Privacy policy
Data protection principles
Data protection principles for our Website
Data protection principles of www.atr.de pursuant to Art. 13 GDPR
The following data protection principles inform you about the collection, processing and use of personal data by the data controller within the scope of visiting this website.
1. Data controller within the meaning of art. 4 (7) GDPR
Main data controller:
ATR International AG
Other data controllers:
Auto-Teile-Ring GmbH
ATR SERVICE GmbH
ATR Digitisation GmbH
(hereinafter referred to as ATR)
Marie-Curie-Strasse 3
73770 Denkendorf
Germany
Phone: + 49 711 918979-0
E-mail: datenschutz@atr.de
Website: www.atr.de
2. Communication by e-mail / telephone / post / contact form
Purpose of the data processing/ Legal basis: Any personal information you provide to us when filling out contact forms, by telephone or in e-mails will be treated confidentially. We use your data exclusively for the purpose of processing your enquiry. The legal basis for the data processing is Art. 6 para. 1 f) GDPR. The justified interest on the part of ATR results from the interest to answer the enquiries sent by our customers and visitors to this website and to maintain and promote customer satisfaction.
Recipients/ Categories of recipients: We exclude any transfer of data to third parties outside the ATR group of companies. In exceptional cases, data is processed on our behalf by contract processors. These are carefully selected, audited by us and contractually bound pursuant to Art. 28 GDPR. Furthermore, it may be necessary for us to pass on extracts of your enquiry to contractual partners (e.g. suppliers for product-specific enquiries) in order to process your enquiry. In these cases, however, the request will be anonymized beforehand so that the third party cannot establish any reference to you. If, in individual cases, the disclosure of your personal information should be necessary, we will inform you of this in advance and obtain your consent.
Storage duration/ Criteria for determining the storage duration: All the personal data that you provide to us in enquiries (suggestions, praise or criticism) via this website or by e-mail will be deleted or securely anonymized by us at the latest 90 days after the final reply has been given to you. The reason for the storage period of 90 days is that, occasionally, you as a customer may contact us again about the same matter after a reply has been sent out and we must then be able to refer to the previous correspondence. Experience has shown that, as a rule, after 90 days there are no more questions relating to our replies.
3. Newsletter (ATR World)
Purpose of data processing/legal basis: You have the option to subscribe to our newsletter "ATR World". As part of the registration process, we collect your first and last name, your e-mail address and the date of registration. If you give your consent, we will use your e-mail address to provide you with the newsletter.
The legal basis for the processing of your registration data as well as your e-mail address in the context of the newsletter dispatch is Art. 6 para. 1 a) GDPR.
Storage period/ Criteria for determining the storage period: We store your e-mail address for the purpose of sending the newsletter until you withdraw your consent.
Analysis: For the purpose of anonymous newsletter analysis, the emails sent contain a so-called "tracking pixel" that connects to an analysis tool when the email is being opened. This way, it can be determined whether a newsletter e-mail has reached you, whether it has been opened by you and whether you have accessed our website via a newsletter link. For this purpose, we use an external service provider who processes the data strictly in accordance with our instructions as part of order processing pursuant to Art. 28 GDPR. Your IP address is anonymised before storage. The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in ensuring the technical function of our newsletter service and in optimising our web service. The analysis takes place on an anonymous level, which means that no reference to your person can be made. If you do not wish your data to be analysed, please unsubscribe from the newsletter.
4. Extranet
Authorized persons may use the Extranet for shareholders and business partners on this website.
Purpose of the data processing/ Legal basis: We need an e-mail address to create the access. Your e-mail address is used solely as a user name for the use of and login into our website www.atr.de.
The legal basis for the data processing within the scope of the use of the Extranet by you is Art. 6 para. 1 f) GDPR. The justified interest on the part of ATR results from the interest in being able to provide the business partner with the desired and necessary information required for the partnership.
Processing of your access data beyond this purpose will not take place without your consent.
Recipients/ Categories of recipients: Within the ATR group of companies, the data of your Extranet account can only be used by the responsible departments for the technical administration of the Extranet accounts. Transfer to third parties outside of ATR does not take place.
Storage duration/ Criteria for determining the storage duration: Your Extranet account will generally remain stored indefinitely unless you delete your account, your partnership with ATR ends or you request us to delete it. The data will then be removed from our system if there are no retention periods or if the data is not still required in individual cases (for example, in the case of open claims to collect the claims).
5. Competitions
Purpose of the data processing/ Legal basis: On our website, you can take part in various ATR competitions. Unless otherwise stipulated in the specific data protection principles of the respective competition or unless you have given us further express consent, the personal details you provide to us in connection with participation in the competition will be used exclusively for the purpose of processing the competition (determining the winner, notifying the winner, sending the prize). The legal basis for the data processing within the framework of competitions is, should you participate, article 6 para. 1 f) GDPR. The justified interest on the part of ATR results from the interest in being able to carry out the promoted competition.
In the event of the submission of a declaration of consent going beyond this in the context of a competition, Art. 6 para. 1 a) GDPR is the legal basis for data processing based on the consent. If you have given your consent in the context of a raffle, you can revoke this consent at any time with effect for the future. In such cases, further details are set out in the specific data protection principles of the competition concerned.
Recipients/ Categories of recipients: The data collected for competition purposes is generally only accessible by the department within the ATR group of companies that carried out the specific competition. The data will only be passed on to third parties if this is absolutely necessary for the execution of the competition or the sending of the prize (e.g. prize dispatch by the sponsor of a competition) or if you have given us express permission to do so.
Storage duration/ Criteria for determining the storage duration: After the end of the competition and the announcement of the winners, the data of the participants will be deleted. The data of the winners will be kept for the duration of the statutory warranty claims in the case of material prizes, in order to arrange for rectification or exchange in the event of a defect in the prize.
6. Use of cookies
On the Extranet "myATR" on our website, we use so-called "cookies". Cookies are small text files that are sent from our web server to your terminal device (PC, notebook, smartphone or tablet) when you visit this website and are stored there in the Internet browser you are using. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. We do not use these necessary cookies for analysis, tracking or advertising purposes.
In some cases, these cookies only contain information about certain settings and are not personally identifiable. They may also be necessary to enable user guidance, security and implementation of the site.
We use these cookies on the basis of Art. 6 para. 1 p. 1 lit. f GDPR.
You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time via the appropriate browser setting and prevent the setting of new cookies. Please note that our websites may then not be displayed and some functions may no longer be technically available.
When you log in to the Extranet ("myATR") on our website, a cookie is set on your device. This cookie is a standard TYPO3 session cookie. With a user login, each cookie stores the session ID with which the logged-in user is recognized and granted access to protected areas. The cookie is deleted at the end of the browser session and does not remain on your computer. If you leave our pages, the temporary cookie will also be deleted (session cookies).
| Name of the cookie | Storage time of the cookie |
| dp_cookieconsent_status | 1 Jahr |
7. Usage data
When you visit our websites, our web server temporarily stores so-called usage data for statistical and security-related purposes as a protocol to ensure the security and integrity of our websites. This record consists of
- the page from which the file was requested,
- the IP address
- the name of the requested file,
- the date and time of the query,
- the amount of data transferred,
- the access status (file transferred, file not found),
- the description of the type of web browser used.
We store the IP address transmitted by your web browser strictly for the purpose of detecting, limiting and eliminating attacks on our websites for a period of thirty days. After this period, we delete or anonymize the IP address. The listed usage data does not allow any conclusions to be drawn about your person. An evaluation of the data takes place exclusively in anonymous form. At the point where it would hypothetically be possible to identify your person, such as with an IP address, we are responsible for ensuring that it is impossible to identify your person through anonymisation / pseudonymisation.
The legal basis for the processing of the aforementioned usage data is Art. 6 para. 1 p. 1 lit. f GDPR.
Analysis tool Matomo (formerly called Piwik):
As part of our extranet, we use the open source web analytics service Matomo. Matomo uses technologies that enable the cross-page recognition of the user for the analysis of user behaviour. The tracking of user behaviour is performed by a Java-Script applet and so-called tracking pixels, whose call in Matomo store the user behaviour in anonymised form. No data is stored on the user's terminal device. The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymised before storage. The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The information collected by Matomo about the use of this website will not be disclosed to third parties.
8. Encryption
We take technical and organisational security measures in order to protect your data from unwanted access as comprehensively as possible. In addition to securing the operating environment, we use encryption procedures. The information you provide is transmitted in encrypted form using an SSL protocol (Secure Socket Layer) and authentication is checked to prevent misuse of the data by third parties. You can recognize this by the fact that the lock symbol in the status bar of your browser is closed and the address bar begins with "https...".
9. Applications
You can apply for positions advertised by us via our website. You yourself determine the scope of the data that you wish to transmit to us as part of your online application. We process your personal data according to the valid data protection regulations on the basis of § 26 Para. 1 S. 1 of the Federal Data Protection Act (BDSG). We process the data that you disclose to us within the scope of your online application exclusively for the purpose of applicant selection. Data processing for other purposes does not take place.
You yourself determine the scope of the data that you wish to transmit to us as part of your application. Depending on how you sent your application to us, applications will be submitted electronically or as reference files to our personnel department, where they will be processed as quickly as possible. The electronic transmission of applications is always encrypted. As a rule, applications are forwarded to the relevant department. No other forwarding of your data takes place. Your data will be treated confidentially in our company. If your application is unsuccessful, your documents will be deleted after 3 months.
In the event that we also wish to consider your application for other or future job advertisements, we will obtain your separate consent. We will then process your data on the basis of Art. 6 para. 1 sentence 1 lit. a GDPR.
10. Your rights as a data subject
Pursuant to Art. 15 para. 1 GDPR, you have the right to request information free of charge on the personal data stored by ATR about you.
In addition, you have a right to correction (Art. 16 GDPR), deletion (Art. 17 GDPR) and restriction of the processing (Art. 18 GDPR) of your personal data if the legal requirements are met.
If the data processing is based on Art. 6 para. 1 e) or f) GDPR, you have the right to object according to Art. 21 GDPR. If you object to the data processing, this will not take place in the future, unless the data controller can prove compelling reasons worthy of protection for the further processing which outweigh the interest of the data subject in objecting.
If you have provided the processed data yourself, you have the right to data transfer in accordance with Art. 20 GDPR.
If the data processing is based on consent pursuant to Art. 6 para. 1 a) or Art. 9 para. 2 a) GDPR, you may revoke the consent at any time with effect for the future without affecting the legality of the previous processing.
Please contact the data protection officer in writing or by e-mail in the aforementioned cases, for open questions or in the event of complaints.
In addition, you have the right to complain to a data protection supervisory authority. The data protection supervisory authority of the federal state in which you live or in which the data controller is based is responsible.
Unless otherwise stated in the previous chapters, the provision of personal data is not required by law or contract or necessary for the conclusion of a contract. You are not obliged to provide the personal data if no other information has been provided previously. Failure to provide your personal data may mean that we are unable to respond to your contact request or that participation in the application process is not possible.
Automated decision-making does not take place.
11. Contact details of the data protection officer:
Datenschutz Süd GmbH
E-mail: office@datenschutz-sued.de
Postal address:
Wörthstraße 15
97082 Würzburg
Germany
12. Hosting
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This may include, in particular, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses, and other data generated via a website.
The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of a secure, fast, and efficient provision of our online offering by a professional provider (Art. 6 (1) (f) GDPR).
Our hoster will only process your data to the extent necessary to fulfill its service obligations and to follow our instructions regarding this data.
We use the following hosting provider:
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 4-6
32339 Espelkamp
Contract Processing
We have concluded a contract for contract processing (DPA) with the above-mentioned provider. This is a contract required by data protection law, which guarantees that the personal data of our website visitors will only be processed according to our instructions and in compliance with the GDPR.
Data protection principles for business partners
Data protection principles for business partners
Dear Sir/Madam,
We take the protection of your personal data very seriously and endeavour to give you comprehensive information about the way in which your personal data is processed. The following data protection information applies to you if you contact us, if contract negotiations take place with us and/or if contractual agreements exist with us and the data of natural persons is processed in connection with these. In particular, the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) serve as the legal basis. Which data is actually processed largely depends on the agreed services. Therefore, not all parts of this information will be relevant to you.
How do we collect your personal data and which data categories do we use?
We essentially collect your data from you.
However, it may also be necessary to process personal data that we receive from other companies, authorities or other third parties, such as credit agencies, tax offices or similar.
Relevant personal data can include: personal data (e.g. first/last name, address and other contact data, date and place of birth and nationality), identification and authentication data (e.g. extracts from the commercial register, identity-card data, specimen signature), data within the scope of our business relationship (e.g. payment data, data on orders), creditworthiness data, data on company structures and ownership as well as other data comparable with the aforementioned categories.
You always have the choice whether to communicate with us by e-mail or post. Communication by e-mail may be unencrypted for technical reasons.
Purposes and legal basis of the processing
In order to fulfil contractual obligations (Art. 6 para. 1 letter b GDPR)
The purposes of the data processing result from the execution of pre-contractual measures, which precede a contractually regulated business relationship and in the fulfilment of the obligations from the concluded contract.
In order to fulfil a legal obligation (Art. 6 para. 1 letter c GDPR)
The purposes of the data processing result in individual cases from statutory requirements. These statutory obligations include, for example, the fulfilment of storage and identification obligations, e.g. as part of the regulations for the prevention of money laundering, tax control and reporting obligations, and the data processing required as a result of enquiries from authorities.
In order to fulfil legitimate interests (Art. 6 para. 1 letter f GDPR)
It may be necessary to process the personal data provided by you beyond the actual fulfilment of the contract. The legitimate interests here are in particular the selection of suitable business partners, assertion of legal claims, defence against liability claims, entry or access controls, billing purposes (e.g. for seminars at Trainmobil), direct marketing purposes (e.g. postal advertising in the form of magazines), clarification of possible compliance violations, prevention of criminal offences and the settlement of damages resulting from the business relationship.
We use the credit rating data of the credit agencies to check creditworthiness. The credit agencies store data that they receive from banks or companies, for example, and this data includes in particular: surname, first name, date of birth, address and information on payment behaviour. Information on the data stored by you can be obtained directly from the credit agencies.
Webinars using Microsoft Teams
If you participate in an online meeting as an external participant, you will receive an access link by e-mail from the host of the webinar. When you register for the online meeting, you will have to enter your login name and, if applicable, your e-mail address. Furthermore, metadata such as date, time, meeting-ID and IP address are processed.
We use the tool "Microsoft Teams" to conduct online webinars. The legal basis for data processing regarding contact persons of our shareholders and concept partners is the legitimate interest according to Art. 6 para. 1 f) GDPR. Our legitimate interest lies in the offering of webinars. If our contact person is a direct contractual partner and a natural person, Art. 6 para. 1 b) GDPR is the legal basis. Recordings of the webinars will not be created in this context.
Microsoft Teams is part of Microsoft Office 365, a software from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.
In principle, ATR does not process data outside the European Union (EU), as we have limited our storage location to data centres in the European Union. However, we cannot exclude that the routing of data takes place via internet servers that are located outside the EU. This may be the case in particular if participants in "Online Meeting" are located in a third country.
However, the data is encrypted during transfer over the Internet and thus protected against unauthorized access by third parties.
Microsoft reserves the right to process customer data for its own legitimate business purposes and to pass it on to Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. We have no control over this data processing by Microsoft. To the extent that Microsoft Teams processes personal data in connection with legitimate business purposes, Microsoft is the independent data controller for those data processing activities and, as such, is responsible for compliance with all applicable data protection laws. If you require information about Microsoft's processing, please refer to the relevant Microsoft statement (https://privacy.microsoft.com/de-de/privacystatement).
Who receives the personal data provided by you?
Within our company, the areas that need the data provided by you to fulfil their contractual or legal obligations or to fulfil their legitimate interests are given access to it. As part of the contractual relationship, we also commission contract processors or service providers who may have access to your personal data. Compliance with data protection regulations is contractually ensured.The data may also be transferred to companies within the ATR group of companies in order to fulfil contractual obligations.
How long will the data be kept?
Personal data will be kept for as long as is necessary to fulfil the above-mentioned purposes or until you have effectively objected to the processing within the meaning of Art. 21 GDPR. In particular, the statutory storage obligations from the German Commercial Code (HGB) and the Fiscal Code (AO), which provide for storage for up to twelve years, are relevant here.
Are you obliged to provide the data?
As part of our business relationship, you must provide us with the personal data necessary to establish, conduct and terminate a business relationship and to perform the duties associated therewith, which we are required to collect by law or have the right to do so in our legitimate interests. Without this data, we will usually not be able to enter into a business relationship with you.
Is data transferred to a third country?
If we transfer personal data to recipients outside the European Economic Area (EEA), this transfer will only take place if the third country has been confirmed by the EU Commission as having an adequate level of data protection, if an adequate level of data protection has been agreed with the data recipient (e.g. by means of EU standard contract clauses) or if we have received your consent to do so.
Which rights do you have?
You have the right, upon request and free of charge, to receive information about your personal data stored by us. In addition, you have a right to the correction and deletion of this personal data, a right to data transferability and a right to restriction of processing in accordance with the statutory provisions. If we process your personal data on the basis of your consent, you have the right to at any time revoke this consent with effect for the future. If data is collected on the basis of Art. 6 para. 1 page 1 letter e (data processing for the fulfilment of official tasks or the protection of the public interest) or letter f (data processing for the safeguarding of legitimate interests), the data subject shall have the right to object to the processing at any time for reasons arising from their particular situation. We will then no longer process the personal data unless there are verifiable compelling legitimate grounds for processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves the assertion, exercise or defence of legal claims. In such cases, please contact us in writing or by e-mail at the following address: datenschutz@atr.de.
Any data subject has the right to complain to a supervisory authority if they consider that the processing of data concerning them is in breach of data protection provisions. The right to complain can in particular be exercised before a supervisory authority in the Member State where the data subject is staying or where the alleged infringement took place. The competent supervisory authority in Baden-Württemberg is the following:
The State Commissioner for Data Protection and Freedom of Information
Postfach 10 29 32
70025 Stuttgart
Germany
Phone: +49 711/61 55 41 – 0
E-mail: poststelle@lfdi.bwl.de
Responsible body
The responsible body is the company with which you are initiating or conducting a business relationship.
Contact details of the Data Protection Officer
E-mail: office@datenschutz-sued.de
Postal address:
datenschutz süd GmbH
Wörthstraße 15
97082 Würzburg
Germany
Data protection principles for trade fair events
The following data protection principles inform you about the collection, processing and use of personal data by the responsible party in the context of a trade fair event.
Responsible party within the meaning of Art. 4 No. 7 GDPR
ATR International AG
Auto-Teile-Ring GmbH
ATR SERVICE GmbH
ATR Digitisation GmbH
Marie-Curie-Strasse 3
73770 Denkendorf
Germany
Phone: + 49 711 918979-0
E-mail: datenschutz@atr.de
Website: www.atr.de
Purposes of data processing/legal basis:
Contract initiation
We process your personal data in the context of trade fair events for the purpose of initiating or maintaining contractual relationships. The legal basis for data processing in this regard is Art. 6 (1) b) GDPR.
Sending of information material
In addition to discussions at trade fair stands, we will send you information material by post or e-mail at your request so that you can obtain further comprehensive information about ATR's services after the trade fair. The legal basis for sending the information material is your consent in accordance with Art. 6 Para. 1 a) DSGVO, which you give us when providing us with your contact details.
Photographs
In the course of a trade fair, photographs (individual and/or group photos) may be taken of you. If we do not take these photos ourselves, they will be provided to us by the respective photographer of the trade fair. We will use the photographs for internal documentation purposes and, if necessary, publish them on our website www.atr.de and on our social media channels (Facebook, LinkedIn, Xing, Google (YouTube) und Twitter) to illustrate our trade fairs.
If you actively make yourself available for a photograph, we will consider this as your consent to the processing of the photographs for the aforementioned purposes. Accordingly, the processing of the photographs is based on Art. 6 (1) a) GDPR.
If photographs merely reflect the overall events at a trade fair and you as a person are relegated to the background, we process the photographs for the aforementioned purposes on the basis of our legitimate interest in documenting the trade fair in accordance with Art. 6 (1) f) GDPR.
Who receives the personal data you provide?
Within our company, the areas that receive access to the data you have provided are those that need it to fulfil contractual or legal obligations or to fulfil legitimate interests. If we publish your personal data (photographs) on our website www.atr.de or on our Social Media Channels, these can be accessed by third parties who have Internet access. Within the framework of contractual relationships, we also commission processors or service providers who may have access to your personal data. Compliance with data protection regulations is contractually ensured in this regard.
The data may also be transferred to companies within the ATR group of companies in order to fulfil contractual obligations.
In relation to Social Media the data recipients may also be located in third countries where the level of data protection may be lower than in the EU or the EEA area. This also applies to the storage of data by Facebook, LinkedIn, Google (YouTube) , Xing and Twitter themselves. Suitable guarantees with/by the social media platforms Facebook, LinkedIn, Google (YouTube) , Xing and Twitter do not currently exist. For cases where we are jointly responsible for processing with the social media platform, you can find the main contents of the joint processing of your data here:
https://www.facebook.com/legal/terms/page_controller_addendum. The posts under the pictures including the comments are available on Facebook for an unlimited period of time. Information on this can be found here: https://www.facebook.com/help/568137493302217. You can delete the comments and posts independently at any time.
You can find more information on Xing’s data processing here:
https://privacy.xing.com/en/privacy-policy
You can find more information on LinkedIn's data processing here:
https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.
You can find more information on Twitter's data processing here:
https://twitter.com/de/privacy
You can find more information on Google’s (YouTube) data processing here:
https://policies.google.com/privacy?hl=en-US
Please note that when photos are published on the Internet, there is always a risk that they will be disseminated without our intervention and can therefore no longer be deleted. This applies accordingly to photos published on the internet which can be found and retrieved by internet search engines in Germany and abroad.
Please also note that in the case of group photos with several people, a revocation may remain without effect under certain circumstances, provided that a large number of people are depicted in a neutral manner and the individual is clearly not the focus of the portrait.
How long will the data be stored?
The personal data will be stored for as long as is necessary to fulfil the above-mentioned purposes or until you have effectively objected to the processing within the meaning of Art. 21 GDPR or have revoked your consent in accordance with Art. 7 Para. 3 GDPR. In this context, the statutory retention obligations from the German Commercial Code (HGB) and the German Fiscal Code (AO), which provide for retention for up to twelve years, are particularly relevant. Please note that when photos are published on the Internet, there is always a risk that they will be disseminated without our intervention and can therefore no longer be deleted. This applies accordingly to photos published on the Internet that can be located and retrieved by Internet search engines in Germany and abroad.
Are you obliged to provide the data?
As part of our business relationship, you must provide us with the personal data necessary to establish, conduct and terminate a business relationship and to perform the duties associated therewith, which we are required to collect by law or have the right to do so in our legitimate interests. Without this data, we will usually not be able to enter into a business relationship with you.
Is data transferred to a third country?
If we transfer personal data to recipients outside the European Economic Area (EEA), this transfer will only take place if the third country has been confirmed by the EU Commission as having an adequate level of data protection, if an adequate level of data protection has been agreed with the data recipient (e.g. by means of EU standard contractual clauses) or if we have received your consent to do so.
Which rights do you have?
Pursuant to Art. 15 para. 1 GDPR, you have the right to request information free of charge on the personal data stored by ATR about you.
In addition, you have a right to correction (Art. 16 GDPR), deletion (Art. 17 GDPR) and restriction of the processing (Art. 18 GDPR) of your personal data if the legal requirements are met.
If the data processing is based on Art. 6 para. 1 e) or f) GDPR, you have the right to object according to Art. 21 GDPR. If you object to the data processing, this will not take place in the future, unless the data controller can prove compelling reasons worthy of protection for the further processing which outweigh the interest of the data subject in objecting.
If you have provided the processed data yourself, you have the right to data transfer in accordance with Art. 20 GDPR.
If the data processing is based on consent pursuant to Art. 6 para. 1 a) or Art. 9 para. 2 a) GDPR, you may revoke the consent at any time with effect for the future without affecting the legality of the previous processing.
Please contact the data protection officer in writing or by e-mail in the aforementioned cases, for open questions or in the event of complaints.
In addition, you have the right to complain to a data protection supervisory authority. The data protection supervisory authority of the federal state in which you live or in which the data controller is based is responsible.
The competent supervisory authority in Baden-Württemberg is as follows:
The State Commissioner for Data Protection and Freedom of Information
Postfach 10 29 32
70025 Stuttgart
Germany
Phone: +49 711/61 55 41 – 0
E-mail: poststelle@lfdi.bwl.de
Responsible body
The responsible body is the company with which you are initiating or conducting a business relationship.
Contact details of the Data Protection Officer
E-mail: office@datenschutz-sued.de
Postal address:
datenschutz süd GmbH
Wörthstraße 15
97082 Würzburg
Germany
Data protection principles for our social media pages
When you visit our social media pages, it may be necessary to process relevant data. We would therefore like to inform you below, in accordance with Art. 13 of the General Data Protection Regulation (GDPR), about the handling of your data and your rights resulting from this.
Responsibility
We, ATR International AG, Marie-Curie-Straße 3, 73770 Denkendorf, operate the following social media pages:
- Facebook: https://www.facebook.com/autoteilering/
- Instagram: https://www.instagram.com/campderchamps/
- Instagram: https://www.instagram.com/expertentrophy/
- LinkedIn: https://www.linkedin.com/company/atr-international-ag/
Our contact details: Tel. + 49 (0) 711 91 89 79-0 and e-mail: info@atr.de
In addition to us, the respective operator of the social media platform is also responsible for the processing of your personal data. Insofar as we can influence and parameterise the data processing, we work within the scope of the possibilities available to us to ensure that the operator of the social media platform handles the data in accordance with the GDPR. In this context, please also refer to the privacy policy of the respective social media platform. However, the operator will inform you about the data processing in its own privacy policy.
Within the scope of platform use, your personal data is usually also processed by the platform operator on servers in third countries.
Data processing by us
The data you enter on our social media pages, such as user names, comments, videos, pictures, likes, public messages, etc. are published by the social media platform and are not processed by us for any other purpose at any time. We only reserve the right to delete content if this should be necessary. Where appropriate, we share your content on our site if this is a function of the social media platform and communicate with you via the social media platform.
If you send us an enquiry on the social media platform, we may also refer you to other more secure communication channels that guarantee confidentiality, depending on the content. For example, you have the option of sending us your enquiries at any time to the address given in the imprint or to info@atr.de. The choice of the appropriate communication channel is your own responsibility here.
The legal basis for processing your data is our legitimate interest according to Art. 6 (1) f GDPR. The data processing is carried out in the legitimate interest of conducting public relations for our company and being able to communicate with you.
Some social media platforms create statistics based on usage data and contain information about your interaction with our social media site. We cannot influence the implementation and provision of these statistics, nor can we prevent them. However, we do not make use of optional statistics from the social media platform.
We process this information in accordance with Art. 6 (1) f GDPR in the legitimate interest of validating the use of our social media pages and improving our content in a target group-oriented manner.
If you wish to object to certain data processing over which we have control, please contact us using the contact details provided in the imprint.
Storage period
We delete your personal data when they are no longer required for the aforementioned processing purposes and no legal retention obligations prevent deletion.
Data processing by the operator of the social media platform
The operator of the social media platform uses web tracking methods. The web tracking can also take place regardless of whether you are logged in or registered with the social media platform.
We would therefore like to point out that it cannot be ruled out that the provider of the social media platform uses your profile and behavioural data to evaluate for example your habits, personal relationships, preferences, etc. In this respect, we have no influence on the processing of your data by the provider of the social media platform, so that the use of the social media platform is at your own responsibility.
You can find more information on data processing by the provider of the social media platform, configuration options for protecting your privacy as well as further objection options and, if available and concluded, the agreement pursuant to Art. 26 GDPR in the provider's privacy policy:
- Twitter: https://www.twitter.com/privacy
- Facebook: https://www.facebook.com/about/privacy/update
For more information on the joint responsibility agreement pursuant to Art. 26 (2) sentence 2 GDPR, please visit: https://www.facebook.com/legal/terms/page_controller_addendum
- XING: https://privacy.xing.com/
- LinkedIn: https://www.linkedin.com/static?key=privacy_policy and https://legal.linkedin.com/pages-joint-controller-addendum
- Instagram: https://www.instagram.com/legal/privacy/ and https://www.facebook.com/legal/terms/page_controller_addendum
Transfer to third countries
Your use of the platform may result in the processing of your data in a third country (located outside the European Economic Area) by the platform operator. In some countries, there is a risk that authorities may access the data for security and monitoring purposes without you being informed or having the right to appeal. For more information on the processing of your data in a third country over which ATR has no control, please refer to the privacy policy of the social media platforms.
Your rights as a user
As a website user, you have the possibility to assert the following rights against us as well as against the provider of the social media platform if the prerequisites are met:
Right of access (Art. 15 GDPR):
You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have the right to be informed about this personal data and to the information listed in detail in Article 15 GDPR.
Right to rectification and erasure (Art. 16 and 17 GDPR):
You have the right to request without delay the correction of any inaccurate personal data concerning you and, where applicable, the completion of any incomplete personal data.
You also have the right to request that personal data concerning you be deleted without delay if one of the reasons listed in detail in Article 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued.
Right to restriction of processing (Art. 18 GDPR):
You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR applies, for example if you have objected to the processing, for the duration of any review.
Right to data portability (Art. 20 GDPR):
In certain cases, which are detailed in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transfer of this data to a third party.
Right to object (Art. 21 GDPR):
If data is processed on the basis of our legitimate interest pursuant to Art. 6 (1) f DSGVO, you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If the data is processed on the basis of legitimate interest for the purpose of direct marketing, you have your own right to object, which you may exercise at any time without giving reasons and the exercise of which will result in the termination of the processing for the purpose of direct marketing.
Right of appeal to a supervisory authority
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data concerning you violates data protection provisions. The right of complaint may in particular be asserted before a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged infringement.
Providing your data
Unless otherwise stated in the previous chapters, the provision of personal data is not required by law or contract or necessary for the conclusion of a contract. You are not obliged to provide the personal data if no other information has been provided previously. Failure to provide your personal data may mean that we are unable to respond to your contact request.
Contact details of our data protection officer
Our external data protection officer will be happy to provide you with information on the subject of data protection under the following contact details:
datenschutz süd GmbH
Wörthstraße 15
97082 Würzburg
E-mail: office@datenschutz-sued.de
If you contact our data protection officer, please also state the responsible office named in the imprint.