Privacy Notice pursuant to Art. 13 GDPR
Name and Address of the Controller
The responsible entity within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:
MS XTEC GmbH
Neuenbühlstraße 6
D-78647 Trossingen-Schura
+49 (0) 7425 9521 0
Name and Address of the Data Protection Officer
The data protection officer of the controller is:
Hartmut Grande
dominox - Information Security & Data Protection
E-Mail: datenschutz(at)dominox.de
General Information on Data Processing
Legal Basis for the Processing of Personal Data
In accordance with Art. 13 GDPR, we inform you of the legal bases of our data processing. Unless the legal basis is specifically mentioned in the privacy notice, the following applies: The legal basis for obtaining consent is Art. 6 para. 1 lit. a in conjunction with Art. 7 GDPR. The legal basis for processing for the fulfillment of our services and the execution of contractual measures as well as for responding to inquiries is Art. 6 para. 1 lit. b GDPR. The legal basis for processing to fulfill our legal obligations is Art. 6 para. 1 lit. c GDPR. If the processing of your data is necessary to protect a legitimate interest of our company or a third party and your interests, fundamental rights, and freedoms do not override the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing. If the processing of personal data is necessary to protect the vital interests of the data subject or another natural person, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
Data Deletion and Storage Duration
We adhere to the principles of data minimization pursuant to Art. 5 para. 1 lit. c GDPR and storage limitation pursuant to Art. 5 para. 1 lit. e GDPR. We store your personal data only as long as necessary to achieve the purposes stated here or as required by the statutory retention periods. After the respective purpose ceases to apply or after these retention periods expire, the corresponding data will be deleted as quickly as possible.
External Links
This website may contain links to third-party websites or to other websites under our responsibility. If you follow a link to a website outside our responsibility, please note that these websites have their own privacy information. We assume no responsibility or liability for these external websites and their privacy notices. Therefore, please check before using these websites whether you agree with their privacy policies.
You can recognize external links either by their color being slightly different from the rest of the text or by being underlined. Your cursor will indicate external links when you hover over such a link. Only when you click on an external link will your personal data be transferred to the link's destination. In doing so, the operator of the other website will receive, in particular, your IP address, the time you clicked the link, the page on which you clicked the link, as well as further information, which you can find in the privacy notices of the respective provider.
Please also note that individual links may lead to data transfers outside the European Economic Area. As a result, foreign authorities may gain access to your data. You may not have any legal remedies against these data accesses. If you do not want your personal data to be transferred to the link destination or to be exposed to access by foreign authorities, please do not click on any links.
Rights of the Data Subject
As a data subject within the meaning of the GDPR, you have the possibility to exercise various rights. The rights of data subjects arising from the GDPR are the right of access (Article 15), the right to rectification (Article 16), the right to erasure (Article 17), the right to restriction of processing (Article 18), the right to object (Article 21), the right to lodge a complaint with a supervisory authority, and the right to data portability (Article 20).
Right of Withdrawal:
Some data processing operations are only possible with your explicit consent. You have the right to withdraw your consent at any time. The lawfulness of the data processing carried out until the withdrawal remains unaffected by the withdrawal.
Right to Object:
If the processing is based on Art. 6 para. 1 lit. e or f GDPR, you as the data subject may, for reasons arising from your particular situation, object at any time to the processing of personal data concerning you. This right also applies to profiling based on these provisions within the meaning of Art. 4 No. 4 GDPR. If we cannot demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or if the processing serves the establishment, exercise, or defense of legal claims, we will cease processing your data after an objection has been made.
If the processing of personal data is for the purpose of direct marketing, you also have the right to object at any time. The same applies to profiling related to direct marketing. In such cases, we will no longer process personal data once you have objected.
Right to Lodge a Complaint with a Supervisory Authority:
If you believe that the processing of personal data concerning you violates the GDPR, you have the right, without prejudice to any other administrative or judicial remedy, to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work, or place of the alleged infringement.
Right to Data Portability:
If your data is processed automatically based on your consent or in fulfillment of a contract, you have the right to receive this data in a structured, commonly used, and machine-readable format. You also have the right to request the transfer and provision of the data to another controller, insofar as this is technically feasible.
Right of Access, Rectification, and Erasure:
You have the right to obtain information about your processed personal data regarding the purpose of the data processing, the categories, the recipients, and the duration of storage. If you have questions on this topic or other topics regarding personal data, you can of course contact us using the contact details provided in the imprint.
Right to Restriction of Processing:
You can request the restriction of the processing of your personal data at any time. To do so, you must meet one of the following conditions:
- You contest the accuracy of the personal data. For the duration of the verification of the accuracy, you have the right to request restriction of processing.
- If processing is unlawful, you may request restriction of use of the data as an alternative to erasure.
- If we no longer need your personal data for processing purposes, but you need the data for the establishment, exercise, or defense of legal claims, you may request restriction of processing as an alternative to erasure.
- If you object to processing pursuant to Art. 21 para. 1 GDPR, a balance of interests will be carried out between your interests and ours. Until this balance is completed, you have the right to request restriction of processing.
Restriction of processing means that, apart from storage, personal data may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.
Provision of the Website (Web Host)
Our website is hosted by:
Hetzner Online GmbH
Industriestr. 25, 91710 Gunzenhausen
Germany
When you access our website, we automatically collect and store information in so-called server log files. This information is automatically transmitted by your browser to our server or to the server of our hosting company.
This includes:
- IP address of the website visitor's device
- Device used
- Hostname of the accessing computer
- Visitor's operating system
- Browser type and version
- Name of the file accessed
- Time of the server request
- Amount of data
- Information on whether the data retrieval was successful
This data is not merged with other data sources.
Instead of operating this website on our own server, we may also have it operated on the server of an external service provider (hosting company), which we have named above in this case. The personal data collected by this website will then be stored on the servers of the hosting company. In addition to the data mentioned above, the web host also stores, for example, contact inquiries, contact data, names, website access data, meta and communication data, contract data, and other data generated via a website.
The legal basis for processing this data is Art. 6 para. 1 lit. f GDPR. Our legitimate interest is the technically error-free presentation and optimization of this website. If the website is accessed to enter into contract negotiations with us or to conclude a contract, another legal basis is Art. 6 para. 1 lit. b GDPR. If we have commissioned a hosting company, a data processing agreement exists with this service provider.
Use of Local Storage Items, Session Storage Items, and Cookies
Our website uses local storage items, session storage items, and/or cookies. Local storage is a mechanism that allows data to be stored within the browser on your device. This data usually includes user preferences, such as the "day" or "night mode" of a website, and remains until you manually delete the data. Session storage is very similar to local storage, but the storage duration only lasts for the current session, i.e., until the current tab is closed. After that, the session storage items are deleted from your device. Cookies are information that a web server (server providing web content) stores on your device to identify it. They are either temporarily stored for the duration of a session (session cookies) and deleted after your visit to a website, or permanently (persistent cookies) stored on your device until you delete them yourself or automatic deletion is performed by your web browser.
These objects can also be stored on your device by third-party companies when you visit our site (third-party requests). This enables us as the operator and you as a visitor to use certain services from third parties installed on this website. Examples include payment processing services or the display of videos.
These mechanisms have a variety of uses. They can improve the functionality of a website, control shopping cart functions, increase the security and comfort of website use, and perform analyses regarding visitor flows and behavior. Depending on the individual functions, these are classified under data protection law. If they are necessary for the operation of the website and for providing certain functions (shopping cart function) or serve to optimize the website (e.g., cookies for measuring visitor behavior), their use is based on Art. 6 para. 1 lit. f GDPR. As website operators, we have a legitimate interest in storing local storage items, session storage items, and cookies for the technically error-free and optimized provision of our services. In all other cases, local storage items, session storage items, and cookies are only stored with your explicit consent (Art. 6 para. 1 lit. a GDPR).
If local storage items, session storage, or cookies are used by third-party companies or for analysis purposes, we will inform you separately in this privacy notice. Your required consent will be requested and can be revoked at any time.
Use of External Services
External services are used on our website. External services are services provided by third parties that are used on our website. This can be for various reasons, such as embedding videos or for website security. When using these services, personal data is also passed on to the respective providers of these external services. If we do not have a legitimate interest in using these services, we will obtain your revocable consent as a visitor to our website before use (Art. 6 para. 1 lit. a GDPR).
Analytics
To analyze user behavior, we process personal data of website visitors. By evaluating the data obtained, we are able to compile information about the use of individual components of our website. This allows us to increase the user-friendliness of our website. The analysis tools used can, for example, create user profiles for the delivery of targeted or interest-based advertising messages, recognize our website visitors on their next visit, measure their click/scroll behavior, downloads, create heatmaps, recognize page views, measure visit duration or bounce rates, and trace the origin of website visitors (city, country, from which page the visitor comes). With the help of the analysis tools, we can improve our market research and marketing activities.
Processing only takes place if you consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent (Art. 6 para. 1 lit. a GDPR). Without your consent, data processing as described above does not take place. If you withdraw your consent (e.g., via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the withdrawal remains unaffected.
Google Analytics
We use the Google Analytics service on our website. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://business.safety.google/privacy
The service sets the following cookies on our website:
| Name | Storage Duration | Type | Purpose |
|---|---|---|---|
| _ga | 400 days | 1st-Party Cookie | Contains a randomly generated user ID. This ID allows Google Analytics to recognize returning users on this website and merge data from previous visits. |
| _ga_RPSS035GL2 | 400 days | 1st-Party Cookie | Collects data on how often a user has visited a website, as well as data for the first and last visit. |
LinkedIn Insight Tag
We use the LinkedIn Insight Tag service on our website. The provider of the service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://www.linkedin.com/legal/privacy-policy
Consent Management
To comply with data protection requirements, we use a consent management tool on our website. With this tool, we obtain the necessary consents for setting cookies or using external services. The consents are stored.
Processing is necessary to fulfill a legal obligation to which the controller (operator of the website) is subject. The legal basis for processing is therefore Art. 6 para. 1 lit. c GDPR.
Zwei14 Cookie Manager
We use the Zwei14 Cookie Manager service on our website. The provider of the service is Zwei14 GmbH, Bürkstraße 35, 78054 Schwenningen, Germany.
Further information can be found in the provider's privacy information at the following URL:
https://www.zwei14.de/datenschutz/
The service sets the following cookies on our website:
| Name | Storage Duration | Type | Purpose |
|---|---|---|---|
| cookiemanager | 365 days | 1st-Party Cookie | This cookie stores the cookie settings for this website. |
| cookiemanager_selection | 365 days | 1st-Party Cookie | This cookie stores the user's consent status for cookies on the current domain. |
Content Delivery Network (CDN)
We use a Content Delivery Network (CDN) to optimize the performance and availability of our website. For this purpose, your IP address and the information about when you visited our website are processed by the service provider providing this network. All further information on data processing by this service provider can be found in their privacy policy.
We base this processing on a legitimate interest (Art. 6 para. 1 lit. f GDPR).
Our legitimate interest in using a Content Delivery Network is to present our website as quickly, securely, and reliably as possible.
CloudFlare
We use the CloudFlare service on our website. The provider of the service is Cloudflare Germany GmbH, Rosental 7, 80331 Munich, Germany.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://www.cloudflare.com/privacypolicy/
HR Systems
We use software to better record, store, and manage information relating to personnel administration. HR systems store personal data, in particular names, addresses, and salary data.
Processing only takes place if you consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent (Art. 6 para. 1 lit. a GDPR). Without your consent, data processing as described above does not take place. If you withdraw your consent (e.g., via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the withdrawal remains unaffected.
d.vinci
We use the d.vinci service on our website. The provider of the service is d.vinci HR-Systems GmbH, Nagelsweg 37-39, 20097 Hamburg, Germany.
Further information can be found in the provider's privacy information at the following URL:
https://www.dvinci.de/datenschutz/
Map Service
We use a map service on this website. In order for the map to be used and displayed on the website, the map must be loaded from the provider's server. This involves transferring your IP address to the provider's server. Depending on the provider, cookies and other technologies, including fonts, may be loaded. For more information, please refer to the provider's privacy policy.
Processing only takes place if you consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent (Art. 6 para. 1 lit. a GDPR). Without your consent, data processing as described above does not take place. If you withdraw your consent (e.g., via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the withdrawal remains unaffected.
Google Maps
We use the Google Maps service on our website. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://business.safety.google/privacy
Interface Software
Business processes are more cost-effective, faster, and less error-prone when they are automated using software via interfaces. This allows them to be efficiently integrated into company processes via the company's own website or social networks. We use interface software on our website to link different applications and to securely transfer personal data from one application to another.
Processing only takes place if you consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent (Art. 6 para. 1 lit. a GDPR). Without your consent, data processing as described above does not take place. If you withdraw your consent (e.g., via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the withdrawal remains unaffected.
Google Tag Manager
We use the Google Tag Manager service on our website. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://business.safety.google/privacy
Search Engine
To make content on our website easier to find, a search engine from a third-party provider has been integrated. The integration of the search engine on the website results in the transmission of technical data such as the IP address to the third-party provider.
Processing only takes place if you consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent (Art. 6 para. 1 lit. a GDPR). Without your consent, data processing as described above does not take place. If you withdraw your consent (e.g., via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the withdrawal remains unaffected.
We use the Google service on our website. The provider of the service is Google Ireland Limited, Gordon House, BarrowStreet, Dublin 4, Ireland.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://business.safety.google/privacy
Social Media
We use social media plugins to connect our website with our social media channels. The integration of the plugins is intended to make it easier for visitors to our website to follow our channels on social networks, share, like, or comment on content. Some social media plugins enable the analysis of user behavior of website visitors with regard to their behavior on social networks. The use of plugins is intended to increase the awareness and number of followers of our channels.
Personal data is also processed and data is transferred to these social networks via the plugins. This transfer takes place as soon as the website is accessed. Processed data includes, for example: name, address, e-mail address, telephone number, access time, device information, IP address.
Processing only takes place if you consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent (Art. 6 para. 1 lit. a GDPR). Without your consent, data processing as described above does not take place. If you withdraw your consent (e.g., via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the withdrawal remains unaffected.
We use the LinkedIn service on our website. The provider of the service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://www.linkedin.com/legal/privacy-policy
The service sets the following cookies on our website:
| Name | Storage Duration | Type | Purpose |
|---|---|---|---|
| bcookie | 365 days | 3rd-Party Cookie, .linkedin.com | Browser identifier cookie for uniquely identifying devices accessing LinkedIn to detect abuse on the platform. |
| li_gc | 180 days | 3rd-Party Cookie, .linkedin.com | Used to store guest consent for the use of cookies for non-essential purposes. |
| lidc | 24 hours | 3rd-Party Cookie, .linkedin.com | To facilitate data center selection. |
Webfonts
This site uses so-called web fonts for the uniform display of fonts, which are provided by an external provider and loaded by the browser when the website is accessed. The provider of the web font becomes aware that our website has been accessed from your IP address, as your browser establishes a direct connection to the provider of the web font.
Processing only takes place if you consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent (Art. 6 para. 1 lit. a GDPR). Without your consent, data processing as described above does not take place. If you withdraw your consent (e.g., via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the withdrawal remains unaffected.
Adobe Typekit
We use the Adobe Typekit service on our website. The provider of the service is Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://www.adobe.com/de/privacy/policy.html
Google Fonts
We use the Google Fonts service on our website. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://business.safety.google/privacy
Advertising
Tools are used on our website that facilitate or enable the placement of advertisements and the evaluation of the success of placed ads. For this purpose, personal data is processed, in particular the IP address, access times, and device information.
Processing only takes place if you consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent (Art. 6 para. 1 lit. a GDPR). Without your consent, data processing as described above does not take place. If you withdraw your consent (e.g., via the consent banner or other options provided on this website), we will stop this data processing. The lawfulness of the processing carried out until the withdrawal remains unaffected.
Google Ads
We use the Google Ads service on our website. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://business.safety.google/privacy
The service stores the following data in the browser's local or session storage:
| Name | Storage Duration | Type | Purpose |
|---|---|---|---|
| _gcl_ls | Permanent | 1st-Party LocalStorage | Stored by Google Ads on the local device. |
Google AdSense
We use the Google AdSense service on our website. The provider of the service is Google Ireland Limited (GV), Gordon House, Barrow Street, Dublin 4, Ireland.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://business.safety.google/privacy
The service sets the following cookies on our website:
| Name | Storage Duration | Type | Purpose |
|---|---|---|---|
| _gcl_au | 90 days | 1st-Party Cookie | This cookie is used by Google AdSense to experiment with advertising efficiency on websites that use their services. |
Google Double Click
We use the Google Double Click service on our website. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://business.safety.google/privacy
The service sets the following cookies on our website:
| Name | Storage Duration | Type | Purpose |
|---|---|---|---|
| IDE | 390 days | 3rd-Party Cookie, .doubleclick.net | Advertising cookie on non-Google sites |
LinkedIn Ads
We use the LinkedIn Ads service on our website. The provider of the service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
The use of the service may result in data being transferred to a third country (USA). The provider is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's privacy information at the following URL:
https://www.linkedin.com/legal/privacy-policy