Data Protection

Privacy notice

We, Joyson Safety Systems Aschaffenburg GmbH, Bahnweg 1, 63743 Aschaffenburg, Germany, (datenschutz@eu.joysonsafety.com), shall be providing you with information as to how we process personal data on this page.

Our external data protection officer is:

Lawyer Nikolaus Bertermann
daspro GmbH
Kurfürstendamm 21
10719 Berlin
Email: joyson@daspro.de.

We have compiled the key information on typical data processing operations for you below, broken down by data subject group. The obligations to provide information shall be fulfilled separately for certain data processing operations which only concern specific groups.

Where the term ‘data’ is used in the text, this refers to personal data within the meaning of the EU General Data Protection Regulation (GDPR).

1. Website visitors
2. Webshop customers
3. Prospective customers and communication partners
4. Business partners and their employees
5. General information and rights of data subjects

1. Website visitors

1.1 Server log files
Our Web server processes an array of data with each request that your browser automatically transmits to the server. This entails the IP address currently assigned to your device, the date and time of the request, the time zone, the specific page or file that was opened, the http status code, the amount of data transferred, the website from which your request came, your device’s operating system and the pre-set language. The Web server uses this data to optimise how the contents of this website are displayed on your device.

1.2 Access protection
To prevent unauthorised administrative access to our website, we use public blacklists for IP addresses and store IP addresses to protect against attacks launched against our website, e.g., brute force attacks to gain access to login data.

1.3 Analysis of usage behaviour
This website uses Google Analytics, a Web analytics service of Google Inc. (‘Google’). Google Analytics uses cookies, which are text files that are stored on your computer and facilitate the analysis of your use of the website. The information generated by the cookie on your use of this website is generally transmitted to a server of Google in the USA and stored there. IP anonymisation is enabled for this website, i.e., your IP address will be shortened by Google within the European Union or in another signatory to the Agreement on the European Economic Area before it is transmitted. Your full IP address will be transmitted to a server of Google in the USA and shortened there only in exceptional circumstances.
As the processor in accordance with Art. 28 GDPR, Google will use this information to evaluate your use of the website to compile reports on website activities as well as to provide further services to the site owner in connection with the use of the website and the Internet. The IP address transmitted by your browser in connection with Google Analytics will not be merged with other Google data.
You can prevent cookies from being stored by modifying the settings of your browser software accordingly. Furthermore, you can prevent the data generated by the cookie regarding your use of the website (including your IP address) from being transmitted to Google and processed by Google by downloading and installing the browser add-on [LINK: http://tools.google.com/dlpage/gaoptout?hl=de]. Alternatively, you can also set an opt-out cookie [LINK: …/javascript:gaOptout()] to prevent your data from being collected when you visit this website.

1.4 The purpose of the data processing is the online presentation of our company as well as its products and services and interaction with communication partners. If you order our newsletter, we will process your data for the purpose of sending the newsletter. User behaviour is analysed on the website for the purpose of designing the website to conform to user preferences.

1.5 The legal basis for the processing is Art. 6 Para. 1f GDPR (legitimate interest, operation of a website and interaction with communication partners). The legal basis for processing data for newsletters is Art. 6(1)(a) GDPR (consent). The legal basis for the analysis of user behaviour is Article 6(1)(f) GDPR (legitimate interest, i.e., design of the website to conform to user preferences).

1.6 Log and communication data shall not be transferred to third parties except where special circumstances exist. Data may be transferred to the police or public prosecutor’s office if a suspected offence has been committed or during pre-trial proceedings. We furthermore engage service providers to perform commissioned data processing when rendering services, in particular to provide, maintain and support IT systems.

1.7 IP addresses will be anonymised in log files after no later than seven days and deleted from security logs after no later than 14 days. Newsletter data will be deleted when the user unsubscribes to the newsletter. Pseudonymous usage data will be deleted after three months.

1.8 Use of the website is not possible without the disclosure of personal data such as your IP address. Communication via the website without providing data is not possible. Data must be provided in order to receive newsletters. Newsletters cannot be sent without the provision of data. Use of the website is also possible if the user objects to pseudonymous analysis of usage.

2. Webshop customers

2.1 When you place an order on the webshop, your data will be processed for the purposes of reviewing the order, entering into a contract, fulfilling the contract, including consultation and support, and complying with statutory requirements.

2.2 The legal basis for processing is Art. 6(1)(b) GDPR (preparation and fulfilment of the contract) in case of contracts with natural persons, Art. 6(1)(f) GDPR (legitimate interest, i.e., communication with contact persons relevant to the contract) in case of contracts with legal entities and Art. 6(1)(c) GDPR (legal obligations, in particular tax and commercial regulations) in all cases.

2.3 Recipients of data may include banks for the purpose of processing payments and postal service providers for the purpose of shipping goods. Public authorities and offices may receive data within the scope of their duties, insofar as we are obliged or authorised to transmit data. We furthermore engage service providers to perform commissioned data processing when rendering services, in particular to provide, maintain and support IT systems.

2.4 All contractual data and data relevant for accounting is stored for ten calendar years after the contract is terminated in accordance with the retention periods set out in tax and commercial law.

2.5 The provision of data is obligatory for customers and their employees both legally and contractually. The contract cannot be entered into or implemented without the provision of data.

3. Prospective customers and communication partners

3.1 We process the data of prospective customers and communication partners for the purpose of communication with the data subjects.

3.2 The legal basis for processing the data of prospective customers and communication partners is Art. 6(1)(f) GDPR (legitimate interest, i.e., communication with prospective customers and communication partners).

3.3 We forward the requests internally to the responsible employees. We furthermore engage service providers to perform commissioned data processing when rendering services, in particular to provide, maintain and support IT systems.

3.4 Requests and communication shall be deleted automatically after ten calendar years.

3.5 The provision of data is required for prospective customers and communication partners. Communication is not possible without the provision of data.

4. Business partners and their employees

4.1 The purpose of processing is the preparation and fulfilment of contracts as well as communication with employees of business partners.

4.2 The legal basis for processing is Art. 6(1)(b) GDPR (preparation and fulfilment of the contract) in case of contracts with natural persons, Art. 6(1)(f) GDPR (legitimate interest, i.e., communication with contact persons relevant to the contract) in case of contracts with legal entities and Art. 6(1)(c) GDPR (legal obligations, in particular tax and commercial regulations) in all cases.

4.3 Recipients of data may include banks for the purpose of processing payments. Public authorities and offices may receive data within the scope of their duties, insofar as we are obliged or authorised to transmit data. We furthermore engage service providers to perform commissioned data processing when rendering services, in particular to provide, maintain and support IT systems.

4.4 All contractual data and data relevant for accounting is stored for ten calendar years after the contract is terminated in accordance with the retention periods set out in tax and commercial law.

4.5 The provision of data is obligatory for business partners and their employees both legally and contractually. The business relationship cannot be established or carried out without the provision of data.

5. General information and rights of data subjects

5.1 We do not use automated procedures to make individual decisions on a case-by-case basis.

5.2 You have the right to request information at any time about all your personal data that we process.

5.3 If your personal data is incomplete or inaccurate, you have the right to rectification and amendment.

5.4 You may request the erasure of your personal data at any time, unless we are legally obliged or authorised to further process your data.

5.5 If the legal requirements are satisfied, you may request a restriction on the processing of your personal data.

5.6 You have the right to object to processing if data processing is performed for the purpose of direct marketing or profiling. If processing is performed as a result of the balancing of interests, you may object to the processing, stating reasons arising from your particular situation.

5.7 Where data is processed on the basis of your consent or within the scope of a contract, you have the right to transfer the data provided by you, unless the rights and freedoms of other persons are impaired.

5.8 Where we process your data on the basis of a declaration of consent, you have the right to withdraw this consent at any time with future effect. Processing performed prior to withdrawing your consent shall remain unaffected.

5.9 In addition, you have the right to lodge a complaint with a data protection supervisory authority at any time if you are of the opinion that data processing has occurred in breach of applicable law.

Last updated: 15 October 2018