DATA PROTECTION INFORMATION FOR WEB USER

 

1. What information does this document contain for you?

When visiting our website, we process your personal data, in doing so we ensure that we comply with the requirements of the General Data Protection Regulation (GDPR) and other applicable data protection laws and regulations.

Below we would like to give you a detailed overview of how we process your personal data and your personal data rights.

 

2. Who is responsible for the data processing and who is the data protection officer (DPO)?

  • 2.1. The Controller of the data processing is:TK Elevator GmbH
    E-Plus-Strasse 1
    40472 Düsseldorf
    GermanyE-Mail: info@tkelevator.com
  • 2.2. You can reach our Data Protection Officer at:TK Elevator GmbH
    E-Plus-Strasse 1
    40472 Düsseldorf
    GermanyE-Mail: dpo@tkelevator.com

 

3. Scope and amendments to this privacy statement.

  • 3.1. This privacy statement applies exclusively to the use of our website. It does not apply to the websites of other service providers to which we provide a link. We accept no responsibility for third-party statements and guidelines of third parties. We recommend that you familiarize yourself with the privacy policies and practices of any such third parties.
  • 3.2. We reserve the right to amend these data privacy rules from time to time in accordance with future changes relating to the collection and processing of personal data.

 

4. Which data categories do we use and where do they come from?

The personal data processed in our website will be collected from the following sources:

  • 4.1. From your devices, when you visit our website our web servers save as standard the Internet Protocol (IP) address (a number that is automatically assigned to a computer when the Internet is used), the site from which you access our website, the files you access from us, the date of your visit and general information about your browser (version and type).
  • 4.2. Directly from you, when you complete a contact form or register to receive personalized services. In these cases, you will be informed about the intended use and, if necessary, obtain your consent.
  • 4.3. From the cookies, when you visit our website cookies identifiers are associated with your online identifiers provided by your devices. In these cases, you will be informed about the intended use and, if necessary, your consent will be requested for the installation of cookies on your devices. For more information visit our Cookies Policy.

 

5. What are the purposes and on what legal basis are your data processed?

The personal data can be processed for the following purposes:

  • 5.1. Security purposes.
    The information collected from your devices (see point 4.1) are processed to ensure the stability and the security of the web server and to display our website to you (e.g. your phone. laptop or other device). These data may be analysed only in anonymized form for statistical purposes.

    • 5.1.1. Lawfulness of the processing:
      The processing is necessary for the purposes of the TKE’s legitimate interests (Art. 6 (1) (f) GDPR in accordance with Art. 32 (1) GDPR) and based on recital 47 GDPR.

 

  • 5.2. Contact form.
    When you contact us through the contact forms or through the contact addresses provided on our website, we process your personal data to respond to your inquiries and fulfil your request, including to contact you if necessary. The personal data processed will be those that you decide to provide us with and/or those requested in the contact forms: e.g., first name, last name and email.

    • 5.2.1. Lawfulness of the processing:
      When your request is related to one of our products and services, the processing is necessary for the performance of a contract or in order to take steps at your request prior to entering into a contract (Art. 6 (1) (b) GDPR). If you contact us with any other purposes, such as to provide feedback or just share your thoughts on one of our topics published in the blog, the processing is based on your consent (Art. 6 (1) (a) GDPR).
    • 5.2.2. Data retention:
      The information will be processed as long as necessary to fulfil your request and no longer than three (3) months after we receive your request.

 

  • 5.3. Reports.
    The personal information you provide when submitting a report (name, contact information, facts reported, etc.) will be used to process the report (including investigation of the case and subsequent investigation and, if necessary, reporting to the authorities.

    • 5.3.1. Lawfulness of the processing:
      Performance of a task carried out in the public interest (Art.6 (1) (e) GDPR and legal obligation (Art. 6 (1) (c) GDPR).
    • 5.3.2. Data retention:
      The information you provide when submitting an incident report will be stored for as long as is necessary to determine whether an investigation of the alleged facts needs to be conducted. If it is determined that it is not necessary to initiate an investigation, the information will be retained for the period necessary to comply with legal obligations. If it is determined that an investigation is required, the information will be stored for as long as necessary to conduct the investigation, implement measures and, if necessary, for the purposes of consistent criminal prosecution.

 

Automated individual decision-making processes that could have legal effects on you or could significantly affect you in a similar way do not take place in connection with your use of this website.

 

 

6. Who receives your data?

  • 6.1. Unless the disclosure is mandatory for legal requirements, the information processed in our website will be processed within our Company only by persons and departments (e.g. recruitment department, sales department, marketing department, etc.), which need it for the above mentioned purposes.
  • 6.2. Within our group of companies, some of your data is transferred to specific locations within the Group (Corporate/business area/group companies) if they perform centralized data processing tasks for the Group’s affiliated companies (e.g. centralized IT applications). The transmission of personal data to the TK Elevator Group is carry out under the legitimate interest of TK Elevator Group (recital 48 GDPR). TK-Elevator group have located undertakings outside EU/EEA, therefore your data can be transferred outside Europe, for such data transfers standard contractual clauses have been adopted (Article 46 paragraph 2 lit. c GDPR).
  • 6.3. In addition, we partly use external service providers who are obligated by data processing agreements under data protection regulations to fulfil their data protection obligations (e.g., servers providers in the following areas: IT services and infrastructure, customer services, etc.). Some service providers can be located outside EU/EEA. This is done in compliance with data protection requirements, in particular the assurance of an adequate level of data protection. The assurance is provided by a suitable guarantee (e.g. in the form of a standard contractual clauses according to Article 46 paragraph 2 lit. c GDPR or based on an adequacy decision according to Article 45 GDPR).

 

7. Which data protection rights can you claim as the person affected?

  • 7.1. You have the right to information about the personal data in question and the right to rectification, erasure, restriction of processing and data portability, and in the case of processing in accordance with Art. 6 (1) (e) and (f) GDPR the right to object to processing.
  • 7.2. Insofar as you have provided us with your consent to process your personal data in accordance with Art. 6 (1) (a) GDPR, you can withdraw this consent at any time without affecting the lawfulness of processing based on your consent prior to its withdrawal.
  • 7.3. If you would like to exercise any of these rights, please send a written request explicitly specifying your query to Data Protection Officer (see contact details in point 2.2).
  • 7.4. You have the right to complain to the supervisory authority. The data protection authority responsible for us is:

    Landesbeauftragte für Datenschutz und Informationsfreiheit
    Nordrhein-Westfalen
    Postfach 20 04 44
    40102 Düsseldorf

    Tel.: 0211/38424-0
    Fax: 0211/38424-10
    E-Mail: poststelle@ldi.nrw.de