Transparency about data processing on social platforms Social media privacy policy

 

 

This is the English translation of our German social media privacy policy.
In the event of any discrepancies, the German version shall prevail.

I. Registration on social media platforms

On the social media platforms on which we present our company, it is possible for users to register by providing their personal data. The data is entered into an input mask and transmitted to the provider of the platform and stored. Registration on the respective social media platforms is voluntary on the part of the user. We would like to point out that each user uses our presence on social media platforms and their functions on their own responsibility. This applies in particular to the use of interactive functions, such as commenting, sharing or rating. When you visit our pages on social media platforms, the platform provider collects user information, such as the IP address, via the end device used by the user. Our company is not involved in the processing of personal data when using the interactive functions and during the registration process on the social media platforms. Information on the legal basis for data processing, purpose of data processing, duration of storage, requests for information, objection and removal options can be found in the data protection information of the respective platform providers.

For all other processing of personal data, joint responsibility applies in accordance with Art. 26 of the EU General Data Protection Regulation (EU GDPR). Please refer to points II to VI for the privacy policy relating to our company.

II Data protection declaration of the companies

1 Name and address of the controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is

FFT Produktionssysteme GmbH & Co KG
Industriepark Fulda-West
Schleyerstrasse 1
36041 Fulda
Germany

Phone: +49 661 2926-0
E-mail: info[at]fft.de

2 Name and address of the data protection officer

The data protection officer of the controller is

BerIsDa GmbH
Petersberger Straße 57a
36037 Fulda

Telefon: +49 661 29698090
E-Mail: datenschutz(at)berisda.de

III General information on data processing

1. scope of the processing of personal data

We only collect and use personal data of our users if this is provided by the user and is necessary for an interaction that is requested by us.

2 Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis for the processing of personal data.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.

3 Data erasure and storage duration

The personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

IV. Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller

1. right to information

You have the right to request information about your personal data that we process at any time within the scope of Art. 15 GDPR.

2. right to rectification and completion:

If your personal data is incorrect or incomplete, you have a right to rectification and completion within the scope of Art. 16 GDPR.

3. right to restriction of processing

If the legal requirements are met, you can request that the processing of your personal data be restricted in accordance with Art. 18 GDPR.

4. right to erasure

You can request the deletion of your personal data at any time within the scope of Art. 17 GDPR, unless we are legally obliged or entitled to continue processing your data.

5. right to data portability

If processing is carried out on the basis of your consent and using automated procedures, you have the right to transfer the data provided by you within the scope of Art. 20 GDPR, provided that this does not adversely affect the rights and freedoms of other persons.

6. right to object

You have the right to object to processing within the scope of Art. 21 GDPR if the data processing is carried out for the purpose of direct marketing or profiling. You can object to processing on the basis of a balancing of interests by stating reasons arising from your particular situation.

7. right to revoke the declaration of consent under data protection law

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

8. right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

V. E-mail contact

1. description and scope of data processing

On the social media pages we use and in our signatures, email addresses are provided that can be used to contact us. In this case, the user's personal data transmitted with the email will be stored.

The data will not be passed on to third parties in this context. The data is used exclusively for processing the conversation.

2 Legal basis for data processing

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the e-mail contact is aimed at the conclusion of a contract, the legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

3 Purpose of the data processing

The processing of personal data serves us solely to process the contact. Hence the necessary legitimate interest in processing the data.

4 Duration of storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

5. possibility of objection and removal

If a user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

All personal data stored in the course of contacting us will be deleted in this case.

VI Contact via a social media platform (contact form, chat)

On some of the social media platforms, it is possible to make contact internally via the service (e.g. via a contact form or chat). If a user makes use of this option, the data entered in the input mask will be processed in the systems of the respective service, transmitted to us and stored on the systems of the provider of the respective platform. The use of a social media platform to contact us is voluntary on the part of the user. The data protection regulations of the respective service apply in principle to the processing of personal data that takes place in the course of establishing contact via the systems of a social media platform.

1. description and scope of data processing

In order to process your request, it may be necessary for your personal data to be processed internally at FFT Produktionssysteme GmbH & Co. The following regulations apply to the internal processing of your message:

2 Legal basis for data processing

The legal basis for the processing of data for processing an inquiry from the user is Art. 6 para. 1 lit. f GDPR. If the contact is aimed at the conclusion of a contract, the legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

3 Purpose of the data processing

The internal processing of the personal data that we have received from the contact options of the social media platforms serves us solely to process the contact.

4 Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input screen of the contact form, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

5. possibility of objection and removal

If a user's personal data is processed internally to process the request, the user can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

In this case, all personal data stored internally within the company in the course of making contact will be deleted.

VII Facebook (a Meta product)

Name and address of the controller:

The joint controllers for the operation of this Facebook page within the meaning of the EU GDPR are:

Meta Platforms Ireland Limited (hereinafter "Facebook" or "Meta")
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Ireland

and

Our company (see II - 1.)

1. information about our Facebook page

We operate this page to draw attention to our services, jobs and products and to get in touch with you. Further information about us and our activities, companies, etc. can be found on our website.

As the operator of the Facebook page, we have no interest in the collection and further processing of your personal data for analysis or marketing purposes. The operation of this Facebook page, including the processing of users' personal data, is based on our legitimate interests in a contemporary and supportive information and interaction opportunity for and with our users and visitors in accordance with Art. 6 para. 1 lit. f GDPR.

2. processing of personal data by Meta

Meta Platforms, Inc is the US parent company of Meta Platforms Ireland Limited, so that a transfer of your personal data to a third country is not excluded. The transfer and further processing of users' personal data to third countries, such as the USA, and the associated potential risks for users cannot be ruled out by us as the operator of the site. In the USA, there is no level of data protection comparable to the requirements of the GDPR. Effective enforcement of your rights is probably not possible. It is also possible that government agencies may access the personal data provided without our or your knowledge.

Meta processes user data for the following purposes, among others Advertising (analysis, creation of personalized advertising), creation of user profiles and market research. Meta uses cookies, i.e. small text files that are stored on users' end devices, to store and further process this information. If the user has a Facebook profile and is logged in to it, the storage and analysis also takes place across devices.

If you have any questions about your rights vis-à-vis Facebook, please contact Facebook directly. Your general rights under the GDPR can be found in this privacy policy under point IV.

 

If requests for information are made to us as the site operator, we are obliged by the additional agreement with Meta to forward these requests - whether from private individuals or authorities - to Meta within 7 days. This also results from the above-mentioned Controller Addendum www.facebook.com/legal/terms/page_controller_addendum

If you no longer wish the data processing described here to take place in future, please remove the link between your user profile and our site by using the "I no longer like this page" function.

Meta's privacy policy contains further information on data processing https://www.facebook.com/about/privacy/ and here you will find opt-out options: https: //www.facebook.com/settings?tab=ads

3. statistical data (Insights)

Facebook "Insights" are statistical data of different categories that are available to us. These statistics are generated and provided by Facebook. As the operator of the site, we have no influence on the generation and presentation of this data. This function cannot be deactivated to prevent the generation and processing of data. Facebook provides us with the following data about our Facebook page for a selectable period of time: Total number of page views, "Like" information, page activity, post interactions, reach, video views, post reach, comments, shared content, replies, proportion of men and women, origin based on country and city, language, views and clicks in the store, clicks on route planners, clicks on telephone numbers, data on linked Facebook groups.

We use this available data to make our Facebook page more attractive to users (e.g. distribution by age and gender for an adapted approach, scheduling of our posts, visual optimization for end devices. In accordance with the Facebook terms of use, which every user has agreed to when creating a Facebook profile, we can identify the subscribers and fans of the page and view their profiles and other information shared by them.

VIII. Instagram (a product of Meta)

Name and address of the controller:

Within the meaning of the EU General Data Protection Regulation and other data protection regulations, the joint controllers for the operation of this Instagram page are

Meta Platforms Ireland Limited (hereinafter "Instagram" or "Meta")
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Ireland

And

Our company (see II - 1.)

1. information about our Instagram page

We operate this page to draw attention to our services, jobs and products and to get in touch with you. Further information about us and our activities, companies, etc. can be found on our website.

As the operator of the Instagram page, we have no interest in the collection and further processing of your personal data for analysis or marketing purposes. The operation of this Instagram page, including the processing of users' personal data, is based on our legitimate interests in a contemporary and supportive information and interaction opportunity for and with our users and visitors in accordance with Art. 6 para. 1 lit. f GDPR.

2. processing of personal data by Meta

Meta Platforms, Inc is the US parent company of Meta Platforms Ireland Limited, so that a transfer of your personal data to a third country is not excluded. The transfer and further processing of users' personal data to third countries, such as the USA, and the associated potential risks for users cannot be ruled out by us as the operator of the site. In the USA, there is no level of data protection comparable to the requirements of the GDPR. Effective enforcement of your rights is probably not possible. It is also possible that government agencies may access the personal data provided without our or your knowledge.

If you have any questions about your rights, please contact Meta directly. Your general rights under the GDPR can be found in this privacy policy under point IV.

Further information can be found in Meta's privacy policy at: https: //instagram.com/about/legal/privacy/

IX. XING

Name and address of the controller:

The joint controllers for the operation of this XING page within the meaning of the EU General Data Protection Regulation and other data protection regulations are

New Work SE (hereinafter "XING")
Dammtorstraße 30
20354 Hamburg
Germany

and

Our company (see II - 1.)

1. information about our use of XING

We operate this site to draw attention to our services, jobs and products and to get in touch with you. Further information about us and our activities, companies, etc. can be found on our website.

As the operator of the XING page, we have no interest in the collection and further processing of your personal data for analysis or marketing purposes.

The operation of this XING page, including the processing of users' personal data, is based on our legitimate interests in a contemporary and supportive information and interaction opportunity for and with our users and visitors in accordance with Art. 6 para. 1 lit. f GDPR.

2. processing of personal data by XING

If you are logged in to your XING account, you enable XING to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your XING account.

If you have any questions about your rights vis-à-vis XING, please contact XING directly. Your general rights under the GDPR can be found in this privacy policy under point IV.

Further information on the handling of user data can be found in XING's privacy policy at https://privacy.xing.com/de/ihre-privatsphaere

X. LinkedIn

Name and address of the controller:

Within the meaning of the EU General Data Protection Regulation and other data protection regulations, the joint controllers for the operation of this LinkedIn page are

LinkedIn Corporation, (hereinafter "LinkedIn")
2029 Stierlin Court,
Mountain View,
CA 94043, USA

And

Our company (see II. - 1.)

1. information about our use of LinkedIn

We operate this site to draw attention to our services, jobs and products and to get in touch with you. Further information about us and our activities, companies, etc. can be found on our website.

As the operator of the LinkedIn page, we have no interest in the collection and further processing of your personal data for analysis or marketing purposes.

The operation of this LinkedIn page, including the processing of users' personal data, is based on our legitimate interests in a contemporary and supportive information and interaction opportunity for and with our users and visitors in accordance with Art. 6 para. 1 lit. f GDPR.

2. processing of personal data by LinkedIn

LinkedIn Corporation is a company based in the USA, so that a transfer of your personal data to a third country is not excluded. The transfer and further processing of users' personal data to third countries, such as the USA, and the associated potential risks for users cannot be ruled out by us as the operator of the site. In the USA, there is no level of data protection comparable to the requirements of the GDPR. Effective enforcement of your rights is probably not possible. It is also possible that government agencies may access the personal data provided without our or your knowledge.

If you are logged into your LinkedIn account, you enable LinkedIn to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your LinkedIn account.

If you have any questions about your rights vis-à-vis LinkedIn, please contact LinkedIn directly. Your general rights under the GDPR can be found in this privacy policy under point IV.

Further information on the handling of user data can be found in LinkedIn's privacy policy at: https: //www.linkedin.com/legal/privacy-policy

XI. YouTube

Name and address of the controller:

Within the meaning of the EU General Data Protection Regulation and other data protection regulations, the joint controllers for the operation of this YouTube page are

YouTube, LLC, 901 Cherry Ave, (hereinafter "YouTube")
San Bruno,
CA 94066, USA

and

Our company (see II - 1.)

1. information about our use of YouTube

We operate this site to draw attention to our services, jobs and products and to get in touch with you. Further information about us and our activities, companies, etc. can be found on our website.

As the operator of the YouTube page, we have no interest in the collection and further processing of your personal data for analysis or marketing purposes. The operation of this YouTube page, including the processing of users' personal data, is based on our legitimate interests in a contemporary and supportive information and interaction opportunity for and with our users and visitors in accordance with Art. 6 para. 1 lit. f GDPR.

2. processing of personal data by YouTube

Google, LLC. is the US parent company of YouTube, LLC. so that a transfer of your personal data to a third country cannot be ruled out. The transfer and further processing of users' personal data to third countries, such as the USA, and the associated potential risks for users cannot be ruled out by us as the operator of the site. In the USA, there is no level of data protection comparable to the requirements of the GDPR. Effective enforcement of your rights is probably not possible. It is also possible that government agencies may access the personal data provided without our or your knowledge.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

If you have any questions about your rights, please contact YouTube directly. Your general rights under the GDPR can be found in this privacy policy under point IV.

Further information on the handling of user data can be found in YouTube's privacy policy at: https: //www.google.de/intl/de/policies/privacy