You were automatically redirected to our English website.
Sie wurden automatisch auf unsere englische Website weitergeleitet.
Ok

Data protection

GROB attaches great importance to the protection of your personal data and processes it exclusively within the framework of legal requirements. In addition to information on the protection of your data when visiting this website, you will find further documents on the handling of personal data at GROB for download on this page. 

 

You can change your cookie settings at any time in the privacy settings.

Below you will find the data protection declaration of the GROB website. GROB-WERKE GmbH & Co. KG is the operator of the entire GROB Group website. This data protection declaration applies to all language versions of the GROB website.

Privacy Policy for the website of GROB-WERKE GmbH & Co. KG

GROB-WERKE GmbH is pleased that you have chosen to visit our website and about your interest in our company. The protection of personal data is important to GROB-WERKE GmbH & Co. KG and is also required by law. The use of our services is based on our privacy policy. We give our users the opportunity to adjust relating to the data that we collect, use, and share in accordance with this privacy policy and the cookie information. With the following information, we would like to give you an overview of the processing of your personal data by us and your rights under data protection law.

 

 

I. Contact data of the responsible body

The responsible body within the context of the EU General Data Protection Regulation, separate national member-state data protection laws and other data protection provisions is:

 

GROB-WERKE GmbH & Co. KG

Industriestr. 4

87719 Mindelheim

Contact data can be found under Legal Notice.

 

We recommend that you contact our company Data Protection Officer to assert your rights, to report any data protection incidents, for suggestions and complaints relating to the processing of your personal data, and to revoke any granted consent.

 

 

II. Contact data of the Data Protection Officer

GROB-WERKE GmbH & Co. KG

Data Protection Officer

Industriestraße 4

87719 Mindelheim

E-mail: datenschutz@grob.de

 

 

 

III. General information on data processing

1. Personal data processing scope

We only process personal data of our users to the extent strictly necessary to provide a functional website as well as our content and services. We process the personal data of our users only with the user's consent. An exception applies in such cases where prior consent cannot be obtained due to circumstantial reasons and the processing of the data is permitted by law.

 

 

2. Legal basis for the processing of personal data

Insofar as we are granted personal consent for the processing of personal data, Art. 6, para. 1, lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

 

Insofar processing of personal data is required to fulfill a legal obligation our company is subject to, Art. 6, para. 1, lit. c of the EU GDPR serves as the legal basis.

 

If processing is required to preserve a legitimate company or third-party interest and the interests, basic rights and freedoms of the affected do not outweigh said interest, Art. 6, para. 1, lit. f of the EU GDPR serves as the legal basis for processing.

 

 

3. Data deletion and storage period

The personal data of the affected person is deleted or made inaccessible as soon as the reason for storage no longer applies. Storage can also take place if this is prescribed by the European or national legislative authorities in Union regulations, laws or other rules the responsible body is subject to. Data is also deleted or made inaccessible when a storage period prescribed by one of the aforementioned standards expires unless there is a need for further storage in compliance with proportionality.

 

 

IV. Provision of the website and generation of log files

 

1. Data processing description and scope

With each visit to our Internet page, our system automatically records data and information from the system of the accessing computer.

 

The following data is collected for this:

  • The IP address of the end device used to access the online service
  • The web pages that you visit at our site
  • The date and duration of the visit
  • The identification data of the browser and operating system type used, the website you visit us from, and the
  • https status code (e.g., "Request successful" or "Requested file not found")

 

The log files contain IP addresses or other data enabling assignment to a user. This can be the case, for example, if the link to the website from which the user opens the Internet page or the link the to the website to which the user switches contains personal data.

 

The data is also stored in the log files of our system. There is no storage of this data together with other personal data.

 

For security reasons and to protect the transmission of confidential data, such as registrations or requests sent to us as page owners, our pages use SSL or TLS encryption. Because of this, the data you transfer to us cannot be read by third parties.

 

 

2. Legal basis for data processing 

The legal basis for temporary storage of data and log files is Art. 6, para. 1, lit. f of the EU GDPR.

 

 

3. Purpose of data processing

The system's temporary storage of the IP address is required for transmission of the website to the computer of the user. The IP address must be stored for the session duration for this.

 

Storage is carried out in log files to ensure website functionality. Additionally, the data is used for technical optimization of the website, and to ensure IT system security. There is no data evaluation for marketing purposes in this context.

Our legitimate interest in this process is data processing in accordance with Art. 6, para. 1, lit. f of the EU GDPR.

 

 

4. Storage duration

The data is deleted as soon as it is no longer required for achieving the purpose of its collection. For collected website provision data, this is when the respective session is ended.

 

For data stored in log files, this is after 30 days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or made illegible, preventing being traced back to the accessing client.

 

 

5. Options to decline and to delete

Collection of data for website provision and storage of the data in log files is absolutely necessary for Internet page operation. Consequently, there is no option to decline for the user.

 

 

V. Service provider contracting

We contract service providers with tasks such as marketing services, programming, website maintenance, webanalysis, conversion tracking and data hosting. We select these service providers carefully and monitor them regularly, especially their diligent management of the data and the corresponding technical security. We require all service providers to maintain confidentiality and comply with the legal data protection requirements. Wherever legally required, we have concluded order processing contracts with our service providers.

 

 

VI. Use of cookies

1. Data processing description and scope

Our website uses cookies. Cookies are small text files that are stored in the Internet browser or on the computer system of the user by the Internet browser. If a user visits a website, a cookie may be stored in the operating system of the user. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is revisited.

We use cookies to maintain website functionality. Some elements of our Internet page require the accessing browser to be identifiable even after a page change.

We additionally use cookies on our website that allow analysis of the surfing habits of the users.

A detailed list of all cookies used can be found here under "Further Information".

When a user visits our website, they are informed about the use of cookies for analysis purposes and consent to the processing of personal data used in this context is established. This privacy policy is also referenced in this context.

 

 

2. Legal basis for data processing

The legal basis for the processing of personal data using technically required cookies as described in § 25, para. 2 of the German Telecommunications-Telemedia Data Protection Act is Art. 6, para. 1, lit. f of the EU GDPR.

 

Provided user consent for such is established, the legal basis for the processing of personal data using cookies for analysis purposes is Art. 6, para. 1, lit. f of the EU GDPR.

 

The basis for data processing using the Consent Management Tool is Art. 6, para. 1, lit. b of the EU DGPR.

 

 

3. Purpose of data processing

Technically required cookies are used to enable website use for users. Some functions of our Internet page cannot be provided without the use of cookies. These require that the browser be remembered after a page change as well. The user data collected by technically required cookies is not used to generate user profiles.

The analysis cookies are used to improve the quality of our website and its contents. The analysis cookies show us how our website is used, allowing us to continuously optimize content.

 

Our legitimate interest in this process is also data processing in accordance with Art. 6, para. 1, lit. f of the EU GDPR.

 

 

4. Duration of storage, options to decline and to delete

Cookies are stored on the computer of the user and transmitted to our page from it. This gives you as the user full control over the use of cookies. You can deactivate or restrict the storage of cookies by changing the settings in your Internet browser. Stored cookies can be deleted at any time. This can also be automated.

You can manage your consent to cookies for our website here at any time. If cookies are deactivated for our website, all website functions may no longer be fully utilized.

 

 

5. Order processing contract

For consent management, we use the platform of Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany. This platform aids us in the consent check and cookie logging, as well as with running checks of cookies used by us. We have concluded a corresponding order processing contract as per Art. 28 of the EU GDPR

 

 

VII. Conversion Tracking

1. Google Ads

a. Data processing description and scope

We use the "Google Ads" online advertising program and conversion tracking as part of Google Ads. Google conversion tracking is an analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). If you click on an advertisement placed by Google, a cookie for the conversion tracking is stored on your computer. These cookies become invalid after 30 days, contain no personal data and therefore cannot be used for personal identification.

If you visit certain Internet pages on our website, Google and we can see that you clicked the advertisement and were forwarded to this page. Every Google Ads customer has a different cookie. This provides no opportunity to track cookies via the websites of Ads customers.

 

b. Legal basis

The legal basis for storage of "conversion cookies" is Art. 6, para. 1, lit. a of the EU GDPR.

 

c. Purpose of data processing

Information collected with the aid of the conversion cookie is used to generate conversion statistics for Ads customers that have opted for conversion tracking. With these, the customers can see the total number of users that have clicked on their advertisement and were forwarded to a page with a conversion tracking tag. They do not, however, receive any information that can be used to personally identify users.

 

d. Options to decline and to delete

If you do not wish to participate in tracking, you can decline its use by preventing installation of the cookies via the corresponding settings in your browser software (deactivation option). You are then not recorded in the conversion tracking statistics. More information as well as Google's privacy policy can be found under: http://www.google.com/policies/technologies/ads/, http://www.google.de/policies/privacy/

 

e. Order processing contract

For the processing of the data for which Google is the order processor, we have concluded an order processing contract with Google in which we stipulate that Google must protect our customers' data and not pass it on to third parties.

 

 

2. Meta-Ads

a. Data processing description and scope

Our online services use the so-called "Meta Pixel" of the Meta social network operated by Meta Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or Meta Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland in the EU.

 

With the aid of the Meta Pixel, Meta can define you using our online services as the target group for advertisement display (so-called "Facebook Ads"). We accordingly use the Meta Pixel to only display advertisements placed by us to those Meta users that have shown interest in our online services or that have specific attributes (such as interest in defined topics or products determined by visited sites) which we transmit to Meta (so-called "custom audiences").

 

More information on the use of user data can be found in Meta's privacy policy: Meta Privacy Policy – How Meta collects and uses user data | Privacy Center | Manage your privacy on Facebook, Instagram and Messenger | Facebook Privacy

 

b. Legal basis

The legal basis for the use of the Meta Pixel as well as the storage of "conversion cookies" is Art. 6, para. 1, lit. a of the EU GDPR.

 

c. Purpose

With the aid of the Meta Pixel, we wish to ensure that our Meta Ads correspond to the potential interests of the users without annoying. With the aid of the Meta Pixel, we can also track the effectiveness of the Meta advertisements for statistical and market research purposes by determining whether users are forwarded to our website after clicking on a Meta advertisement (so-called "conversion").

 

d. Options to decline and to delete

You can decline collection via the Meta Pixel and the use of your data for the display of Meta Ads. To set the types of advertisement shown to you in Meta, you can visit Meta's page and follow the instructions on the web-based advertisement settings there.

 

e. Order processing contract

For the processing of the data for which Meta is the order processor, we have concluded an order processing contract with Meta in which we stipulate that Meta must protect our customers' data and not pass it on to third parties.

 

 

3. LinkedIn Ads

a. Data processing description and scope

We utilize the conversion tracking technology of the LinkedIn platform on our website. More relevant advertisements based on your interests are displayed to you with this LinkedIn technology. We also receive compiled and anonymized reports from LinkedIn on advertisement activity and information on how you interact with our website.

More information on LinkedIn's privacy policy can be found here: https://www.linkedin.com/legal/privacy-policy#choices-oblig.

 

b. Legal basis

The legal basis for the use of LinkedIn Ads is Art. 6, para. 1, lit. a of the EU GDPR.

 

c. Purpose

LinkedIn Ads support us in effectively targeting our target groups, leading to a focused approach toward you, the user.

 

d. Options to decline and to delete

 You can decline analysis of your usage behavior by LinkedIn as well as the display of interest-based recommendations ("opt-out"); to do this, click on "Decline on LinkedIn" (for LinkedIn subscribers) or "Decline" (for other users) under the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

 

e. Order processing contract

For the processing of the data for which LinkedIn is the order processor, we have concluded an order processing contract with LinkedIn in which we stipulate that LinkedIn must protect our customers' data and not pass it on to third parties.

 

 

4. Microsoft Ads

a. Data processing description and scope

The Microsoft privacy statement can be found here: Microsoft Privacy Statement – Microsoft Privacy Policy

 

b. Legal basis

The legal basis for the use of Microsoft Ads is Art. 6, para. 1, lit. a of the EU GDPR.

 

c. Purpose

Data used to generate user profiles with pseudonyms is collected and stored with Microsoft Ads/Bing Ads technologies on our website. This service allows us to track user activity on our website if these have accessed our website via Bing Ads advertisements. If you visit our website via one of these advertisements, a cookie is set on your computer. A Bing UET tag is integrated in our website. This is a code storing website usage data. Among other things, this includes the website visit duration, the website areas visited and which advertisement forwarded the user to the website. Information on your identity is not collected.

 

d. Options to decline and to delete

Personalized Ads - Microsoft Advertising

 

e. Order processing contract

For the processing of the data for which Microsoft is the order processor, we have concluded an order processing contract with Microsoft in which we stipulate that Microsoft must protect our customers' data and not pass it on to third parties.

 

 

VIII. Newsletter

1. Data processing description and scope

Newsletter distribution is based the user's registration on the website:

 

Our Internet page provides the option to subscribe to a free newsletter. Registering for the newsletter transmits the data from the input form to us. Mandatory entries are the name and the e-mail address. The company and the country can also be entered voluntarily.

The following data is also collected during registration: The IP address of the accessing machine, and the date and time of registration. In the registration process, your consent is obtained for processing the data and reference is made to this privacy policy.

 

If you purchase goods on our Internet page and include your e-mail address for this, we can consequently use this for newsletter distribution. In this case, the newsletter only includes direct advertisement for similar goods or services of ours.

 

Registration for our newsletter takes place via what is known as a double opt-in process. This means that you receive an e-mail asking you to confirm your registration after registration. This confirmation is required to prevent anyone from registering with other peoples' e-mail addresses. Registrations for the newsletter are logged for verification of the registration process in accordance with legal requirements.

 

No data is transferred to third parties in the context of data processing for newsletter distribution. The data is used exclusively for distribution of the newsletter.

 

To able to provide you with the best of service, we employ personalized newsletter tracking that shows us when and how often a recipient has opened the newsletter and how often the recipient has clicked on a hyperlink on the newsletter. Your consent is requested for this as well.

 

 

2. Legal basis for data processing

Provided user consent for such is established, the legal basis for the processing of data after registration for newsletter distribution is Art. 6, para. 1, lit. f of the EU GDPR.

 

Logging of the registration process is conducted on the basis of our legitimate interest in accordance with Art. 6, para. 1, lit. f of the EU GDPR. Our interest is the use of a user-friendly and secure newsletter system that both serves our commercial interests and meets user expectations, and additionally allows for consent verification.

 

The legal basis for newsletter distribution on the basis of sold goods or services is Art. 6, para. 1, lit. f of the EU GDPR.

 

 

3. Purpose of data processing

Collection of the e-mail address of the user is for distributing the newsletter.

Collection of other personal data during the registration process is to prevent misuse of services or of the e-mail address used.

Newsletter tracking data collection is used for the improvement of our service.

 

 

4. Storage duration

You can withdraw your consent to receive our newsletter at any time. A link to revoke consent can be found at the end of every newsletter.

 

We store your registration information, consent and its revocation for three years from the time consent is revoked to verify a prior granted consent. The processing of this data is restricted to the purpose of a possible defense against claims. 

 

The other data collected as part of the registration process is deleted as soon as it is no longer required for achieving the purpose of newsletter distribution, at the latest 14 days after revoking consent for newsletter distribution.

 

 

5. Options to decline and to delete

Subscription to the newsletter can be canceled by the affected user at any time. There is a link for this purpose in every newsletter. This also allows the revoke of consent to storage of personal data collected during the registration process.

 

 

6. Order processing contract

Cocuna Communication, Prager Str. 3, 01069 Dresden supports us with the newsletter dispatch and tracking process. We have concluded a corresponding order processing contract per Art. 28 of the EU GDPR.

 

 

IX. Webshop

On our website, we provide users with the option to register for our webshop, which includes specifying personal data. The data is entered in a webform, transmitted to us and stored. Further details can be found in the separate privacy policy for the webshop, which can be found in the registration form.

 

 

X. Forms and e-mail contact

1. Data processing description and scope

On our Internet page, we provide forms that can be used for contacting us electronically, for service requests or for registration purposes, for example. If a user makes use of this option, the data entered in the input form will be transmitted to us and stored. The input forms have mandatory and optional entry fields which you can fill out voluntarily. When the message is sent, the following data is also stored: The IP address of the user and the date and time.

 

In part, we receive support from service providers, such as from ticketareo GmbH, Jakob-Huber-Str. 2, 82110 Germering, Germany with registration for events. Where this is the case, we have concluded order processing contacts with the service providers.

 

When sent, your consent to process the data is obtained and reference is made to this privacy policy.

 

For security reasons and to protect the transmission of confidential content, our site uses the latest TLS encryption. Because of this, the data you transfer to us cannot be read by third parties.

 

Alternatively, you can contact us via the e-mail address provided. In this case, the personal data transmitted along with the email will be stored. Should you want to contact us by email, we would like to advise you that the confidentiality of the transmitted information cannot be guaranteed. The content of your email may be viewed by unauthorized third parties.

 

No data will be transferred to third parties in this context. The data is used exclusively for processing the conversation.

 

 

2. Legal basis for data processing 

Provided user consent for such is established, the legal basis for the processing of data is Art. 6, para. 1, lit. a of the EU GDPR.

 

The legal basis for processing of data transmitted sending an e-mail is Art. 6, para. 1, lit. f of the EU GDPR. If the e-mail contact is to conclude a contract, an additional legal basis for processing is Art. 6, para. 1, lit. b of the EU GDPR.

 

 

3. Purpose of data processing

The processing of personal data from the input form is used solely to implement to purpose of the form, such as the processing of a contact request or the submission of your attendance at one of our events. In the event of contact via e-mail, this also represents the required legitimate interest for data processing.

 

Other personal data processed during sending is used to prevent misuse of the contact form and to ensure the secure of our IT systems.

 

 

4. Storage duration

We store your registration information, consent and its revocation for three years from the time consent is respectively granted or revoked to verify a prior granted consent. The processing of this data is restricted to the purpose of a possible defense against claims. 

 

The other data collected via the input form or due to receipt of your e-mail is deleted as soon as it is no longer required for achieving the individual purpose. If your consent is revoked, deletion is 14 days after receipt of such at the latest. The same applies for personal data collected additionally during sending. 

.  

 

5. Options to decline and to delete

The user can revoke consent for processing of personal data at any time. For this, the user must contact us per e-mail at info@de.grobgroup.com and the consent for storage of personal data can be revoked at any time. In this case, the conversation cannot be continued and the purpose of the form cannot be implemented.

 

 

6. Order processing contract

We receive support from our service provider ticketareo GmbH, Jakob-Huber-Str. 2, 82110 Germering, Germany with registration for events. We have concluded a corresponding order processing contract per Art. 28 of the EU GDPR with ticketareo GmbH.

 

 

XI. Web Analysis

1. By Google Analytics 4

a. Personal data processing scope

We use Google Analytics 4 on our website to analyze the surfing behavior of our users. This service is provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043 USA) for analysis of website usage by users. The service uses cookies. The information collected by the cookies is usually sent to a Google server in the USA and stored there. If individual pages of our website are visited, the following data is stored:

  1. Two bytes of the IP address of the accessing system of the user
  2. The accessed website
  3. The website from which the user was forwarded to the accessed website (referrer)
  4. The sub-pages visited from the accessed website
  5. The time spent on the website
  6. How often the website was accessed

 

The software is set so that the IP addresses are not saved whole, but instead with two bytes of the IP address masked (e.g., 192.168.xxx.xxx). With this method, the truncated IP address cannot be linked to the accessing computer. In addition to this, we have selected overall data protection-friendly settings and have concluded an order processing contract with Google.

 

We have Google Signals activated, which is integrated in Google Analytics 4. Google Inc. can use the collected data for personalized advertising with this if you have a Google account. Google Signals only provides us with anonymized statistics on the behavior of our users with no personal reference included or possible.

 

This website uses the "demographic features" function of Google Analytics. This makes it possible to receive reports with information on the age, gender and interests of the page visitors. This data comes from interest-related advertising by Google and from visitor data from third-party providers. This data cannot be traced to a specific person. You can deactivate this function at any time via the display settings in your Google account, or generally decline the collection of your data by Google Analytics as described in "Options to decline and delete".

 

The provider uses the Remarketing or "Similar target groups" function of Google Inc. ("Google") on the website. This function allows the provider to provide targeted advertisements to the visitors or the website by placing personalized and interest-based ads for the visitors of the website of the provider when they visit other sites on the Google Display Network. Google uses so-called cookies to perform the website usage analysis, which provides the basis for generation of interest-related advertisements. Google stores a small file with a numerical string in the browsers of the website visitors for this. This numerical string is used to identify the number of visits to the website and collect anonymized data on website usage. No personal data of the website visitor is stored. If you then later visit a different website in the Google Display Network, advertisements are displayed to you that highly probably take into account previously visited product and information areas. You can permanently deactivate use of cookies by Google as described in "Options to decline and delete".

 

 

b. Legal basis for the processing of personal data

The legal basis for processing of personal data of the users is Art. 6, para. 1, lit. f of the EU GDPR.

 

c. Purpose of data processing

Processing personal user data allows us to analyze the surfing behavior of our users. With the evaluation of the collected data, we can compile information on the usage of individual components of our website. This helps us to continuously improve our website and its user-friendliness. Our legitimate interest in this process is also data processing in accordance with Art. 6, para. 1, lit. f of the EU GDPR. The anonymization of the IP address sufficiently considers the interest of the users in the protection of personal data.

 

d. Duration of storage

The data is deleted as soon as it is no longer required for the purpose of collection. In our case this is after two months.

 

e. Options to decline and to delete

You can prevent the storage of the cookie on your device by making the appropriate settings in your browser. Unrestricted access to all functions of this website may not be ensured if your browser does not allow cookies.

 

f. Order data processing

We have concluded an order processing contract with Google in which we stipulate that Google must protect our customers' data and not pass it on to third parties. 

 

 

2. Webanalysis by LinkedIn

a. Personal data processing scope

Our website uses functions of the LinkedIn network. Provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every access to one of our pages including LinkedIn functions establishes a connection to LinkedIn servers. LinkedIn is informed that you visited our Internet pages with your IP address. If you click on the "Recommend" button of LinkedIn and are logged into your LinkedIn account, LinkedIn can link your visit to our Internet page to you and your user account. Please note that we as the provider of the pages have no knowledge of the content of the transmitted data or of its usage by LinkedIn.

 

More information on the use of user data can be found in LinkedIn's privacy policy under: https://www.linkedin.com/legal/privacy-policy

 

We utilize the analysis and conversion tracking technology of the LinkedIn platform on our website. More relevant advertisements based on your interests are displayed to you with this LinkedIn technology. We also receive compiled and anonymized reports from LinkedIn on advertisement activity and information on how you interact with our website. More information on LinkedIn's privacy policy can be found here: https://www.linkedin.com/legal/privacy-policy#choices-oblig.

 

 

b. Legal basis for the processing of personal data

The legal basis for processing of personal data of the users is Art. 6, para. 1, lit. f of the EU GDPR.

 

c. Purpose of data processing

Processing personal user data allows us to analyze the surfing behavior of our users. With the evaluation of the collected data, we can compile information on the usage of individual components of our website. This helps us to continuously improve our website and its user-friendliness. Our legitimate interest in this process is also data processing in accordance with Art. 6, para. 1, lit. f of the EU GDPR. The anonymization of the IP address sufficiently considers the interest of the users in the protection of personal data.

 

d. Duration of storage

The data is deleted as soon as it is no longer required for the purpose of collection. In our case this is after three months.

 

e. Options to decline and to delete

You can prevent the storage of the cookie on your device by making the appropriate settings in your browser. Unrestricted access to all functions of this website may not be ensured if your browser does not allow cookies.

 

You can decline analysis of your usage behavior by LinkedIn as well as the display of interest-based recommendations ("opt-out"); to do this, click on "Decline on LinkedIn" (for LinkedIn subscribers) or "Decline" (for other users) under the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

 

f. Order data processing

We have concluded an order processing contract with LinkedIn in which we stipulate that LinkedIn must protect our customers' data and not pass it on to third parties.  . 

 

 

XII. Social media presences

We maintain social media presences world-wide at LinkedIn, Instagram, XING, TikTok, WeChat, Youku, YouTube, IndustryArena as well as Facebook. You can find our social media presences in the respective GROB domain utilizing the associated social media presence or directly via the platforms.

Please note that user data may be processed outside the European Union. Additionally, the user data is usually processed for market research and advertisement purposes by these companies. This means that usage profiles can be generated from the usage behavior and the corresponding interests of the user. The user profiles can then be used to place advertisements that correspond to the interests of the users on the platforms and off, for example. In addition, data independent of the devices used by the users can be stored in the user profiles (if the users are subscribed to the respective platform and are logged on to these). The legal basis for processing of personal data of the users is based on the legitimate interest of effectively informing the users and communication with the users in accordance with Art. 6, para. 1, lit. f of the EU GDPR. If user consent to the processing described is requested from the user by the respective providers, the legal basis for processing is Art. 6, para. 1, lit. a. of the EU GDPR. For a detailed documentation of the respective processing and the options to decline (opt-out), we refer to the information of the providers linked in the following. In addition, in the case of requests for information and the assertion of user rights, we would like to point out that these can be asserted most effectively with the providers. Only the providers have respective access to the data of the users and can directly implement appropriate measures and provide information. Should you nevertheless require assistance, you can also then contact us.

 

 

1. YouTube

 

 

2. TikTok

 

 

3. Meta (Facebook/Instagram)

 

 

4. Xing

 

 

5. LinkedIn

 

 

6. WeChat

 

 

7. Youku

 

 

8. IndustryArena

 

 

XIII: Integration of services

Based on our legitimate interests, we use content or services from third-party providers within our online services in order to integrate our own content located on these platforms and/or services from the third-party provider.

 

By default, the content/service is stored on this homepage in the form of an I-frame, which means that no personal data is transmitted to the third-party provider before the content is activated. The external content is only started when the displayed graphic is activated separately and your IP address at the least is transmitted to the service provider. Third-party providers may also use so-called Pixel Tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Pixel Tags can be used to analyze information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on your device and include, among other things, technical information on your browser and operating system, visit times and other information about your usage.

 

1. YouTube

We incorporate GROB's own videos that are posted on the "YouTube" platform of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA or Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland.

 

 

2. Google Maps

We incorporate maps of the "Google Maps" service of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA or Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland. Please note that your personal data is transmitted to Google LLC when a map is clicked on.

 

 

3. Google Tag Manager

We use the Google Tag Manager of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA or Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland. We have concluded an order processing contract with Google. Google Tag Manager is an auxiliary service and only processes personal data for technically necessary purposes. Google Tag Manager ensures that other components are loaded, which in turn may collect data. Google Tag Manager does not access this data.

 

 

4. Google Fonts

Google Fonts is a directory of over 1,300 fonts. The provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA or Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland make these fonts available to website operators free of license. In practice, these fonts are often used in a way that triggers a data transfer to the USA. This is the case when the fonts are integrated via a link that establishes a server connection to Google. The IP address of the user, i.e. the website visitor, is regularly transmitted to Google via this connection. However, this is not the case with our website, as we have only integrated Google Fonts locally on our website. Your data is therefore not passed on to Google. Accordingly, we do not require your consent to the use of Google Fonts.

 

 

IX. Rights of the affected person

If your personal data is processed, you are the affected within the meaning of the EU GDPR and have the following rights with regard to the responsible party:

 

 

1. Right to information

You can request confirmation from the responsible party as to whether personal data concerning you is being processed by us.

If such processing is taking place, you can request the following information from the responsible party:

(1)       The purposes for which the personal data is processed

(2)       The categories of personal data being processed

(3)       The recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed

(4)       The planned period for which the personal data concerning you will be stored, or, if specific information on this is not possible, the criteria used to determine that period

(5)       The existence of a right to rectification or deletion of personal data concerning you, a right to restriction of processing by the responsible party or a right to decline such processing

(6)       The existence of a right to lodge a complaint with a supervisory authority

(7)       All available information about the origin of the data if the personal data is not collected from the data subject

(8)       The existence of automated decision-making including profiling in accordance with Art. 22, para. 1 and 4 of the EU GDPR and - at least in these cases - meaningful information on the logic involved and the scope and intended effects of such processing for the data subject

 

You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards in accordance with Art. 46 of the EU GDPR in connection with the transfer.

 

 

2. Right to correction

You have a right to correction and/or completion regarding the responsible party if the processed personal data concerning you is incorrect or incomplete. The controller must carry out the correction without undue delay.

 

 

3. Right to restriction of processing

You may request the restriction of the processing of your personal data under the following conditions:

(1)       If you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data

(2)       If the processing is unlawful and you oppose the deletion of the personal data and request the restriction of the use of the personal data instead

(3)       If the responsible party no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims

(4)       If you have objected to processing in accordance with Art. 21, para. 1 of the EU GDPR pending the verification whether the legitimate grounds of the responsible party override your grounds.

 

If the processing of personal data concerning you has been restricted, this data - apart from its storage - may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

 

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the responsible party before the restriction is lifted.

 

 

4. Right to deletion

a. Obligation to delete

You have the right to obtain from the responsible party the deletion of personal data concerning you without undue delay and the responsible party shall have the obligation to delete personal data without undue delay where one of the following grounds applies:

The personal data concerning you is no longer required for the purposes for which they were collected or otherwise processed.

(2)       You revoke your consent on which the processing was based in accordance with Art. 6, para. 1, lit. a, or Art. 9, para. 2, lit. a of the EU GDPR and there is no other legal basis for the processing.

(3)       You object to the processing in accordance with Art. 21, para. 1 of the EU GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21, para. 2 of the EU GDPR.

(4)       The personal data concerning you has been processed unlawfully.

(5)       The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the responsible party is subject.

(6)       The personal data concerning you was collected in relation to information society services provided in accordance with Art. 8, para. 1 of the EU GDPR.

 

b. Information to third parties

If the responsible party has made the personal data concerning you public and is obliged in accordance with Art. 17, para. 1 of the EU GDPR to delete the personal data, the responsible party, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform responsible parties processing the personal data that you as the data subject have requested the deletion by such responsible party of any links to, or copy or replication of, that personal data.

 

c. Exceptions

The right to deletion does not apply if the processing is necessary

(1)       to exercise the right to freedom of expression and information

(2)       for compliance with a legal obligation which requires processing by Union or Member State law to which the responsible party is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the responsible party

(3)       for reasons of public interest in the area of public health in accordance with Art. 9, para. 2, lit. h and i, and Art. 9, para. 3 of the EU GDPR

(4)       for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89, para. 1 of the EU GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing

(5)       for the establishment, exercise or defense of legal claims

 

 

5. Right to information

If you have asserted the right to correction, deletion or restriction of processing against the responsible party, the responsible party is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this correction or deletion of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

 

You have the right to be informed of these recipients by the responsible party.

 

 

6. Right to data portability

You have the right to receive the personal data concerning you, which you have provided to the responsible party, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another responsible party without hindrance from the responsible party to which the personal data has been provided, if

 

(1)       the processing is based on consent in accordance with Art. 6, para. 1, lit. a of the EU GDPR or Art. 9, para. 2, lit. a of the EU GDPR or on a contract in accordance with Art. 6, para. 1, lit. b of the EU GDPR, and

(2)       the processing is carried out by automated means

 

In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one responsible party to another, where technically feasible. The freedoms and rights of other persons must not be affected by this.

 

The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the responsible party.

 

 

7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you based on Art. 6, para. 1, lit. e or f of the EU GDPR, including profiling based on those provisions.

 

The responsible party will no longer process the personal data concerning you unless the responsible party demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

 

If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing.

 

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

 

You have the option of exercising your right to object in connection with the use of information society services - notwithstanding Directive 2002/58/EC - by means of automated procedures that use technical specifications.

 

 

8. Right to withdraw the declaration of consent under data protection law

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

 

 

9. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement if you are of the opinion that the processing of personal data relating to you violates the GDPR.

 

Our data protection supervisory authority is the Bavarian State Office for Data Protection Supervision, P.O. Box 1349, 91504 Ansbach.