AN OVERVIEW OF DATA PROTECTION

GENERAL

As Tommatech Gmbh, our company's personal data processing policy in accordance with the General Data Protection Regulation is set out below.

The personal data of the visitors who visit our website, our customers, potential customers, employees, employee candidates and business partners are processed in accordance with the "Principles relating to processing of personal data" specified in Article 5 of the General Data Protection Regulation.

 

LEGAL BASIS OF THE PROCESSING

The General Data Protection Regulation requires our company to provide data subject with information on the legal basis of the processing of data subject’s personal data.

The legal basis for our processing data about data subject is that such processing is necessary for the purposes of

  • exercising our rights and performing our obligations under any contract we make with data subject (Article 6 (1) (b) General Data Protection Regulation) (“Contract Performance”);
  • Compliance with the legal obligations (Article 6 (1) (c) General Data Protection Regulation) (“Compliance with Legal Obligations”); and/or
  • protecting the interests of the data subject or another natural person (Article 6 (1) (d) General Data Protection Regulation) (“Interest Protecting Purpose”)

In some cases, we may ask if data subject consents to the relevant use of data subject’s personal data. In such cases, data subject’s data will be processed with consent of the data subject according to the Article 6 (1) (a) of General Data Protection Regulation) (“Consent”).

 

CATEGORIES OF PERSONAL DATA PROCESSED AND PURPOSE OF THE PROCESSING

In the context of the business relationship with us, we may process the following categories of personal data of consumers and contact persons at (prospective) customers, suppliers, vendors and partners (each a “Business Partner”):

  • Contact information, such as full name, job position, work address, work telephone number, work mobile phone number, work fax number and work email address;
  • Payment data, such as data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information;
  • Further information necessarily processed in a project or contractual relationship with us or voluntarily provided by the Business Partner, such as personal data relating to orders placed, payments made, requests, and project milestones;
  • Personal data collected from publicly available resources (including business and employment oriented social networks and websites), integrity data bases and credit agencies; and
  • If legally required for Business Partner compliance screenings: date of birth, ID numbers, identity cards and information about relevant and significant litigation or other legal proceedings against Business Partners.

We may process the personal data for the following purposes:

  • Communicating with Business Partners about our products, services and projects, e.g. by responding to inquiries or requests or providing data subject with information about purchased products;
  • Planning, performing and managing the (contractual) relationship with Business Partners; e.g. by performing transactions and orders of products or services, processing payments, performing accounting, auditing, billing and collection activities, arranging shipments and deliveries, facilitating repairs and providing support services;
  • Administrating and performing market analysis, sweepstakes, contests, or other customer activities or events;
  • Contacting data subject with information and offers concerning our products and services, sending data subject further marketing messages and conducting customer satisfaction surveys;
  • Maintaining and protecting the security of our products, services and websites, preventing and detecting security threats, fraud or other criminal or malicious activities;
  • Ensuring compliance with legal obligations (such as record keeping obligations), export control and customs, Business Partner compliance screening obligations (to prevent white-collar or money laundering crimes), and our policies or industry standards; and
  • Solving disputes, enforce our contractual agreements and to establish, exercise or defend legal claims.

 

TRANSFER AND DISCLOSURE OF PERSONAL DATA

Personal data of data subject may be transferred to:

  • other affiliated companies or third parties - e.g. sales partners or suppliers In connection with the written or verbal agreements made with respect to the product purchase requests of the data subjects from our company, the product orders or our business relationship with the data owners;
  • third parties which provide IT services to our company and which process such data only for the purpose of such services (e.g., hosting or IT maintenance and support services); and
  • third parties in connection with complying with legal obligations or establishing, exercising or defending rights or claims (e.g., for court and arbitration proceedings, to regulators, law enforcement and government authorities, to attorneys and consultants).

INTERNATIONAL DATA TRANSFERS

  • In the event that we transfer the personal data of data subject outside the European Economic Area, we ensure that the data of data subject is protected in a manner which is consistent with the General Data Protection Regulation. Therefore, and if required by applicable law, we take the following measures:
  • We share the personal data of data subject with affiliated companies outside the European Economic Area only if they have implemented Binding Corporate Rules for the protection of personal data.
  • We transfer personal data to external recipients outside the European Economic Area only if the recipient has (i) entered into EU Standard Contractual Clauses with us or (ii) implemented Binding Corporate Rules in its organization.

 

RETENTION PERIODS OF THE PERSONAL DATA

Unless indicated otherwise at the time of the collection of the personal data (e.g. within a form completed by data subject), the personal data is erased if the retention of that personal data is no longer necessary for the purposes for which they were collected or otherwise processed, or to comply with legal obligations (such as retention obligations under tax or commercial laws).

DATA SECURITY

To protect the personal data against accidental or unlawful destruction, loss, use, or alteration and against unauthorized disclosure or access, we use adequate physical, technical and organizational security measures.

DATA PRIVACY CONTACT

Our Data Privacy Department provides support with any data privacy related questions, comments, concerns or complaints or in case data subject wish to exercise any of data subject’s data privacy related rights. The Data Privacy Department may be contacted at: head@tommatech.de and Angerlweg 14 85748 Garching.

The Data Privacy Department will always use reasonable efforts to address and settle any requests or complaints data subject brings to its attention. Besides contacting the Data Privacy Department, data subject always have the right to approach the competent data protection authority with request or complaint of data subject.

DATA COLLECTION ON OUR WEBSITE;

WHO IS RESPONSIBLE FOR THE DATA COLLECTION ON THIS WEBSITE?

The data collected on this website are processed by the website operator. The operator’s contact details can be found in the website’s required legal notice.

HOW DO WE COLLECT YOUR DATA?

Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form. Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

WHAT DO WE USE YOUR DATA FOR?

Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.

WHAT RIGHTS DO YOU HAVE REGARDING YOUR DATA?

You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.

ANALYTICS AND THIRD-PARTY TOOLS

When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy. You can object to this analysis. We will inform you below about how to exercise your options in this regard.

GENERAL INFORMATION AND MANDATORY INFORMATION

DATA PROTECTION

The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy. If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens. Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

NOTICE CONCERNING THE PARTY RESPONSIBLE FOR THIS WEBSITE

The party responsible for processing data on this website is: Tommatech GmbH Angerlweg 14 85748 Garching.
Email: head@tommatech.de

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

REVOCATION OF YOUR CONSENT TO THE PROCESSING OF YOUR DATA

Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

RIGHT TO FILE COMPLAINTS WITH REGULATORY AUTHORITIES

If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link:

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

SSL OR TLS ENCRYPTION

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

ENCRYPTED PAYMENTS ON THIS WEBSITE

If you enter into a contract which requires you to send us your payment information (e.g. account number for direct debits), we will require this data to process your payment. Payment transactions using common means of payment (Visa/MasterCard, direct debit) are only made via encrypted SSL or TLS connections. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon in your browser line is visible. In the case of encrypted communication, any payment details you submit to us cannot be read by third parties.

INFORMATION, BLOCKING, DELETION

As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.

OPPOSITION TO PROMOTIONAL EMAILS

We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.

DATA PROTECTION OFFICER

STATUTORY DATA PROTECTION OFFICER

We have appointed a data protection officer for our company. Tommatech GmbH -Datenschutz- Angerlweg 14 85748 Garching.
Email: head@tommatech.de

DATA COLLECTION ON OUR WEBSITE

COOKIES

Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.

You can configure your browser to inform you about the use of cookies so that you can decide on a caseby- case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website. Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of DSGVO. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.

SERVER LOG FILES

The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”.

These are Browser type and browser version, Operating system used, Referrer URL, Host name of the accessing computer, Time of the server request, IP address. These data will not be combined with data from other sources. The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

CONTACT FORM

Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

REGISTRATION WITH FACEBOOK CONNECT

Instead of registering directly on our website, you may also register using Facebook Connect. This service is provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. If you decide to register with Facebook Connect and click on the “Login with Facebook” or “Connect with Facebook” buttons, you will be automatically redirected to the Facebook platform. There you can log in with your Facebook username and password. This will link your Facebook profile to our website or services. This link gives us access to your data stored on Facebook. Including especially your:

Facebook name, Facebook profile picture, Facebook cover picture, Email address provided to Facebook, Facebook ID, Facebook friends, Facebook Likes, Birthday, Gender, Country, Language.

This data will be used to set up, provide, and personalize your account. For more information, see Facebook’s Terms of Use and Privacy Policy. These can be found at

https://de-de.facebook.com/about/privacy/ and https://www.facebook.com/legal/terms/

PROCESSING OF DATA (CUSTOMER AND CONTRACT DATA)

We collect, process, and use personal data only insofar as it is necessary to establish, or modify legal relationships with us (master data). This is done based on Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract. We collect, process and use your personal data when accessing our website (usage data) only to the extent required to enable you to access our service or to bill you for the same. Collected customer data shall be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.

SOCIAL MEDIA

FACEBOOK PLUGINS (LIKE & SHARE BUTTONS)

Our website includes plugins for the social network Facebook, Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. The Facebook plugins can be recognized by the Facebook logo or the Like button on our site. For an overview of Facebook plugins, see https://developers.facebook.com/docs/plugins/

When you visit our site, a direct connection between your browser and the Facebook server is established via the plugin. This enables Facebook to receive information that you have visited our site from your IP address. If you click on the Facebook “Like button” while you are logged into your Facebook account, you can link the content of our site to your Facebook profile. This allows Facebook to associate visits to our site with your user account. Please note that, as the operator of this site, we have no knowledge of the content of the data transmitted to Facebook or of how Facebook uses these data. For more information, please see Facebook’s privacy policy at https://de-de.facebook.com/policy.php. If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of your Facebook account.

ANALYTICS AND ADVERTISING

GOOGLE ANALYTICS

This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.

IP ANONYMIZATION

We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

BROWSER PLUGIN

You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. Your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en

OBJECTING TO THE COLLECTION OF DATA

You can prevent the collection of your data by Google Analytics by clicking on the following link. An optout cookie will be set to prevent your data from being collected on future visits to this site:  Disable Google

Analytics; for more information about how Google Analytics handles user data, see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en

OUTSOURCED DATA PROCESSING

We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

GOOGLE RECAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). reCAPTCHA is used to check whether the data entered on our website (such as on a contact form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.

The reCAPTCHA analyses take place completely in the background. Website visitors are not advised that such an analysis is taking place. Data processing is based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in protecting its site from abusive automated crawling and spam.

For more information about Google reCAPTCHA and Google’s privacy policy, please visit the following links:

https://www.google.com/intl/de/policies/privacy/
https://www.google.com/recaptcha/intro/android.html

NEWSLETTER

NEWSLETTER DATA

If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the “unsubscribe” link in the newsletter. The data processed before we receive your request may still be legally processed.

The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.

PLUGINS AND TOOLS

YOUTUBE

Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy

GOOGLE MAPS

This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/