data protection

DATA PROTECTION DECLARATION

Status as of: August 2025

The GMT group is a leading international manufacturer of components and systems for vibration technology. Our customers in the markets of plant and mechanical engineering, rail vehicles, aviation, in the construction machinery sector and in the commercial vehicle industry value our customer-specific innovations and technological competence. GMT appreciates your visit to our website and your interest in our company and our products. The following provides you with information about the type and scope of personal data that we process

  • when using our Website,
  • when visiting our social media sites,
  • when using our contact form,
  • in context of Job applications,
  • in the recording and transcription of audio and video conferences, as well as
  • by third party providers used by us

 (hereinafter “Website”), for which purpose, the legal basis and your rights as a data subject.

 

A. General

1. General information

Further information on the processing of personal data by GMT beyond the operation of the website can be found in the supplement Data protection information for customers and suppliers according to GDPR, which we have also made available on our website.
 

2. Responsible party / Data Protection Officer

(1) Responsible party according to Art. 4 no. 7 EU Data Protection Basic Regulation (GDPR) is the

GMT Gummi-Metall-Technik GmbH
Liechtersmatten 5, D - 77815 Bühl
Phone +49 7223 804-0
Fax +49 7223 21075
info@gmt-gmbh.de

hereinafter referred to as "GMT", "we" or "us". Further information about the provider can be found in our legal notice.

(2) You can contact the company data protection officer as follows: datenschutzbeauftragter@gmt-gmbh.de datenschutzbeauftragter@gmt-gmbh.de, phone +49 7223 804 951 or via our postal address with the suffix “Data Protection Officer”.
 

3. Types of data processed, categories of data subjects

3.1 Type of data processed

  • Inventory data (e.g. customer master data, such as names, addresses)
  • Contact data (e.g. e-mail, telephone numbers)
  • Usage data (e.g. websites visited, interest in content, access times)
  • Meta/communication data (e.g. device information, IP addresses)
  • Contact request data
  • Application data
  • Data according to Section C. 3. (Teams)
  • Social media post

3.2 Categories of data subjects

  • Visitors and users of the website
  • Applicants
  • Customers, interested parties, suppliers
  • Participants in video conferences
  • People who post content on or follow our social media accounts
  • Other communication partners

(In the following, we also refer to the data subjects collectively as "users").
 

4. Purpose of processing

We use your personal data

  • for the provision of the website and the online offer, its functions and content
  • to process your inquiries as well as to inform you about the delivery status and possible problems with the delivery. Your personal data may also be processed for the handling of complaints or in case of warranty rights.
  • for responding to contact requests and communicating with users
  • for processing applications
  • for the assertion, enforcement, exercise or defense of and against legal claim(s) and legal dispute(s), as well as for the detection, investigation and prevention of criminal offences
  • for security measures
  • for the purpose of direct marketing, e.g. in the form of an e-mail newsletter or postal advertising
  • for the purpose of application in our company (cf. A. 8)
     

5. Provision of the website and log files

(1) When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser automatically transmits to our server. Exceptions apply if we use web analytics services to evaluate user behavior (see sections B. Web analytics services and C. Data processing by third-party providers). If you view our website, we collect the following data, which are technically necessary for us to display our website to you and to guarantee stability and security (legal basis is Art. 6 Para. 1 S. 1 lit. f) GDPR):

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access Status/HTTP Status Code
  • The amount of data transferred in each case
  • Website from which the request originates
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.

(2) The IP addresses of the users are deleted or made anonymous after the end of use. In the case of anonymization, the IP addresses are modified in such a way that the individual information about personal or factual circumstances can no longer be assigned to a specific or identifiable natural person, or only with a disproportionately large expenditure of time, cost and manpower.

(3) We evaluate these log file data records in anonymized form in order to further improve our offer and make it more user-friendly, to find and fix errors more quickly and to control server capacities.
 

6. Cookies

(1) In addition to the aforementioned log file data, cookies are stored on your computer when you use our website. Cookies are small text files assigned to the browser you are using and stored on your hard drive. They allow the entity that sets the cookie (in this case, us) to receive certain information. Cookies cannot execute programs or transfer viruses to your computer. They serve to make the internet offer more user-friendly and effective overall.

(2) Use of cookies:

a) This website uses the following types of cookies, the scope and functionality of which are explained below:

  • Session cookies (for this purpose b).
  • Persistent cookies (for this purpose c).

b) Session cookies store a so-called session ID, which allows various requests from your browser to be assigned to a single session. Session cookies are automatically deleted when you log out or close your browser. If you restart your browser and go back to the website, the website will not recognize you. You will have to log in again (if a login is required) or you will have to set templates and preferences again if the website offers these features. Then a new session cookie will begenerated, which stores your information and remains active until you leave the website again and close your browser.

c) Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

(3) For what purposes do we use cookies?

When you visit our website, the country and language selection determined or selected by you is stored in cookies to avoid you having to make the selection again on subsequent visits. Beforehand, we check whether your browser supports cookies, and this information is stored in another cookie. Subsequently, you will be shown country- and language-specific localized contact information, which will also be stored. The legal basis for this is Art. 6 para. 1 p.1 lit. f) GDPR.

Summery

Technically necessary cookies

Technically necessary cookies enable the use of our website by providing basic functions such as page navigation and access to secure areas of the website. Visiting our website cannot function properly without these cookies.

Session cookies - are deleted after 1 hour when the browser is closed.

Performance (e.g. browser of the user) and preferences

When using our website, cookies are used (e.g. to recognize the browser) to improve performance (e.g. faster loading of content). When you visit our website, the country and language selection determined or selected by you is stored in cookies to avoid you having to make the selection again on subsequent visits. Beforehand, we check whether your browser supports cookies and this information is stored in another cookie. Subsequently, you will be shown country- and language-specific localized contact information, which will also be stored. The legal basis for this is Art. 6 para. 1 p.1 lit. f) GDPR.

Session cookies - are deleted after 1 hour when the browser is closed.

Analytics cookies (statistics)

We use third-party analytics cookies to understand how visitors use our site. This helps us to improve the quality and content of our site. The aggregated statistical information includes data such as the total number of visitors. For example, we learn how often and in what order the individual pages were accessed and how much time visitors spend on our pages on average. We also learn whether users have visited our website at an earlier point in time. The legal basis for this is our legitimate interests, as well as your consent, insofar as we ask for your consent to processing. For further information, see Section B. Web analytics services.

Persistent cookies – remain on your computer but are automatically deleted after 26 months if the website has not been visited, unless shorter periods apply in individual cases. You can delete cookies manually at any time.

(4) Control over cookies

You can configure your browser settings according to your preferences and, for example, control or reject the acceptance of third-party cookies or all cookies as you wish. You can delete existing cookies via the browser settings. We would like to point out that you may then not be able to use all functions of this website.
 

7. Contact form and e-mail contact

(1) A contact form is available on our website which can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and stored. These data are:

  • Title
  • First name *
  • Surname *
  • Company
  • Street/No. *
  • Postcode *
  • Town/City *
  • Country *
  • Telephone
  • E-mail *
  • Reason of the request
  • Your message (free text field)

* The fields marked with an asterisk are required.

At the time of sending the following data will also be stored:

  • User IP address
  • Declaration of consent
  • Date and time when the form was sent

(2) Your consent is obtained for the processing of the data within the scope of the sending process and reference is made to this data protection declaration. Alternatively, you can contact us via the e-mail address provided. In this case, the user's personal data transmitted by e-mail will be stored.

(3) Provided that the user has given their consent, the legal basis for the processing of data is Art. 6 para. 1 lit. a) GPDR. The legal basis processing data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f) GDPR. If the e-mail contact aims at the conclusion of a contract, then the additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR.

(4) The processing of the personal data from the input mask solely serves to address the establishment of contact. In the event of contact via e-mail, this also constitutes the necessary legitimate interest in  processing the data.

(5) The data will be deleted as soon as it is no longer required to achieve the objective for which it was collected. For personal data from the input mask of the contact form and data sent via e-mail, this is the case when the respective conversation with the user is has ended. The conversation is considered ended when it can be inferred from the circumstances that the matters in question have been conclusively clarified. 
 

8. Job description (career by GMT)

(1) We advertise vacancies on our website. To process your online application, we collect, process and use your personal data. The legal basis is Art. 6 para. 1 p.1 lit. b) GDPR. Your online application data will be transmitted by e-mail directly to the HR managers of the management. The application data you enter via the application form on our website will be transmitted to our external service provider BITE, who will inform the responsible persons and authorized recipients at GMT of the receipt of the application. Appropriate technical and organizational measures ensure that your personal data is handled confidentially within the legal provisions.

(2) BITE is a cloud-based application process solution that supports us in managing job applications, reviewing and evaluating application files, and communicating with applicants. We have concluded an agreement with BITE about order processing in accordance with Art. 28 GDPR.

(3) The third-party provider is BITE GmbH, Magirus-Deutz-Straße 12, 89077 Ulm, Germany. Information on data protection can be found at the following link: www.b-ite.de/legal-notice.html

(4) What data is processed?

a) Data in accordance with sections 3, 4, 5, and 6 of this data protection declaration

b) Application documents, in particular:

  • Data about the content of former/current employment relationships, e.g., job responsibilities, performance data, positions held. (This data may be derived from your cover letter/resume/attached job references).
  • In addition, we collect and process various other information in applications, such as earliest start date, regional mobility, desired number of hours and duration of employment, previous employment, additional qualifications, references, or information about how you became aware of the position.
  • Additional voluntary information such as data on non-work interests: hobbies, volunteer work
  • Other data that you voluntarily provide to us during the application process by uploading it or sending it to us in other ways, such as in your cover letter, resume, or references, passport photo

(5) Please note that the transmission of data by e-mail is not encrypted and that the data may be read or falsified by unauthorized persons. You are welcome to send us your documents by mail. If you have applied for a specific position and this position has already been filled, or if we consider you to be equally or even more suitable for another position, we would be happy to forward your application within our company. The legal basis for this is Art. 6 para. 1  lit. f) GDPR to protec. your and our legitimate interests. Please inform us if you do not agree with this procedure.

(6) Your personal data will be automatically deleted after the completion of the application process, or after 6 months at the latest, unless you expressly consent to its storage for a longer period.
 

9. Automated decision making, profiling

For the establishment and implementation of the business relationship, we generally do not use fully automated decision findings according to Art. 22 DSGVO. GMT does not use profiling.
 

10. Disclosure to third parties

(1) In the context of hosting our website, your data processed by us will be processed on the basis of an order processing agreement.

(2) In the case of the use of web analytics services and third-party providers, the data will be transmitted to the extent described herein, see section B and C.
 

11. Storage period

We process and store your personal data as long as it is necessary for the fulfillment of our contractual and legal obligations. We delete your personal data as soon as it is no longer required for the above-mentioned purposes. Personal data may be retained for the period during which claims can be asserted against our companies (statutory limitation periods of three or up to thirty years). Corresponding obligations to provide proof and to retain data result from commercial, tax and social security regulations. Operational data containing personal data (e.g., system protocols, logs) is automatically deleted 90 days after creation. Cookies are deleted as described in Section 6.

 

B. Web analytics services

Google Analytics

(1) This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the behavior of website visitors to be analyzed. The website operator receives various usage data, such as page views, length of stay, operating systems used, and the origin of the user. This data is summarized in a user ID and assigned to the respective end device of the website visitor.

Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modeling approaches to supplement the data sets collected and employs machine learning technologies in data analysis. Google Analytics uses technologies that enable user recognition for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.

(2) Legal basis

The use of this service is based on your consent pursuant to Art. 6 para 1 lit. a) GDPR and § 25 para 1 TDDA (Telecommunications Digital Services Data Protection Act). Consent can be revoked at any time.

(3) Data transfer to third countries

Data transfer to the USA is based on the Standard Contractual Clauses (SCC) of the EU Commission. Details can be found here: privacy.google.com/businesses/controllerterms/mccs/.

Google is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information is available from the provider at the following link: https://www.dataprivacyframe-work.gov/participant/5780.

(4) IP anonymization

Google Analytics’ IP anonymization is activated. This means that your IP address will be shortened by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

(5) Browser plugin

You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available at the following link: tools.google.com/dlpage/gaoptout. For more information on how Google Analytics handles user data, please refer to Google's privacy policy: support.google.com/ana-lytics/answer/6004245.

(6) Order processing

We have entered into an order processing agreement with Google and fully implement the requirements of the German data protection authorities when using Google Analytics.

 

C. Third-party Processing

1. Cookiebot

(1)This website uses Cookiebot. The Cookiebot Consent Management Platform (CMP) provides transparency and control over all cookies and similar tracking on our website. By means of the CMP, users can customize their consent. The plug-and-play solution for data privacy compliance is based on scanning technology that detects and controls all cookies and trackers on a website and automatically manages end-user consents.

(2)Third Party Provider Information: Cookiebot CMP is a cloud service of the e-privacy company Usercentrics, Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, Tel: + 49 89 21 54 01 20, Email: contact@usercentrics.com

(3)

Information on the processing of your personal data by Cookiebot can be found here: www.cookiebot.com/de/privacy-policy/. The Cookie Statement can be found here: www.cookiebot.com/de/cookie-declaration/


 

2. Google Web Fonts

(1) This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

(2) The web fonts are installed on our web server and are provided there when the website is called up. A data transfer to Google does not take place.
 

3. MS Teams

(1) When you are invited to an MS Teams meeting initiated by GMT, you will be informed that the meeting may be recorded and automatically transcribed. By participating in the meeting, you agree that your camera image and your comments, including chat messages and emoji reactions, will be recorded in audio and video. The recording will be clearly marked. If you do not agree to this, you can disable your camera and/or microphone at any time. Depending on the settings you have selected, no video or audio recordings will be made of you and therefore no transcription will be made.

(2) Personal data

When an MS Teams meeting is recorded or transcribed, we process the personal data of the individuals participating in that meeting. This may include the following individuals:

  • Employees
  • Employees of affiliated companies
  • Customers, suppliers, business partners
  • Other external participants

The personal data processed in an MS Teams recording or transcription relates to the persons who participate in the meeting through their presence.

(3) Data categories

  • When using MS Teams or M365, various types of data are processed. The scope of the data depends on the information you provide in an “online meeting.” This includes the following data: User: first name, last name, telephone number (optional), email address, password (if “single sign-on” is not used), profile picture (optional), department (optional), language
  • Online metadata: topic, description (optional), IP addresses of participants, device/hardware information. For recordings (optional): MP4 file of all video, audio, and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat. Dial-in by phone: Information about the incoming and outgoing phone number, country name, start and end time. If necessary, additional connection data such as the IP address of the device may be stored.
  • Text, audio, and video data: When using the chat, question, or survey functions, as well as other functions for uploading and downloading files such as image, audio, video, or office data, the data you provide will be processed in order to display it in the “online meeting” and make it available to other participants during or after the meeting and, if necessary, to log it. During the meeting, the data is processed via the microphone or video camera of your device. You can switch off or mute the camera or microphone at any time via the MS Teams application itself.

(4) Legal basis

The legal basis for each MS Teams recording and transcription depends on the type of meeting recorded and the reason for the recording.

  • If we conduct online meetings with our business partners via MS Teams as part of the performance of a contract, the legal basis for data processing is Art. 6 para 1 lit. b) GDPR.
  • If personal data of GMT employees is processed, Art. 6 para 1 lit. b) GDPR is the legal basis for data processing, provided that the processing is necessary for the performance of the employment relationship.
  • Insofar as personal data is not necessary for the performance of the contract with business partners or for the performance of the employment relationship, Art. 6 para 1 lit. f) GDPR (our legitimate interests) justifies the data processing. We have a legitimate interest in the use of modern means of communication, which also includes the transmission of audiovisual content.  In the interests of our employees and business partners, we have implemented MS Teams in accordance with data protection regulations and refrain from collecting and storing unnecessary data.
  • Insofar as the processing of data is based on your consent (in particular in connection with the recording of online meetings described above), Art. 6 para 1 lit. a) GDPR is the relevant legal basis.

(5) Recipients: The GMT meeting organizer can choose who has access to the recording and minutes of the meeting.

  • Everyone: Anyone who has the meeting link or has been invited to the meeting has access.
  • Organizer and co-organizers: Only the people who organized the meeting have access.
  • Specific individuals: In addition to the organizer(s), we can select specific individuals who have access to all meeting content.
     

D. Social Media

1. You Tube

(1) We have integrated YouTube videos into our online offer, which are stored on www.youtube.com and can be played directly from our website. These are all integrated in "extended data protection mode", i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos, the data mentioned in section A. 3 are transmitted. We have no influence on this data transmission.

(2) By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned in section A. 5 (Provision of the web page and log files) of this declaration are transmitted. This occurs regardless of whether you have a YouTube user account and are logged in or not. If you are logged into Google, your data will be directly assigned to your account. If you do not want the assignment with your YouTube profile, you must log out before playing the video. YouTube stores your data as usage profiles and uses them for purposes of advertising, market research and/ or needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) for the provision of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

(3) YouTube is a subsidiary of Google: Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. For more information on the purpose and scope of data collection and processing by YouTube, please refer to the privacy policy. There you will also find further information on your rights and setting options to protect your privacy: https://policies.google.com/privacy?hl=en.

2. LinkedIn

We operate a company profile on the online platform of the social network LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”), where personal data is processed.

(1) Joint responsibility

Together with LinkedIn, we are jointly responsible for data processing in connection with our company profile, in particular in connection with the “Page Insights” function in accordance with the provisions of Art. 4 No. 7 GDPR. When you visit our company profile, personal data is processed by LinkedIn and us as controllers. With this data protection information, we would like to inform you about the extent to which your personal data (hereinafter referred to as data) is processed by us.

(2) LinkedIn Terms of Use

The use of our company profile is governed by LinkedIn‘s terms of use, in particular the “Page Insights Joint Controller Addendum” from LinkedIn. These terms of use (including the other terms and guidelines listed therein) are solely authoritative. The “Page Insights Joint Controller Addendum” can be accessed at: https://legal.linkedin.com/pages-joint-controller-addendum. LinkedIn's privacy policy can be found at: https://www.linkedin.com/le-gal/privacy-policy.

(3) What data does LinkedIn process?

LinkedIn does not store any personal data simply by integrating the social plug-ins. LinkedIn refers to this data generated by plug-ins as passive impressions. However, if you click on a social plug-in, for example to share our content, the platform stores personal data as so-called “active impressions.” This happens regardless of whether you have a LinkedIn account or not. If you are logged in, the data collected will be assigned to your account. Your browser establishes a direct connection to LinkedIn's servers when you interact with our plug-ins. The company logs various usage data. In addition to your IP address, this may include login data, device information, or information about your internet or mobile service provider. If you access LinkedIn services via your smartphone, your location can also be determined (after you have given your consent). LinkedIn may also pass on this data in “hashed” form to third-party advertisers. Hashing means that a data record is converted into a string of characters. This allows the data to be encrypted in such a way that individuals can no longer be identified.

(4) Legal basis

If you have consented to your data being processed and stored by integrated social media elements, this consent serves as the legal basis for data processing (Art. 6 para 1 lit. a) GDPR). Generally, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para 1 lit. (f) GDPR) in fast and effective communication with you or other customers and business partners. However, we only use the integrated social media elements if you have given your consent.

(5) Data transfer to third countries

LinkedIn also processes your data in the USA, among other places. LinkedIn is an active participant in the EU-US Data Privacy Framework (DPF), which regulates the correct and secure transfer of personal data from EU citizens to the USA.

In addition, LinkedIn uses so-called Standard Contractual Clauses (Art. 46 para 2 and 3 GDPR). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even when it is transferred to third countries (such as the USA) and stored there. Through the EU-US Data Privacy Framework (DPF) and the Standard Contractual Clauses (SCC), LinkedIn undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed, and managed in the USA.

 

E. Links to other Websites 

(1) Our website may contain links to websites operated by third parties that are not covered by this privacy policy. These third-party websites have their own privacy policies and may also use cookies or other tracking technologies. The respective operator or the person named as responsible for the corresponding website is responsible.

(2) We check links to external websites before linking to them. However, we have no control over whether their operators comply with data protection regulations. If we become aware of any violations or infringements, we will remove the concerned links immediately.

 

F. Your rights

If your personal data is processed, you are considered a data subject within the meaning of GDPR and you have the following rights against us as the responsible party:

1. Rights according to Art. 15 ff. GDPR

(1) The data subject has the right to obtain confirmation from the controller as to whether the personal data in question is being processed. If this is the case, the data subject has the right to receive information about this personal data and the information specified in Art. 15 GDPR. Under certain conditions, you have the right to rectification according to Art. 16 GDPR, the right to restriction of processing according to Art. 18 GDPR and the right to erasure (“Right to be forgotten”) according to Art. 17 GDPR.  In addition, you have the right to receive the data provided by you in a structured, commonly used and machine-readable format (right to data portability) in accordance with Art. 20 GDPR, provided that the processing is carried out using automated means and is based on consent pursuant to Art. 6 para. 1 lit. a) or Art. 9 para. 2 lit a) or on a contract pursuant to Art. 6 para. 1 lit. b) GDPR. The restrictions according to §§ 34 and 35 Federal Data Protection Act (Bundesdatenschutzgesetz) apply to the right of information and the right of erasure.

(2) You can revoke your consent to the processing of personal data at any time. Please note that the revocation will only take effect in the future. Processing that took place before the revocation is not affected by this.

2. Right of complaint

You have the right to lodge a complaint with us or a supervisory authority, particularly in the Member State of your residence, place of work, or the place of the alleged infringement (Art. 77 GDPR in conjunction with § 19 Federal Data Protection Act).

3. Right to object under Art. 21 GDPR

In addition to the above rights, you have the right to object as follows:

(1) Right to object in individual cases

You have the right to object at any time for reasons arising from your particular situation to the processing of personal data concerning you, which is based on Article 6 para. 1 lit. e) GDPR (data processing in the public interest) and Article 6 para. 1 lit. f) GDPR (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Article 4 para. 4 GDPR.

If you object, we will no longer process your personal data, unless we can prove compelling reasons worthy of protection for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

(2) Right to object to the processing of data for marketing purposes

In individual cases, we may process your personal data for direct marketing purposes. You have the right to object at any time to the processing of your personal data for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing. If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes.

The objection can be sent form-free to the contact indicated under section A. 2 of this data protection declaration.

 

G. Final provision

1. Security

We have implemented technical and organizational security measures in accordance with Art. 24 and 32 GDPR to protect your personal data against loss, destruction, manipulation, and unauthorized access. All our employees and all third parties involved in data processing are obliged to comply with the requirements of the GDPR and to treat personal data confidentially.

2. Changes to our privacy policy

We reserve the right to change our security and data protection measures if required  due to technical developments or legal changes. In such cases, we will also update our privacy policy accordingly. Please  refer to the latest version of our privacy policy.