How we protect your data
The TÜV NORD GROUP takes the protection of your personal data seriously and complies with the statutory provisions of the General Data Protection Regulation (“GDPR”) and the Federal Data Protection Act (“BDSG”) when processing personal data. In accordance with the GDPR, the following text will provide you with information about when and for what purposes your personal data is processed when you visit our website. This Privacy Policy applies to all processing of personal data carried out by us on our website, in mobile applications and as part of our external online presence, such as our social media profiles – “online offer”. It does not extend to any websites the links to which are provided here or websites of other providers.
Last updated: 30/07/2020
Document date: 30/07/2020
Revision 1.7
1 Definitions
Our Privacy Policy is based on the terms used by European legislators and regulators in the General Data Protection Regulation (GDPR). Our Privacy Policy is intended to be easy to read and understand by the general public and by our customers and business partners alike. In order to ensure this, we wish to start by explaining some of the terminology used.
1.1 Personal data
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
1.2 Data subject
“Data subject” is any identified or identifiable natural person whose personal data is processed by the controller of the processing.
1.3 Processing
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
1.4 Profiling
“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
1.5 Pseudonymisation
“Pseudonymisation” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
1.6 Controller
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
1.7 Processor
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
1.8 Recipient
“Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data is disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular enquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of such data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
1.9 Third party
“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
1.10 Consent
“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.
1.11 Cookies
Some of our websites use cookies – these do not contain viruses or cause any other damage to your computer. We only use cookies to make our offer more user-friendly, effective and secure. A cookie is a small text file that a website sends to your computer or mobile device, where it is stored by your web browser. Cookies can store information such as your IP address or another identifier, your browser type and information about the content that you view on the digital services and with which you interact.
1.12 Website
Website or internet presence means all of the controller’s web pages available on www.tuev-nord.de.
2 Name and address of the controller
The controller for the purposes of the GDPR, other data protection laws applicable in Member States of the European Union and other provisions related to data protection are:
Companies of the TÜV NORD GROUP, represented by TÜV NORD AG
Am TÜV 1
Hanover
Germany
Tel.: +49 511 998-0
Email: privacy@tuev-nord.de
Website: www.tuev-nord.de
3 Name and address of the Data Protection Officer
The Data Protection Officer of the controller is:
Mr Berthold Weghaus
TÜV NORD AG
Am TÜV 1
45307 Essen
GErmany
Tel.: 0201 / 825-2165
Email: privacy@tuev-nord.de
If you would like to, for example, receive information about your personal data stored in our IT systems or if you wish to have your personal data erased, please use our Online Form for the Protection of the Rights of Data Subjects
4 General information on the collection and processing of your data on our website
4.1 How do we collect and use your data?
One of the ways in which your data is collected is when you communicate it to us. This is, for example, the data that you enter in a contact form. Other data is automatically collected by our IT systems when you visit our website. This is mainly technical data (e.g. Internet browser, operating system or date and time of your visit to our website). This data is collected automatically the moment you visit our website.
Some of the data is collected in order to ensure that the website is provided to you without errors. Other data may be used to analyse your user behaviour.
4.2 Scope of processing
In principle, we only process personal data of visitors and users of our website insofar as this is necessary for the provision of a functional website as well as our content and services. As a rule, the personal data of our users is processed only with the consent of the user. An exception applies in those cases in which prior consent cannot be obtained for practical reasons and where data processing is permitted by law.
4.3 Legal basis
The processing of personal data with the consent of the data subject is based on Article 6 (1) (a) of the GDPR.
The processing of personal data that is necessary for the performance of a contract to which the data subject is a party is based on Article 6 (1) (b) of the GDPR. This also applies to processing operations that are required to carry out pre-contractual measures.
The processing of personal data that is necessary to fulfil a legal obligation imposed on our company is based on Article 6 (1) (c) of the GDPR.
In the event that vital interests of the data subject or another natural person require the processing of personal data, such processing is based on Article 6 (1) (d) of the GDPR.
The legal basis for processing that is necessary for the purposes of the legitimate interests pursued by our company or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, is Article 6 (1) (f) of the GDPR.
4.4 Storage and erasure of your data
We erase or block the personal data of the data subject as soon as the purpose of storage no longer applies. Data may also be stored if this is provided for by the European or national legislator in Union regulations, laws or other provisions applicable to our company. Data will also be blocked or erased upon expiry of a storage period prescribed by the standards mentioned, unless further storage of the data is required in order to conclude or perform a contract.
5 Server log files
Every time our website is accessed, our server system automatically collects data and information from the computer system of the calling computer, which includes the following:
the type and version of your internet browser,
the operating system of your computer or smartphone,
your internet service provider,
your IP address,
date and time of your access,
websites from which you have been redirected to us,
websites that you visit from our websites.
This data is not merged with other data sources. We collect such technical information in so-called log files in order to ensure that our website is displayed correctly, to assist us in determining the causes of any technical problems, and for the purposes of the technical optimisation of our website and the security of our computer systems and networks. In respect of such purposes, our legitimate interest in data processing is also laid down in Article 6 (1) (f) of the GDPR. The data is erased as soon as it is no longer required to achieve the purpose for which it was collected. In most cases, this technical information is erased or made illegible by no later than seven days. The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. The user therefore has no option to object to such processing.
6 Cookies and tracking technologies
6.1 Analysis tools and third-party tools
When you visit our website, your surfing beMost of the cookies used by us are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser during your next visit. You can set your browser in such a way that you are informed about the placement of cookies and only allow cookies on a case-by-case basis, exclude accepting cookies for certain cases or in general, and activate the automatic deletion of cookies whenever you close your browser. If cookies are deactivated, the functionality of this website may be restricted. The storage of cookies that are necessary to carry out the electronic communication process or to provide certain functions required by you is based on Article 6 (1) (f) of the GDPR. We have a legitimate interest in storing cookies to ensure technically flawless and optimised provision of our services. If other cookies (e.g. cookies for analysing your surfing behaviour) are stored, these are treated separately in our cookie settings.haviour can be statistically evaluated. This is mainly done using cookies and so-called analysis programs. The analysis of your surfing behaviour is anonymous and therefore cannot be traced back to you. You may object to this analysis or prevent it by not using certain tools.
6.2 What are cookies?
6.2.1 Cookies
Most of the cookies used by us are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser during your next visit. You can set your browser in such a way that you are informed about the placement of cookies and only allow cookies on a case-by-case basis, exclude accepting cookies for certain cases or in general, and activate the automatic deletion of cookies whenever you close your browser. If cookies are deactivated, the functionality of this website may be restricted. The storage of cookies that are necessary to carry out the electronic communication process or to provide certain functions required by you is based on Article 6 (1) (f) of the GDPR. We have a legitimate interest in storing cookies to ensure technically flawless and optimised provision of our services. If other cookies (e.g. cookies for analysing your surfing behaviour) are stored, these are treated separately in our cookie settings.
6.2.2 Web beacons/gifs, pixels, page tags, script
Email and mobile applications may contain small, transparent image files or lines of code intended to record how you interact with them. This information is used to help website and app publishers to better analyse and improve their services.
6.2.3 Cookies for analytical purposes
When visiting our website, the user is informed about the use of cookies for analytical purposes and we obtain their consent to the processing of the personal data used in this context. As part of the process, the user is also referred to this Privacy Policy.
Analytical cookies are used for the purpose of improving the quality of our website and its content. They tell us how the website is used, thus allowing us to continuously optimise our offer.
The processing of personal data using cookies for analytical purposes, where the user has given their consent, is based on Article 6 (1) (a) of the GDPR.
6.2.4 Duration of storage, objection and data erasure options
Cookies are stored on the user’s computer, which transfers them to our website. You have and retain full control over the use of cookies and can delete cookies in your browser or via the cookie settings in the bottom left corner of our website, deactivate the storage of cookies entirely or selectively accept certain cookies. Please use the help functions of your browser to find out how you can change these settings. Doing so may restrict the functionality of our website. The user consents to the use of cookies by accepting the use of cookies in the window displayed by us on the website (“cookie banner”). You can adjust your cookie settings individually at any time by clicking on the icon (bottom left of the website).
6.3 Categories of cookies used by TÜV NORD
To assist you with customising your data protection settings for visiting our website according to your individual needs, you can use the cookie settings to set your preferences with regard to the categories “Technically necessary”, “Statistics”, “Comfort and personalisation”.
6.3.1 “Technically necessary” category
These cookies are necessary for the technical operation of the website and for the control of the commercial objectives of our company. Some functions of our website cannot be offered without the use of these cookies.
We use technically necessary cookies based on our legitimate interests (Article 6 (1) (f) of the GDPR). We have a legitimate interest in ensuring the functionality of our websites and its optimal usability. Logging, among other things, serves the fulfilment of Section 13 (2) of the German Telemedia Act and no objection is possible. This type of cookie is used exclusively by TÜV NORD as the operator of the website and all information stored in the cookies is only transmitted to this website.
6.3.2 “Statistics” category
With a view to further improving our offer and our website, we collect anonymised data for statistical and analytical purposes. The use of these cookies allows us to, for example, determine the number of visitors and the impact of certain pages of our website, as well as to optimise our content. Analytical cookies and tags enable us to generate overall statistics, e.g. about the number of visits, which areas of the website are viewed most frequently and information about locations and the average length of visits to our website. We are thus able to improve the quality of our website and the content. Functional cookies enable this website to store information such as the user name or the language selection and to offer the user improved and personalised functions on this basis. These cookies only collect and store anonymised information.
6.3.3 “Comfort and personalisation” category
We use these cookies to make it easier for you to use our website. For example, when you visit our website again, you can easily access the same content.
Cookies in this category are also used to show you personalised content that matches your interests. This enables us to display our offers to you.
We only use functionality cookies, analytical cookies and advertising cookies subject to your consent (Article 6 (1) (a) of the GDPR).
Some of the cookies we use are automatically deleted after you close the browser (so-called session cookies), while others are permanently stored on your device and enable us to recognise your browser (so-called persistent cookies).
6.3.4 Overview of our basic cookie settings and deletion periods
Here you can find our cookie settings: https://www.tuev-nord.de/de/kategorien/cookie-einstellungen/
