Data Protection (Privacy) Policy for openhouse.durr.com
At Dürr Systems AG (“Dürr”, “we”, “us”) the protection of your personal data is very important. In this Data Protection (Privacy) Policy, we explain to you how we handle your personal data in connection with your use of events.durr.com (our “Event Website”, or “Website”), as well as the rights you have in this regard.
1. Who is your contact (“data controller”) for processing?
The data controller responsible for data processing in connection with this website is:
Dürr Systems Aktiengesellschaft
Carl-Benz-Straße 34
74321 Bietigheim-Bissingen, Germany
Telephone +49 71 42 78 0
Fax +49 71 42 78 17 16
If your event is not organized by Dürr Systems AG, but rather by another Dürr Group company (the organizer is evident from the invitation email or event announcement on this website), Dürr Systems AG and the respective Group company (also referred to as the “Organizer”) act as joint controllers. You can find the names of contacts, as well as their contact information, here.
Internally we have divided up the joint controller roles as follows: Data subjects can approach both joint controllers to exercise their rights as data subjects (see Section 6, below). The organizer is responsible for the use of the contact information. Dürr Systems AG is the controller responsible for the information obligations deriving from Art. 13(f) GDPR. Within their scope of operations, both joint controllers are responsible for fulfilling the required reporting duties and maintaining documentation; imposing confidentiality obligations on employees; and explaining employees’ obligations under data protection law to them; as well as ensuring technical and organizational security with regard to the data processing.
Alternatively, you can also contact our data protection officer, whom you can reach by email at dataprotection@durr.com, for all questions and issues relating to data protection.
You can find more information about our data processing in our general Data Protection (Privacy) Policy at https://www.durr.com/en/data-protection, however if there is conflicting information, the information in this Data Protection (Privacy) Policy for Events.durr.com takes precedence over the general Policy, insofar as our event website is concerned.
2. What personal data are collected and stored, and for what purposes?
On our Event Website, we organize digital networking events, product launches, presentations, discussion panels, meetings and other events in which visitors to our website can participate (“Events”). As with any website, we process personal data in this connection, i.e., information that refers to an identified or identifiable natural person (“Data Subject”), such as their name, address, telephone number, date of birth and IP address (“Data”).
Below you will find a concrete description of the data we use in connection with our Event Website, the purposes for which they are used and the legal basis upon which the use occurs.
a) Visiting the website
When using our website, the following data is collected, with such storage serving exclusively internal, system-related and statistical purposes:
- Information on the type and version of the browser used,
- The IP address of the user,
- Date and time of access,
- Region, language
- Websites accessed by the user’s system via our website.
The data are likewise stored in the log files of our systems. These data are not stored with other personal data belonging to the user.
The legal basis for temporary storage of the data and log files is constituted by Art. 6(1)(f) of the General Data Protection Regulation (GDPR), our legitimate interests as set out below and also the purposes of:
- enabling delivery of the website to the user’s computer,
- ensuring the functionality of the website,
- optimizing the website, and
- ensuring the security of our information technology (IT) systems.
The data are erased as soon as they are no longer necessary to achieve the purpose of their collection. In the case of data collected to make the website available, these data are erased once the relevant session has come to an end, however within seven days at the latest. In cases where data are stored in log files, the IP addresses of the users are erased or pseudonymized so that any association reflecting the identity of the calling user is no longer possible.
b) Login, Registration
(1) HubSpot:
In connection with our Event website, we use customer management, content management and marketing services provided by the service provider HubSpot Ireland Limited, 2nd Floor, 30 North Wall Quay, Dublin 1, Ireland (“HubSpot”).
(2) Microsoft:
We also use cloud services for contact management and in order to provide a simple solution for registration and login to all of our events (“single sign-on”) provided by Microsoft Ireland Operations Limited, 70 Sir Rogerson's Quay, Dublin 2, Ireland (“Microsoft”).
We use the services of both service providers as follows: For certain content on our Event Website (e.g. participating in an event, download center), we offer you the option of logging on with a user name and password. Registration for these services takes place either after personal contact with our employees or after registration on our website using the registration form, with access subsequently being granted by one of our employees. The registration form is used to collect the following data, in particular:
- First and last name, salutation
- Company name
- Position in the company
- Email address
- As applicable, other information you provide voluntarily, such as a photo, which you can upload, or your areas of interest.
These data are stored on HubSpot servers and can be transferred to HubSpot affiliates, including HubSpot Inc., in the USA. The same applies to Microsoft and affiliates of Microsoft (see details on Microsoft below, in Section 2 d). This transfer is on the basis of the standard contractual clauses published by the EU Commission. Please carefully read HubSpot’s privacy policy at https://legal.hubspot.com/privacy-policy for more information on data processing by HubSpot. During registration, we expressly refer you to this transmission and the increased risk to your data associated with this, and obtain your consent for this purpose (Art. 6(1)(a) GDPR), which you can revoke at any time with effect from that time onward. Please note that participation/registration is not currently possible without this consent.
Moreover, the legal basis for the processing of the data that you provide to us during registration is Art. 6(1)(b) GDPR for executed contractual acts or without a contract, Art. 6(1)(f) GDPR, our legitimate interest covered by the purpose of providing you the information you requested and of holding the event in which you are interested and for which you have registered. Participation without registration is not possible, including for the reason that under some circumstances, we provide confidential and internal company information via our website. We must ensure that this information is only accessed by authorized parties.
The data are erased as soon as they are no longer necessary to achieve the purpose of their collection. For example, when the data are no longer required for the execution of the contract. Even after concluding the agreement, it may be necessary to store personal data of the contracting partner in order to comply with contractual or statutory obligations.
As a user, you may cancel the registration at any time. You can have your stored data modified at any time. Simply email us at info@durr.com.
If the data are necessary for performance under an agreement or the execution of pre-contractual measures, premature erasure of the data is only possible if not precluded by contractual or statutory obligations.
c) Contact options, chat functionWe offer you various contact options, e.g. contact via the email addresses provided, a chat function and a contact form for certain functions of our website (e.g. inquiries from customers, visitors or the press).
We use the services of HubSpot in this connection as well (see 2.b), above. The data transmitted via the contact form or chat function, and the fact of its use, and the user’s data transmitted in the email are stored. This includes the participants in the chat, the time and content of the messages, as well as the specific users and the specific forms they used. HubSpot evaluates this information in aggregate form against the total number of uses of the respective form.
We use your data solely to process your request and can contact you for this purpose using the contact data provided. The legal basis for processing data that are transmitted in the course of contacting us is Art. 6 (1)(f) GDPR, our legitimate interest in responding to the inquiry. If the aim of making contact is to enter into an agreement, then the legal basis for processing is Art. 6 (1)(b) GDPR.
The data are erased as soon as they are no longer necessary to achieve the purpose of their collection. The personal data that you have sent to us for the purpose of making contact will be erased once the relevant conversation with you has come to an end. The conversation is deemed to end when, based on the circumstances, it can be presumed that the matter in question has been conclusively resolved. We generally store the written transcript of the chat for a period of four weeks after the chat occurred, unless separate erasure from the conference recording is not possible. However, under some circumstances, we are entitled and, as the case may be, obligated, to store the data for longer, e.g. due to a statutory documentation obligation.
d) Video and audio chats, and video conferences (e.g. webinars or presentations)As a registered and logged-in user of our website on the basis of Art. 6 (1)(b) GDPR, you can visit dedicated chatrooms for your event on our website, where you can speak with our employees, the moderators and other guests. Additionally, on our website we offer the option of participating in video conferences of various types (e.g. webinars, presentations, panel discussions, networking events).
(1) Microsoft:
In this regard, we work with a third-party provider depending on the format and technology, such as Microsoft and its “Teams” video conference service. In this regard, we refer to the following: Microsoft processes personal data of the visitors to the events we organize using Microsoft Teams and does so generally as our contract data processor (we remain responsible for the processing). However, Microsoft also processes some data (e.g. data generated by cookies for measuring the use of the services or other telemetry data) for its own business purposes (e.g. settlement and account management, for internal reporting and business modeling of Microsoft (e.g. forecasts, revenue, capacity planning, product strategy), combating fraud, improving core functionality). This applies regardless of whether you yourself have a Microsoft user account or whether you are logged in or not. Microsoft is a subsidiary of Microsoft Corporation in the USA. To this extent, it is possible that your data may be transmitted to a computing center in the USA. The transmission is secured with standard contractual clauses published by the EU Commission and by additional assurances made by Microsoft to the users. We refer to the general Microsoft Privacy Policy. We base our use of services such as Teams and the processing of the provider associated with this for its own limited purposes on Art. 6(1)(f) GDPR, our legitimate interest in holding the events in digital form.
(2) b&b Digital GmbH:
To broadcast an event via streaming video, we use the service provided by b&b Digital GmbH (“b&b”). b&b processes personal data of the visitors to the events in which we use the streaming service of b&b as our contract data processor (we remain responsible for the processing). b&b collects personal data as follows: Login and log-out are stored with the time stamp, name and IP address. Additionally, the streams may be recorded (see “Recordings”). We base our use of the streaming service of b&b and the processing associated with this on Art. 6(1)(f) GDPR, our legitimate interest in holding the events in digital form.
(3) Sli.do:
We use the chat function of the service provider sli.do s. r. o., Vajnorská 100/A, 831 04 Bratislava, Slovakia (“slido”), which is part of the Cisco Systems Inc. Group and which, as our contract data processor, processes personal data of the participants (e.g. name, email, company) as well as data shared by the participants with other participants via the service (e.g. questions, ideas, chat messages). We base our use of the service of slido and the processing associated with this on Art. 6(1)(f) GDPR, our legitimate interest in communicating with the participants while holding the events in digital form. Insofar as slido transmits the data to third countries, this transmission is based on standard contractual clauses.
Recordings:
In individual cases, a recording may be made of the chat, your participation or your spoken message. By switching on your camera or your microphone and participating in our event, you consent (Art. 6(1)(a) GDPR) to the recording of your image and/or your voice. If you do not want your voice or image to be recorded, you can revoke your consent at any time by switching off your camera and/or your microphone. Please note that a revocation does not reverse the lawfulness of any processing that had already occurred. Even if you switch off your microphone and/or your camera, it is possible to ask questions in writing, either during the event or afterwards. We store the chats for a period of four weeks after they were recorded, unless separate erasure from the conference recording is not possible, e.g. because you asked a question during a conference and your spoken message was recorded along with the conference. Depending on the event, we keep the recording of the event accessible on the internet for as long as we deem reasonable. However, under some circumstances, we are entitled and, as the case may be, obligated, to store the data for longer, e.g. due to a statutory documentation obligation.
e) Advertising messages (e.g. email newsletters, invitations)
You can register on our website for advertising messages (e.g. newsletters) to provide you with more detailed information about our offering or to invite you to future events. Your consent, including for the evaluation of your user behavior in relation to the newsletter (e.g. when you open the newsletter), is obtained during the registration process for the advertising messages specified below. The legal basis for the processing of the data after you register for these services is the consent you have granted, which can be revoked at any time with effect from that time onward Art. 6 (1) (a) GDPR.
The purpose of collecting your email address is to supply the information services to you. The collection of other data as part of the registration process serves to prevent misuse of the services or of the email address used.
The data are erased as soon as they are no longer necessary to achieve the purpose of their collection. Your email address will be stored as long as the subscription to the information service is active. You can cancel your subscription to the services at any time. To this end, each newsletter contains a corresponding notice. You can revoke your consent by this means as well.
(1) Corporate information and financial reports of Dürr AG
We offer you the opportunity to receive corporate information and financial reports via our ordering service.
In order to send email messages to our customers, we use the advertising service of the provider EQS Group, Karlstr. 47, 80333 Munich, Germany (“EQS”). The data mentioned below are processed by EQS on our behalf and stored for this purpose on the servers of EQS in Germany. EQS uses your data solely to send the advertising messages.
In the process, the data collected from the input screen are transmitted to us during registration.
- Company
- Department
- Position in the company
- First name and surname
- Address
- Email address
- Telephone number (optional)
- Fax number (optional)
- Mobile phone number (optional)
(2) Online publications of the DÜRR Group
It is also possible to receive information about online publications of the Dürr Group via our newsletter. The data collected from the input screen are transferred to us during the registration process.
We use the advertising email service Salesforce Pardot to send newsletters to our customers and to evaluate them (for details of Salesforce, see section 2.2 c)). The data referred to below are processed by Salesforce on our behalf. This involves the data being transferred to the USA. Salesforce has issued binding corporate rules (available at https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/misc/Salesforce-Processor-BCR.pdf), which ensure that the data are transferred securely. For information on third-country transfers, please refer to section 1.5.
The following data are processed in this context:
- Email address
- Company (optional)
- Salutation and title (optional)
- First and last name (optional)
- Street address (optional)
The newsletters sent on our behalf by Salesforce contain a tracking pixel that transfers information to Salesforce when you open the newsletter. We then download this information from the Salesforce servers to generate statistical analyses and to evaluate the success of our newsletter campaigns. The data that are collected are also used to send you information that corresponds to your specific interests.
This information allows us to determine whether the newsletters are opened, when they are opened, and which links within the newsletter are clicked on. We use the analyses primarily to identify the degree of interest in specific topics and to measure the effectiveness of our communication measures. We collect your data only after you have subscribed to the service and have specifically consented to your data being collected and stored for this purpose. In this case, the legal basis for the processing of your data is the consent you have given in accordance with Art. 6(1)(a) GDPR.
Withdrawal of consent
You can withdraw your consent to newsletter tracking at any time by clicking on the corresponding link in each newsletter or by sending an email to info[at]durr.com.
(3) Future invitations
If you also want to be invited to our events in the future, you can register for the corresponding information service, which is also provided by our service provider HubSpot (for details, see Section 2.b) regarding HubSpot).
HubSpot Tracking
The invitation emails sent by HubSpot on our behalf contain a tracking pixel, which transmits information to HubSpot when you open the email. We receive this information from HubSpot servers in order to generate statistical analyses to measure the success of our invitations and to check whether you were invited, when you register for a future event. The tracking pixel in the emails is used to track whether the email or a link therein was opened and also, in some cases, for how long. If an email is sent to multiple recipients, it is not possible to know who opened the email/link, but rather, only that the email or link was opened by one of the addressees. This information is also used to perform anonymized analyses, statistics or evaluations.
4. Cookies
We use cookies on our website. Cookies are small amounts of data in the form of text information that the web server sends to your browser. These cookies are only stored on your hard disk.
a) A distinction is generally made between the following types of cookies:
(1) Transient and persistent cookies
Transient cookies are automatically deleted when you close your browser. These include, in particular, session cookies. These store a so-called session ID that allows different requests you make in your browser to be allocated to the common session. This enables our website to recognize your computer next time you visit. The session cookies are deleted when you log out or close the browser.
We use transient cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. The following data, for example, are stored and transmitted in the cookies:
1. Browser settings regarding cookies (whether they are activated or not)
2. Language settings of the user
3. Log-in information
We also use persistent cookies on our website that enable us to analyze users’ browsing behavior. Persistent cookies are automatically deleted after a specified period, which can vary depending on the cookie. This allows us to record and analyze the click behavior of users on our websites (recorded data are, for example, browser data, click frequency and click-through rate).
The data collected through persistent cookies are pseudonymized by technical measures, which means that it is no longer possible to associate the data with the user. The relevant data are not stored together with other personal data of the users.
(2) Tracking/web bugs
Some of our services also use tracking/web bugs or tracking pixels. These are usually code snippets measuring only 1x1 pixels, which are able to identify and recognize your browser ID – the individual fingerprint of your browser. This allows the service provider to see when and how many users have accessed the pixel, or whether and when an email was opened or a website visited.
To prevent web bugs on our websites, you can use tools such as webwasher, bugnosys or AdBlock. To prevent web bugs in our newsletter, please set your mail program so that no HTML is displayed in messages. Web bugs are also prevented by reading your emails offline. Without your explicit consent, we will not use web bugs to collect personal information about you or to transmit such information to third parties and marketing platforms without your knowledge.
(3) Local Storage
So that we can adapt our services to your needs and make you tailored offers, we use local storage technology in addition to cookies. This technology involves storing certain data in the local cache of your browser. These data are also retained after you have closed the browser and can be accessed and read by us again on your next visit to our websites.
Local storage enables us to store your preferences for the use of our websites. The data from the local storage are used on our websites so that, for example, you do not have to make certain selections again after the initial input, so that your choice of certain formats on our websites is retained the next time you visit, or so that you are instantly shown an initial selection of interesting articles when you visit the websites.
b) Legal basis for the use of cookies, web bugs, tracking pixels, etc.
Technically necessary:
The legal basis for the processing of personal data using technically necessary cookies is Art. 6(1)(f) GDPR. The purpose of using technically necessary cookies and similar technologies is to enable and simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.
For technically necessary cookies, the right of objection is excluded as they are essential for us to show you our website and its contents, and to make the functionalities of the website available to you.
Not technically necessary:
The use of technologies for increasing the functionality as well as for analytical and marketing purposes is aimed at improving the quality of our website and its content. The analysis cookies enable us to learn how the website is used and to continuously optimize our offering. Processing, in particular on your device, that is based on cookies or other identifiers (e.g. browser fingerprints, pixels, local storage) (hereinafter referred to collectively as “Cookies”) and is not technically required for the function of our websites, will be carried out by us only with your consent, which you can grant via our cookie management tool when visiting our websites for the first time. The legal basis for this cookie-based processing is Art. 6(1)(a) GDPR.
You may withdraw your consent for the collection of data by cookies at any time. The following steps must be performed to do so:
1. Open the settings for cookies on our websites via the “Cookies” footer
2. In the next window that opens, you have the option to revoke the data processing for individual categories of cookies and similar technologies (e.g. data storage in the local storage).
You can also delete cookies at any time or adjust your browser’s corresponding cookie settings. For more information about how you can delete and/or administer your browser’s cookie settings, please see your browser’s help pages. Data can also be removed from local storage by emptying your browser's local storage.
c) Individually-used cookies| Name of cookie | Type of cookie | Name of application | Purpose of cookie | Storage duration |
| __hstc | Technically required | Webinar assignment (HubSpot) | In order to verify whether a user is authorized to participate in an event, it is necessary to recognize them. For this purpose, the cookie contains the domain, the user token (utk), the first timestamp (of the first visit), the last timestamp (of the last visit), the current timestamp (for this visit), and the session number (increases with each subsequent session). | 13 months |
| hubspotutk | Technically required | Webinar assignment (HubSpot) | This cookie tracks a visitor's identity. It is passed to the HubSpot software when a form is submitted and is used to deduplicate contacts (i.e., merge duplicate records) to prevent additional records from being created each time a user accesses the platform. | 13 months |
| __hssc | Technically required | Webinar assignment (HubSpot) | This cookie is used to determine whether the HubSpot software needs to increase the session number and timestamps in the __hstc cookie (see there). | 30 minutes |
| __hssrc | Technically required | Webinar assignment (HubSpot) | Whenever the HubSpot software changes the session cookie, this cookie is also set. This determines whether the visitor has restarted their browser. | End of browser session |
| __hsmem | Technically required | Webinar assignment (HubSpot) | This cookie is set when visitors log in to a website hosted by HubSpot. | 12 months |
| __cfruid | Technically required | Cloudflare | This cookie is used by Cloudflare to guarantee confidential access. All cookies stored by other websites are ignored during the access. | 12 months |
| __cf_bm | Technically required | Cloudflare | The __cf_bm cookie is a cookie required to support Cloudflare Bot Management, which is currently in private beta. As part of our bot management service, this cookie helps manage incoming traffic that meets the criteria associated with bots. This is a CloudFoundry cookie. | End of browser session |
| cf_use_ob | Technically required | Cloudflare | This cookie is associated with websites that use CloudFlare. It is used to improve page load times and override security restrictions based on the visitor's IP address. It does not contain any user identification information. | End of browser session |
| cf_ob_info | Technically required | Cloudflare | This cookie is associated with websites that use CloudFlare. It is used to improve page load times and override security restrictions based on the visitor's IP address. It does not contain any user identification information. | End of browser session |
| Optanonconsent | Technically required | Cookie-Compliance-Tool (OneTrust) | This cookie is set by OneTrust's cookie compliance solution. It stores information about the categories of cookies the website uses and whether visitors have given or withdrawn their consent to the use of each category. | 12 months |
| OptanonAlertBoxClosed | Technically required | Cookie-Compliance-Tool (OneTrust) | This cookie is used to determine whether a visitor should be shown the banner or whether they have already confirmed it. | 12 months |
| x-ms-cpim-admin | Functionality | Azure AD | Contains cross-tenant data about user membership: tenants to which a user belongs and the level of membership (“Admin” or “User”). | End of browser session |
| x-ms-cpim-slice | Functionality | Azure AD | To forward requests to the appropriate production instance. | End of browser session |
| x-ms-cpim-trans | Functionality | Azure AD | To track transactions (number of authentication requests to Azure AD B2C) and the current transaction. | End of browser session |
| x-ms-cpim-sso:{Id} | Functionality | Azure AD | To manage the single sign-on (SSO) session. This cookie is set to persistent when persistent is enabled. | End of browser session |
| x-ms-cpim-cache:{id}_n | Functionality | Azure AD | To manage the request status. | End of browser session, successful authentication |
| x-ms-cpim-csrf | Functionality | Azure AD | Cross-site request forgery token to protect against CSRF attacks. | End of browser session |
| x-ms-cpim-dc | Functionality | Azure AD | For Azure AD B2C network routing. | End of browser session |
| x-ms-cpim-ctx | Functionality | Azure AD | Context | End of browser session |
| x-ms-cpim-rp | Functionality | Azure AD | To store membership data for the resource provider tenant. | End of browser session |
| x-ms-cpim-rc | Functionality | Azure AD | To store the relay cookie. | End of browser session |
| UserMatchHistory | Advertising cookie | This cookie is used to synchronize LinkedIn Ads IDs. | 30 days | |
| AnalyticsSyncHistory | Advertising cookie | This cookie is used to store the time of synchronization with the “lms_analytics” cookie for users in designated countries. | 30 days | |
| li_oatml | Advertising cookie | This cookie is used to identify LinkedIn members outside of LinkedIn for advertising and analysis purposes outside of the designated countries and, for a limited time, also for advertising purposes in the designated countries. | 30 days | |
| lms_ads | Advertising cookie | This cookie is used to identify LinkedIn members outside of LinkedIn in the designated countries for advertising purposes. | 30 days | |
| lms_analytics | Advertising cookie | This cookie is used to identify LinkedIn members in designated countries for analysis purposes. | 30 days | |
| li_fat_id | Advertising cookie | This cookie is an indirect member identifier used for conversion tracking, retargeting, and analytics. | 30 days | |
| li_sugr | Advertising cookie | This cookie is used to determine probabilistic matches of a user's identity outside of designated countries. | 90 days | |
| U | Advertising cookie | This cookie is a browser identifier for users outside the designated countries. | 3 months | |
| _guid | Advertising cookie | This cookie is used to identify a LinkedIn member for advertising via Google Ads. | 90 days | |
| BizographicsOptOut | Advertising cookie | This cookie is used to determine the opt-out status for third-party tracking. | 10 years | |
| li_giant | Advertising cookie | Indirect identifier for groups of LinkedIn members used for conversion tracking. | 7 days | |
| visitor_id<accountid> | Analysis | Pardot Salesforce | The visitor cookie contains a unique visitor ID and the unique identifier for your account. For example, the cookie name visitor_id12345 stores the visitor ID 1010101010. The account ID 12345 ensures that the visitor is tracked on the correct Pardot account. The visitor value is the visitor_id in your Pardot account. This cookie is set for visitors by the Pardot tracking code. | 180 days |
| pi_opt_in<accountid> | Required | Pardot Salesforce | If opt-in settings for tracking are enabled, the pi_opt_in cookie is set with a value of or when the visitor opts in or out of tracking. When a visitor opts in, the value is set to true, and the visitor is tagged with a cookie and tracked. If the visitor opts out or ignores the opt-in banner, the value of the opt-in cookie is set to false. The visitor cookie is disabled and the visitor is not tracked. | 180 days |
| visitor_id<accountid>-hash | Analysis | Pardot Salesforce | The visitor hash cookie contains the account ID and stores a unique hash. For example, the cookie name visitor_id12345-hash stores the hash “855c3697d9979e78ac404c4ba2c66533,” and the account ID is 12345. This cookie is a security measure to ensure that a malicious user cannot impersonate a Pardot visitor and access corresponding prospect information. | 180 days |
| lpv<accountid> | Analysis | Pardot Salesforce | This LPV cookie is set to prevent Pardot from tracking multiple page views for a single asset over a 30-minute session. For example, if a visitor reloads a landing page multiple times over a 30-minute period, this cookie prevents each reload from being tracked as a page view. | Until the end of the session |
| pardot | Required | Pardot Salesforce | A session cookie named pardot is set in your browser while you are logged in to Pardot as a user or when a visitor accesses a form, landing page, or page with Pardot tracking code. The cookie indicates an active session and is not used for tracking. | Until the end of the session |
| lidc | Marketing | This cookie facilitates the selection of the data center. | 24 hours | |
| bcookie | Marketing | Browser detection | 2 years |
4. Disclosure of your data
Any disclosure, sale or any other transmission of your personal data to third parties will take place only if such disclosure is necessary for contractual processing or for settlement purposes or collection of remuneration (e.g. forwarding agency or payment service providers) or if you have explicitly given your consent. The legal basis for transmitting the data to third parties for contractual processing or for settlement purposes is Art. 6(1)(b) GDPR.
Moreover, we can disclose your data to our IT service providers that support us in supplying the website, sending invitations, holding events, etc. (e.g. Microsoft, as described above in section 2.d) or HubSpot, as described above in section 2.b), but also Thema AG, which supports us in setting up the website). We can also disclose your data to other companies of the Dürr Group if it is in our legitimate interest to do so (Art. 6(1)(f) GDPR) or you have requested that we do so (Art. 6(1)(a) GDPR).
We wish to advise that we are authorized by order of the competent public authority in each specific case to provide information on data to the extent that this is necessary for the purposes of criminal prosecution, for the prevention of danger by the police authorities of the federal states, in performance of the statutory tasks imposed by the federal and state constitutional protection authorities, the Federal Intelligence Service (Bundesnachrichtendienst) or the Military Counterintelligence Service (Militärischer Abschirmdienst) or for the enforcement of intellectual property rights.
5. Integration and use of social networks and map services (cookies, plugins and hyperlinks)
Regarding the integration (e.g. via links and via plugins) and the use of social networks by us and the integration of map services, please read Section 4 of Dürr's general Data Protection (Privacy) Policy at https://www.durr.com/en/data-protection, the data protection policy of Homag, at https://www.homag.com/en/company/policy and that of Schenck, at https://schenck-rotec.com/data-protection.html.
The following applies additionally:
LinkedIn Insight Tag
Our website uses the “LinkedIn Insight Tag” conversion tool from LinkedIn Ireland Unlimited Company (“LinkedIn”). This tool creates a cookie in your web browser that enables the collection of the following data, among others: IP address, device properties, browser properties and page events (e.g. page visits), demographic data from LinkedIn, if the user is an active LinkedIn member, last-visited URL, time information. These data are encrypted by LinkedIn, pseudonymized within seven days and the pseudonymized data are erased within 90 days. We and LinkedIn act as joint controllers for this data processing. You can see the agreement governing this at LinkedIn. You can find more information here and in the LinkedIn Privacy Policy.
This technology enables us to produce reports on the effectiveness of our advertising, as well as information on website interaction and to display targeted advertising on LinkedIn (conversion tracking), without you being identified by us as a website visitor. However, LinkedIn can connect your data to your LinkedIn profile if you are logged into LinkedIn when you visit our website. We process your data to evaluate events and to collect information about website visitors, who may have reached us via LinkedIn. We process your data because you have consented to this, Art. 6(1)(a) GDPR and we store your data for as long as necessary for the respective purpose (event evaluation) and provided that you have not contested the storage of your data or revoked your consent. To the extent that LinkedIn transfers the data to its own parent company in the USA, this transfer also takes place on the basis of your consent.
LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To deactivate the Insight tag on our website, please click on “Cookies” in the footer of our page and proceed as described above in Section 3.b).
Salesforce Pardot
We also use Salesforce Pardot analysis services from the provider Salesforce on our websites. Salesforce Pardot is software from salesforce.com Inc., Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, USA (“Salesforce”) and is an application for automated lead management, marketing automation, and sales support in the B2B business customer environment. Salesforce generally stores personal data in the USA. Salesforce has issued binding corporate rules (available at https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/misc/Salesforce-Processor-BCR.pdf) for this purpose, which ensure the secure transfer of data. Salesforce uses a cookie in this context. For details on cookies, please refer to section 3. If you have given your consent (Art. 6 (1) (a) GDPR), Salesforce Pardot, in combination with cookies, enables us to recognize you as a website visitor and to record and analyze your usage behavior using a pseudonym. This allows us to offer you better, more convenient, and even more personalized services. If available, this data is linked to an existing customer profile in our customer database, enabling us to provide you with personalized and individual advice if required. Insofar as Salesforce Pardot processes personal data, the processing is carried out exclusively on our behalf and in accordance with our instructions. Pardot places cookies if you have consented to this and if no corresponding cookies are already stored on your device (see section 3 for further information on cookies). We use Pardot cookies to analyze your use of our pages so that we can continuously improve them. Information about Pardot tracking can be found at https://help.salesforce.com/s/articleView?id=pardot_admin_tracker_domain_visitor_tracking.htm&type=5&language=de.
Revocation of consent
You can revoke your consent at any time with future effect by following the procedure described in section 3 b) above. However, this may lead to certain restrictions in the functions and user-friendliness of our website.
6. Rights of the data subject
If your data are processed, you have the following rights under the GDPR as a data subject with regard to us, which you can exercise with regard to us using the above-mentioned contact options.
- Information, rectification, limitation of processing and erasure
You have the right to obtain information at any time about your personal data stored by us, their origin and recipients, as well as the purpose of data processing via our websites. Furthermore, you have the right to rectification, erasure and limitation of processing of your data, provided that the statutory requirements for this are met.
- Right to data portability
You have the right to receive the data concerning you that you have provided to us as data controller in a structured, common and machine-readable format. We can satisfy this right at our discretion by providing a csv export of the data.
- Right to information
If you have exercised your right to have the data controller rectify, erase or restrict data processing, the controller is obliged to inform all recipients to whom the data concerning you have been disclosed of such rectification, erasure or restriction of processing unless this proves impossible or involves disproportionate effort.
- Right to object
You have the right, for reasons arising from your particular situation, to object at any time to the processing of data concerning you, which may be processed in accordance with Art. 6(1)(f) GDPR. If you object to the processing, we will cease the processing unless we can provide compelling legitimate reasons for the processing that override your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend against legal claims.
If the data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of the data concerning you for the purpose of such marketing; this also applies to profiling, to the extent that it is associated with such direct marketing.
- Revocability of declarations of consent under data protection law
In addition, you may withdraw your consent at any time, with effect from that time onward (e.g. via a link in our newsletter).
- Right to object to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to object to a supervisory authority, in particular at your place of residence, your workplace or the place where the alleged violation occurred, if you believe that the processing of data concerning you violates the GDPR.
7. Amendments to this Data Protection (Privacy) Policy
We reserve the right to amend this privacy policy at any time, without prior notification. You should therefore visit this page on a regular basis to learn of any amendments to this privacy policy.