Data Protection

Data protection declaration for customers, suppliers and users of our Website

Goldhofer AG is delighted to note your interest in our company and our products. The following information is designed to give you – as a customer or prospect for our products and services or as a supplier or visitor to our website – an overview of the ways in which your personal data are processed by our company and about your rights deriving from data protection legislation.

We take the protection of your personal data very seriously, and we process them only in compliance with the provisions of the EU’s General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (FDPA).

In the following we describe which data are processed in the context of our business relationship and during your visit to our website.


1. Responsible companies

This data protection declaration applies to both Goldhofer AG and Goldhofer Airport Technology GmbH (hereinafter referred to as the “Group”). With regard to personal data processed in the course of use of the website, Goldhofer AG has sole responsibility in terms of data protection law. With regard to processing in the context of business dealings, the responsibility lies with the company with which a direct contractual relationship exists.

The contact details of the responsible companies are as follows:

Goldhofer AG
Donaustr. 95
87700 Memmingen/Germany
Phone: +49 8331 15-0
Fax: +49 8331 15-239
email:
info@goldhofer.com

and

Goldhofer Airport Technology GmbH
Parkstr. 19-21
73760 Ostfildern/Germany
Phone +49 711 34000-0
Fax +49 711 34110-87
email:
info@goldhofer.com


2. Data protection officer

Dieter Fasel
Lawyer
Wälder 27 a
87789 Woringen/Germany
email:
ra.fasel@gmx.de


3. Personal data

Personal data means any details of the personal or material circumstances of an identified or identifiable natural person. This includes information such as IP addresses, given name and surname, address, telephone number or date of birth. Information that cannot be directly linked to your actual identity, such as statistical information regarding the number of users of a website, does not constitute personal data.


4. Categories of processed data for customers and suppliers

The following categories of data are regularly processed in the context of our business relationships with you:

  • Personal master data (name, date of birth, place of birth, nationality)
  • Contract master data (contractual relationship, product or contract interest)
  • Authentication data (ID data)
  • Communications data (telephone, e-mail, address, IP address)
  • Customer history
  • Invoice and payment data
  • Planning and control data
  • Advertising and sales data
  • Information from third parties, e.g. credit agencies or public directories


5. Categories of processed data for users of our website

When you access our website your Internet browser automatically transfers data to our web server for technical reasons. Once the connection has been established between your Internet browser and our web server, the following data are recorded:

  • Date and time of the request
  • Name of the requested file
  • URL of the website from which the file is requested
  • Access status
  • Web browser and operating system used
  • Full IP address of the requesting computer
  • Volume of data transferred

 
6. Legal basis and purpose of data processing

Goldhofer AG and Goldhofer Airport Technology GmbH and our third-party service providers process your personal data on the basis of the following legal provisions and for the following purposes:

6.1 Contractual basis (preparation, execution, termination), Art. 6(1)(b) GDPR

  • Answering questions and taking steps prior to entering into a contract
  • Preparation, negotiation and performance of a contract
  • Granting access to certain data and offers

6.2 Legal obligation, Art. 6(1)(c) GDPR

  • Responding an official or court order
  • Meeting certain statutory duties in particular relating to taxation law

6.3 Legitimate interests, Art. 6(1)(f) GDPR

  • Direct marketing and optimization of the website (eTracker)
  • Administrative purposes within the Group
  • Improvement of products and services
  • Communication with customers and prospects by e-mail or telephone
  • Preservation of evidence for the establishment, exercise or defense of legal claims
  • Prevention of misuse or other illegal activities within the company
  • Guaranteeing IT security
  • Video surveillance to safeguard domiciliary rights and collect evidence in cases of burglary (cf. Art. 4 FDPA)
  • Measures for building and plant security (e.g. access controls)
  • Data exchange with credit agencies (e.g. SCHUFA) to assess credit and default risks

6.4 Consent, Art. 6(1)(a) GDPR

  • Sending advertising such as price information in the absence of a business relationship
  • Contact made via the website
  • Photographs taken at events


7. Withdrawal of consent

You have the right to revoke the consent you have granted us for the processing of your personal data at any time with future effect. The legality of the processing of your data performed prior to revocation remains unaffected.


8. Disclosure of data

Within the Group, those units have access to your data which require them for the fulfillment of contractual and legal obligations or for internal administrative purposes.

Your personal data will not be passed on to third parties outside the Group unless this is necessary for the execution of the contract or you have given your express consent or we can assert a justified interest or we are obliged to do so by a court or competent authority.

Service providers used by us in the context of order processing agreements and subcontractors may also receive data for these purposes. They include companies in the fields of IT services, logistics, printing services, telecommunications, debt collection, management consultancy and sales and marketing. Insofar as we engage external service providers for order processing purposes, they are carefully selected and have an obligation pursuant to Art. 28 GDPR to observe all provisions of data protection law.

Potential recipients of personal data also include the following:

  • Public authorities and institutions (e.g. tax, judicial and law enforcement authorities) in the context of a statutory or official obligation
  • Auditors, tax consultants or lawyers

 
9. Transfer of personal data to non-EU countries

Personal data may be transferred to parties located outside of the European Union (non-member countries) where

  • it is necessary to fulfill your order (e.g. supply contracts),
  • we have a statutory obligation to do so (e.g. tax reporting rules, combating criminal offenses),
  • it is required to secure the company’s IT operations,
  • we have a justified interest in such data transfer, or
  • you have given your consent.

In the event of the transfer of data to a party in a non-member country, appropriate guarantees pursuant to Art. 44 ff. GDPR will ensure compliance with the level of data protection that applies in the European Union.


10. Price information

For purposes of customer-specific pricing, we store personal data such as given name, surname, contact details and name of company. We use this data exclusively to transmit the requested information and to keep a record of your consent. You can revoke your consent to the storage of the data, the e-mail address and their use for sending price information at any time with future effect. Please follow the instructions in the e-mail or write to us using the contact details provided.


11. External links

Our online offers include links to websites of third parties with which we have no contractual relationship. Once the link has been selected, we have no influence on the processing of any personal data such as the IP address or the URL on which the link is located. We can accept no responsibility for the processing of such personal data by third parties.


12. Social media

We maintain fan pages and company-related sites on diverse social networks and platforms in order to communicate with customers and potential customers and to inform them about our products and activities. For this purpose, we place links on our website to our fan pages and sites so that they can be found more quickly. When accessing the various networks and platforms, the terms of business and privacy policies of the respective operators apply.


12.1 Youtube

This website uses the video platform YouTube, operated by YouTube, LLC, (hereinafter referred to as “YouTube”). YouTube is a platform on which video files can be uploaded for others to play.

When you call up a corresponding page of our offer, the embedded YouTube player establishes a connection to the YouTube servers so that video and audio files can be downloaded and used. At the same time, data is also transferred to YouTube as the responsible party. We can accept no responsibility for such data processing by YouTube.


12.2 Vimeo

This website embeds videos from Vimeo operated by Vimeo LLC (hereinafter referred to as “Vimeo”).

Further information about data processing by Vimeo and your related rights can be found in Vimeo's privacy policy at https://vimeo.com/privacy.


12.3 Facebook

This online offer includes links to the services of Facebook Ireland Ltd. (hereinafter referred to “Facebook”).

When you visit our Facebook page, Facebook records your IP address and possibly further information that is available on your PC in the form of cookies. This information is used to provide us as the owners of the Facebook fan page with statistical information on the use of the Facebook page.

The data collected on you in this context is processed by Facebook and may be transferred to countries outside of the European Union. Your attention is drawn to the fact that Facebook is responsible under data protection law for the transfer and subsequent processing of such data. Facebook provides data protection information describing in general terms which specific data Facebook receives and how it is used. Further information on the subject is provided in Facebook’s privacy policy at http://facebook.com/about/privacy.


12.4 Instagram

Our pages contain links to Instagram. This service is provided and operated by Instagram Inc., which is domiciled in the US.

Information on the subject of data protection is provided in Instagram’s privacy policy at http://instagram.com/about/legal/privacy/.


12.5 XING

This website provides a link to our profile on the social platform XING, which is a network for professionals to connect.


12.6 Twitter

Our website includes links to Twitter, a service provided by Twitter Inc. (hereinafter referred to as “Twitter”). With the use of Twitter and the re-tweet feature, the web pages you visit are  linked to your Twitter account and disclosed to other users. At the same time, data is transferred to Twitter. Please note that we as the provider of the web pages have no knowledge of the content of the transferred data and its use by Twitter. Further information on the subject is provided in Twitter’s privacy policy at http://twitter.com/privacy. You can change your Twitter privacy settings in your account settings at http://twitter.com/account/settings.


12.7 LinkedIn

Our website also includes links to the LinkedIn social network provided by the LinkedIn Corporation (hereinafter referred to as “LinkedIn”). If you click on the link, you will first be redirected to your (logged in) user account via a separate browser window. LinkedIn receives information about your visit to our website by processing your IP address. LinkedIn is also able to establish a correlation between your visit to our website and your user account. Please note that we have no knowledge of the content of the transferred data and its use by LinkedIn. Further information on the subject is provided in LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy.


13. Data security

Our employees and the service providers we hire have a duty to observe confidentiality and to comply with the provisions of the applicable data protection laws. The company takes appropriate technical and organizational safety measures to protect your personal data from loss, manipulation, destruction, and unauthorized access and disclosure. Our safety measures are continually updated in accordance with the latest technological developments.


14. Duration of data storage

We store your data for the duration of the contractual relationship with you or your employer or for as long as necessary to provide our online offer. In addition, we store your personal data for as long as we have a legitimate interest in further storage. The data will be deleted after expiration of the statutory or contractual retention period, e.g. under tax and commercial law. Data not subject to the duty to preserve records will be deleted when the specified purpose no longer applies.


15. Rights as a customer, supplier and user of our website

As a customer or user of our website you have various rights. Please make use of the information provided in the Contact section to assert your rights. When doing so, please ensure that we are able to clearly identify you.

In accordance with the EU’s General Data Protection Regulation, you will receive information upon request free of charge and at any time regarding the storage of your personal data (Art. 15 GDPR). Please note that under certain circumstances your right to information may be restricted in accordance with legal provisions, in particular Art. 34 FDPA-new.

You furthermore have the right to correction (Art. 16 GDPR ) or deletion (Art. 17 GDPR) of said data provided that the statutory requirements are met. Exceptions to the right to deletion include data relating to business activities which are subject to a statutory duty of retention.

You also have the right pursuant to Art. 18 GDPR to restrict the processing of your personal data.


16. Right of objection

Pursuant to Art. 21 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data which we perform to protect our legitimate interests. We will then discontinue the processing of your data unless we can prove, in accordance with the statutory provisions, that we have mandatory grounds for further processing which are worthy of protection and prevail over your rights.


17. Right of objection to direct marketing

You can object to the processing of your personal data for advertising purposes at any time. Please note that for organizational reasons there might be an overlap between your revocation and the use of your data in an ongoing campaign.


18. Right to data portability

Upon request, we guarantee the portability of the personal data provided by you through transfer in a standard machine-readable data format.


19. Duty to provide personal data

If a contractual relationship exists between you and Goldhofer AG or Goldhofer Airport Technology GmbH, you must provide the personal data which is required for the initiation, performance and termination of the contract and compliance with the associated contractual duties or which we have a statutory obligation to collect. Without the provision of said data, we will not normally be able to conclude a contract with you.

To the extent that there is no necessity for your data to be processed within the scope of use of this website for the initiation, performance and termination of a contract and it is not a statutory requirement, the provision of your data is voluntary. Please note, however, that certain website functions and other services will not be available in the case of failure to provide the necessary data.


20. Automatic processing of personal data

Your personal data will only be processed automatically if this is necessary for the conclusion or performance of a contract and the process has no legal or similar effect for you.


21. Complaint to supervisory bodies

If you are dissatisfied with our processing of your personal data, you have the right to lodge a complaint with the relevant supervisory authority. For that purpose you can contact the relevant data protection agency.

The competent data protection agency in the case of Goldhofer AG:

Bayerische Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
91522 Ansbach
Telephone: +49 (0) 981 53 1300
Telefax: +49 (0) 981 53 98 1300
email:
poststelle@lda.bayern.de


The competent supervisory authority in the case of Goldhofer Airport Technology GmbH:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
Königstrasse 10 a
70173 Stuttgart
Telephone: +49 (0)711/615541-0
Telefax: +49 (0)711/615541-15
email:
poststelle@lfdi.bwl.de


22. Copyright

All texts, images, graphics and sound, video and animation files and their arrangements are protected by copyright and are subject to further laws relating to intellectual property rights. They may not be copied for commercial purposes or for distribution, nor may they be modified and used on other websites. Some of the Company's webpages also contain material that is subject to the copyright of those who have provided it.