Data protection declaration for customers, suppliers and users of our Website
Goldhofer AG is delighted to note your interest in our company and our products. The following information is designed to give you – as a customer or prospect for our products and services or as a supplier or visitor to our website – an overview of the ways in which your personal data are processed by our company and about your rights deriving from data protection legislation.
We take the protection of your personal data very seriously, and we process them only in compliance with the provisions of the EU’s General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (FDPA).
In the following we describe which data are processed in the context of our business relationship and during your visit to our website.
1. Responsible companies
This data protection declaration applies to both Goldhofer AG and Goldhofer Airport Technology GmbH (hereinafter referred to as the “Group”). With regard to personal data processed in the course of use of the website, Goldhofer AG has sole responsibility in terms of data protection law. With regard to processing in the context of business dealings, the responsibility lies with the company with which a direct contractual relationship exists.
The contact details of the responsible companies are as follows:
Phone: +49 8331 15-0
Fax: +49 8331 15-239
Goldhofer Airport Technology GmbH
Phone +49 711 34000-0
Fax +49 711 34110-87
2. Data protection officer
Wälder 27 a
3. Personal data
Personal data means any details of the personal or material circumstances of an identified or identifiable natural person. This includes information such as IP addresses, given name and surname, address, telephone number or date of birth. Information that cannot be directly linked to your actual identity, such as statistical information regarding the number of users of a website, does not constitute personal data.
4. Categories of processed data for customers and suppliers
The following categories of data are regularly processed in the context of our business relationships with you:
- Personal master data (name, date of birth, place of birth, nationality)
- Contract master data (contractual relationship, product or contract interest)
- Authentication data (ID data)
- Communications data (telephone, e-mail, address, IP address)
- Customer history
- Invoice and payment data
- Planning and control data
- Advertising and sales data
- Information from third parties, e.g. credit agencies or public directories
5. Categories of processed data for users of our website
When you access our website your Internet browser automatically transfers data to our web server for technical reasons. Once the connection has been established between your Internet browser and our web server, the following data are recorded:
- Date and time of the request
- Name of the requested file
- URL of the website from which the file is requested
- Access status
- Web browser and operating system used
- Full IP address of the requesting computer
- Volume of data transferred
6. Legal basis and purpose of data processing
Goldhofer AG and Goldhofer Airport Technology GmbH and our third-party service providers process your personal data on the basis of the following legal provisions and for the following purposes:
6.1 Contractual basis (preparation, execution, termination), Art. 6(1)(b) GDPR
- Answering questions and taking steps prior to entering into a contract
- Preparation, negotiation and performance of a contract
- Granting access to certain data and offers
6.2 Legal obligation, Art. 6(1)(c) GDPR
- Responding an official or court order
- Meeting certain statutory duties in particular relating to taxation law
6.3 Legitimate interests, Art. 6(1)(f) GDPR
- Direct marketing and optimization of the website (eTracker)
- Administrative purposes within the Group
- Improvement of products and services
- Communication with customers and prospects by e-mail or telephone
- Preservation of evidence for the establishment, exercise or defense of legal claims
- Prevention of misuse or other illegal activities within the company
- Guaranteeing IT security
- Video surveillance to safeguard domiciliary rights and collect evidence in cases of burglary (cf. Art. 4 FDPA)
- Measures for building and plant security (e.g. access controls)
- Data exchange with credit agencies (e.g. SCHUFA) to assess credit and default risks
6.4 Consent, Art. 6(1)(a) GDPR
- Sending advertising such as price information in the absence of a business relationship
- Contact made via the website
- Photographs taken at events
7. Withdrawal of consent
You have the right to revoke the consent you have granted us for the processing of your personal data at any time with future effect. The legality of the processing of your data performed prior to revocation remains unaffected.
8. Disclosure of data
Within the Group, those units have access to your data which require them for the fulfillment of contractual and legal obligations or for internal administrative purposes.
Your personal data will not be passed on to third parties outside the Group unless this is necessary for the execution of the contract or you have given your express consent or we can assert a justified interest or we are obliged to do so by a court or competent authority.
Service providers used by us in the context of order processing agreements and subcontractors may also receive data for these purposes. They include companies in the fields of IT services, logistics, printing services, telecommunications, debt collection, management consultancy and sales and marketing. Insofar as we engage external service providers for order processing purposes, they are carefully selected and have an obligation pursuant to Art. 28 GDPR to observe all provisions of data protection law.
Potential recipients of personal data also include the following:
- Public authorities and institutions (e.g. tax, judicial and law enforcement authorities) in the context of a statutory or official obligation
- Auditors, tax consultants or lawyers
9. Transfer of personal data to non-EU countries
Personal data may be transferred to parties located outside of the European Union (non-member countries) where
- it is necessary to fulfill your order (e.g. supply contracts),
- we have a statutory obligation to do so (e.g. tax reporting rules, combating criminal offenses),
- it is required to secure the company’s IT operations,
- we have a justified interest in such data transfer, or
- you have given your consent.
In the event of the transfer of data to a party in a non-member country, appropriate guarantees pursuant to Art. 44 ff. GDPR will ensure compliance with the level of data protection that applies in the European Union.
10. Price information
For purposes of customer-specific pricing, we store personal data such as given name, surname, contact details and name of company. We use this data exclusively to transmit the requested information and to keep a record of your consent. You can revoke your consent to the storage of the data, the e-mail address and their use for sending price information at any time with future effect. Please follow the instructions in the e-mail or write to us using the contact details provided.
11. External links
Our online offers include links to websites of third parties with which we have no contractual relationship. Once the link has been selected, we have no influence on the processing of any personal data such as the IP address or the URL on which the link is located. We can accept no responsibility for the processing of such personal data by third parties.
12. Google Analytics
We use Google Analytics to analyze our website utilization. The hereby gained data is used to optimize our website as well as marketing efforts.
Google Analytics is a web analysis service hosted and provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States). Google processes the data on the use of our website on our behalf and is committed contractually to measures to guarantee the confidentiality of the processed data.
While visiting our website data that is being tracked include:
- Page visits
- Your behavior on the pages
- Your approximate location (country and city)
- Your IP address (in shortened form so that it cannot be attributed clearly)
- Technical information like browser, internet provider, device and screen resolution
- Original source of your visit (via which website or ad did you reach our website)
The data generated is sent to a Google server in the USA, where it is stored. In doing so, Google observes the data protection regulations of the ”EU-US Privacy Shield“.
Google Analytics stores cookies in your web browser for the duration of two years since your last visit. These cookies include a randomly generated user ID that allows to recognize you for future website visits. The tracked data is being stored together with the randomly generated user ID which allows the analysis of pseudonymous user profiles. This user related data is being deleted automatically after 14 months. Further data remain being stored aggregated without limit of time.
If you do not agree with the tracking, you can stop it with the single installation of the browser add-on to deactivate Google Analytics. You can also prevent the capture of your data through Google Analytics by clicking on the following link: deactivate Google Analytics. An opt-out cookie will be set which prevents the tracking of your data for future visits of this website.
13. Social media
We maintain fan pages and company-related sites on diverse social networks and platforms in order to communicate with customers and potential customers and to inform them about our products and activities. For this purpose, we place links on our website to our fan pages and sites so that they can be found more quickly. When accessing the various networks and platforms, the terms of business and privacy policies of the respective operators apply.
This website uses the video platform YouTube, operated by YouTube, LLC, (hereinafter referred to as “YouTube”). YouTube is a platform on which video files can be uploaded for others to play.
When you call up a corresponding page of our offer, the embedded YouTube player establishes a connection to the YouTube servers so that video and audio files can be downloaded and used. At the same time, data is also transferred to YouTube as the responsible party. We can accept no responsibility for such data processing by YouTube.
This website embeds videos from Vimeo operated by Vimeo LLC (hereinafter referred to as “Vimeo”).
This online offer includes links to the services of Facebook Ireland Ltd. (hereinafter referred to “Facebook”).
When you visit our Facebook page, Facebook records your IP address and possibly further information that is available on your PC in the form of cookies. This information is used to provide us as the owners of the Facebook fan page with statistical information on the use of the Facebook page.
Our pages contain links to Instagram. This service is provided and operated by Instagram Inc., which is domiciled in the US.
This website provides a link to our profile on the social platform XING, which is a network for professionals to connect.
14. Data security
Our employees and the service providers we hire have a duty to observe confidentiality and to comply with the provisions of the applicable data protection laws. The company takes appropriate technical and organizational safety measures to protect your personal data from loss, manipulation, destruction, and unauthorized access and disclosure. Our safety measures are continually updated in accordance with the latest technological developments.
15. Duration of data storage
We store your data for the duration of the contractual relationship with you or your employer or for as long as necessary to provide our online offer. In addition, we store your personal data for as long as we have a legitimate interest in further storage. The data will be deleted after expiration of the statutory or contractual retention period, e.g. under tax and commercial law. Data not subject to the duty to preserve records will be deleted when the specified purpose no longer applies.
16. Rights as a customer, supplier and user of our website
As a customer or user of our website you have various rights. Please make use of the information provided in the Contact section to assert your rights. When doing so, please ensure that we are able to clearly identify you.
In accordance with the EU’s General Data Protection Regulation, you will receive information upon request free of charge and at any time regarding the storage of your personal data (Art. 15 GDPR). Please note that under certain circumstances your right to information may be restricted in accordance with legal provisions, in particular Art. 34 FDPA-new.
You furthermore have the right to correction (Art. 16 GDPR ) or deletion (Art. 17 GDPR) of said data provided that the statutory requirements are met. Exceptions to the right to deletion include data relating to business activities which are subject to a statutory duty of retention.
You also have the right pursuant to Art. 18 GDPR to restrict the processing of your personal data.
17. Right of objection
Pursuant to Art. 21 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data which we perform to protect our legitimate interests. We will then discontinue the processing of your data unless we can prove, in accordance with the statutory provisions, that we have mandatory grounds for further processing which are worthy of protection and prevail over your rights.
18. Right of objection to direct marketing
You can object to the processing of your personal data for advertising purposes at any time. Please note that for organizational reasons there might be an overlap between your revocation and the use of your data in an ongoing campaign.
19. Right to data portability
Upon request, we guarantee the portability of the personal data provided by you through transfer in a standard machine-readable data format.
20. Duty to provide personal data
If a contractual relationship exists between you and Goldhofer AG or Goldhofer Airport Technology GmbH, you must provide the personal data which is required for the initiation, performance and termination of the contract and compliance with the associated contractual duties or which we have a statutory obligation to collect. Without the provision of said data, we will not normally be able to conclude a contract with you.
To the extent that there is no necessity for your data to be processed within the scope of use of this website for the initiation, performance and termination of a contract and it is not a statutory requirement, the provision of your data is voluntary. Please note, however, that certain website functions and other services will not be available in the case of failure to provide the necessary data.
21. Automatic processing of personal data
Your personal data will only be processed automatically if this is necessary for the conclusion or performance of a contract and the process has no legal or similar effect for you.
22. Complaint to supervisory bodies
If you are dissatisfied with our processing of your personal data, you have the right to lodge a complaint with the relevant supervisory authority. For that purpose you can contact the relevant data protection agency.
The competent data protection agency in the case of Goldhofer AG:
Bayerische Landesamt für Datenschutzaufsicht (BayLDA)
Telephone: +49 (0) 981 53 1300
Telefax: +49 (0) 981 53 98 1300
The competent supervisory authority in the case of Goldhofer Airport Technology GmbH:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
Königstrasse 10 a
Telephone: +49 (0)711/615541-0
Telefax: +49 (0)711/615541-15
All texts, images, graphics and sound, video and animation files and their arrangements are protected by copyright and are subject to further laws relating to intellectual property rights. They may not be copied for commercial purposes or for distribution, nor may they be modified and used on other websites. Some of the Company's webpages also contain material that is subject to the copyright of those who have provided it.