will otherwise be no consequences for you.
  1. Visiting our premises (video surveillance)
    If you visit our premises, please note that we monitor some of the exterior area and car park with video cameras. These areas are identified by the following pictogram:

    1. Legal basis
      Article 6 (1) (f) GDPR and Section 4 (1) no. (2) and no. (3) BDSG

    2. Purpose and necessity of the processing of your personal data
      The purpose we pursue is to prevent, detect and investigate offences, to safeguard our property rights and to guarantee traffic safety. Our legitimate interest as defined by Article 6 (1) (f) GDPR is the protection of our property as well as the property and physical integrity of all visitors and employees. If you would like detailed information on the balancing of interests, please contact one of the people mentioned in section 1. 
  1. Visiting the business premises and production facilities (visitor process)
    If you visit our business premisses or production facilities as a guest, we process the following data: [surname, first name, employer, date of the visit].

    1. Legal basis
      Art. 6(1)(lf) GDPR

    2. Purpose and necessity of processing your personal data
      The purpose we pursue is to prevent, detect and investigate offences, to safeguard our property rights and to guarantee traffic safety. Our legitimate interest as defined by Article 6(1)(f) GDPR is the protection of our property as well as the property and physical integrity of all visitors and employees. If you would like detailed information on the balancing of interests, please contact one of the people mentioned in section 1.
  1. Applying for a job
    We process your personal data during the application process.

    1. Legal basis
      Section 26 (1), (8)(2) BDSG or Section 26 (2), (8) s. (2) BDSG.

    2. Purpose and necessity of the processing of personal data
      We process your personal data in order to contact you and to assess your suitability for the position you are applying for.

      You cannot apply for a position at AMF-Bruns if you do not provide your personal data. You are not obliged to apply for a position at AMF-Bruns, nor are you obliged to provide your personal data. We may not be able to consider your application if you do not provide us with your personal data. There will otherwise be no consequences for you.
  1. Usual establishment of contact in the ordinary course of business (e.g. trade fair)
    This paragraph describes those circumstances that entail processing of personal data that are usual in the ordinary course of business.

    These are mainly such cases as the spontaneous exchange of contact data at trade fairs, events, business meals or other business activities, e.g. through the exchange of business cards, or even the initial contact by AMF-Bruns or by you with a business content, e.g. through entry in a contact form. We also process your personal data if you contact us via other channels (email or similar).

    1. Legal basis
      Article 6 (1) (b) or (f) GDPR - depending on the purpose of the provision of your personal data or the contact.

    2. Purpose and necessity of the processing of personal data
      We collect the following categories of personal data when you or we contact you: contact data, such as your name, address, e-mail or telephone number, data about your company, such as address, e-mail, business area, job description, title, data about your input/enquiry, such as content, time of enquiry, means of communication. The processing of this data is carried out for storage in our contact databases in the context of business activities, such as e-mail programs, telephone directories, card indexes, etc. for the purpose of resuming contact and/or processing your request and further handling.

      Our legitimate interest is the establishment of contact for a possible business initiation, the resumption of contact and/or processing of your request and the further handling as well as the general communication with you.If you would like detailed information on the balancing of interests, please write to one of the addresses mentioned in section 1.
  1. Sending advertising and information flyers
    We use the personal data you have provided to us in the course of a business relationship with us in order to send you advertising and information flyers.

    1. Legal Basis
      Legal basis is Article 6 (1) (f) GDPR. Our legitimate interest in accordance with Article 6 (1) (f) GDPR lies in the advertising of our products.

    2. Purposes and necessity of the processing of personal data
      We process your personal data to send you product, company and event information.

      Our legitimate interest lies in providing information about AMF-Bruns and our services as well as communicating with you.
  1. Transmission to recipients of personal data within the EEA
    We only forward the personal data described here insofar as this is necessary to perform our service or required by law in this context. For the purposes specified here, personal data is forwarded to the service providers that work for us and in particular help us to provide our services. These service providers are bound by the statutory obligation to comply with all data protection provisions, and we also impose additional contractual obligations relating to data protection on them. This includes in particular an obligation as a processor in accordance with Article 28 GDPR. We forward personal data to the following types of service providers in particular:
  • Accountants, financial institutions, tax and legal advisers,
  • IT service and infrastructure,
  • IT support and maintenance,
  • Data destruction and facility services,

    In addition to the aforementioned types, other types of service providers may exist or be added at any time.

    Otherwise, we only transmit personal data to other recipients if we are legally permitted to do so or you have consented to this in advance. Any consent granted may be revoked at any time with effect for the future. We only pass on your data to government bodies in accordance with statutory obligations or as a result of an official order or court decision and only to the extent permitted under data protection law. 
  1. Transmission to recipients of personal data in countries outside the EEA
    We will transmit your data to recipients outside the EU insofar as required for our purposes. This is the case in particular if we have to pass on this data to recipients in such countries in the context of contract performance or on account of statutory requirements. Otherwise, we only transmit data to third countries if it is ensured that the recipient of the data has implemented an adequate level of data protection as defined by Article 45 GDPR or suitable guarantees within the meaning of Article 46 (2) and (3) and no other legitimate interests preclude the data transmission. To ensure an adequate level of protection at the data recipient, we use the EU Commission’s standard contract clauses in particular to transmit personal data to third countries, unless an adequacy decision as defined by Article 45 (1) GDPR has been made by the EU Commission (processor-to-processor; processor-to-processor transmission). We forward personal data to the following types of service providers in particular:
  • Web analysis,
  • Internal processing and data transmission,
  • In addition to the aforementioned types, other types of service providers may exist or be added at any time. 
  1. Deletion
    We delete your personal data when it is no longer required for the aforementioned processing purposes, if there are no compelling, legitimate grounds on the part of AMF-Bruns that preclude deletion in the event of objection, or if there is no legal basis for the processing in the event of revocation. In certain cases, for example in the event of a statutory retention obligation, your personal data will initially be blocked and deleted at the end of the retention period.

    CCTV images are generally deleted after a period of no more than 72 hours. In justified individual cases, particularly for criminal investigations or to preserve evidence, recordings may be kept for longer and deleted once they have fulfilled this purpose.

    Position-related data is retained until a decision has been made and then deleted after no more than six months or, in the event of a successful application, transferred to personnel files.
  1. Your rights
    As the data subject, you have the following rights:
  • a right to confirmation as to whether your personal data has been processed by AMF-Bruns and, if this is the case, the right of access to this personal data (Article 15 GDPR), as well as
  • a right to rectification of your incorrect data (Article 16 GDPR),
  • a right to erasure (Article 17 GDPR) and
  • a right to restriction (blocking) of your data (Article 18 GDPR).

    If processing is based on Article 6 (1) (e) or (f) GDPR, you may also object to the processing (Article 21 GDPR), although you must have a special reason, apart from in the case of direct advertising. You can ask for data to be transferred where you have provided it (Article 20 GDPR). The aforementioned regulations legally define whether and to which extent these rights exist in individual cases and the conditions under which they apply. If the processing is based on consent as defined by Article 6 (1) (a) or Article 9 (2) (a) GDPR, you may revoke this at any time with effect for the future (Article 7 (3) GDPR). You also have the right to contact the competent data protection authority (Article 77 GDPR).

    If you any questions or complaints relating to data protection at AMF-Bruns, please contact our data protection officer in the first instance (contact details can be found in section 1.).
  1. No automated decision-making
    We do not use personal data for automated decision-making as defined by Article 22 (1) GDPR.
  1. Changes to the Privacy Policy
    We may need to amend our Privacy Policy as a result of new legal requirements, corporate decisions and technical developments. The Privacy Policy will be amended accordingly. The most recent version can be found on our website.

 

June 2020