Thank you for visiting our website. The safe and lawful handling of your data is particularly important to us. We would therefore like to inform you in detail about how your data is used while you are visiting our website and what happens to it afterwards.

Name and Contact Data of the Data Controller

The Data Controller as laid down in the European Data Protection Regulation (in the following “GDPR” for short), the German Federal Data Protection Act, additional data protection laws of the member states and further data protection regulations is

ASC Technologies AG
Seibelstraße 2-4
63768 Hösbach

Phone: +49 6021 5001 0
Email: hq@asctechnologies.com

(hereinafter referred to as "we", "us" or "our")

Data Protection Officer

You can contact our Data Protection Office, Mr. Michael Sauer, any time by sending a letter to the above postal address, calling the above phone number, or sending an e-mail to data.protection@asc.de.

Legal Bases of the Processing

Art. 6 (1) lit. a GDPR serves as the legal basis for processing operations for which we obtain the Data Subject’s consent for using the data for a specific processing purpose.
If the processing of personal data is necessary for the performance of a contract to which the Data Subject is a party, the processing is based on art. 6 (1) lit. b GDPR; this is the case, for example, for the delivery of goods or for the provision of services or return services. The same applies to processing operations that are necessary to carry out pre-contractual measures on the basis of inquiries about our products or services.

If we are subject to a legal obligation which makes processing personal data necessary, such as the fulfillment of tax obligations, the processing is based on art. 6 (1) lit. c GDPR.

In rare cases, the processing of personal data may become necessary to protect vital interests of the Data Subject or of another natural person; the legal basis in these cases is art. 6 (1) lit. d GDPR.

Ultimately, processing operations may also be based on art. 6 (1) lit. f GDPR if they are not covered by any of the above legal bases. This may be the case if the processing is necessary to protect our legitimate interest or that of a third party, provided that the interests, fundamental rights, and freedoms of the Data Subject do not prevail; in those cases, we warrant to carefully consider the legal interests of all parties involved.

Data Collection

We obtain your personal data when you provide it to us. This can be, for example, the information you provide in a contact form or in an inquiry sent to us.

Disclosure and Transmission of Data

Your personal data will not be transferred to third parties for purposes other than those listed below. We only pass your data on

• if you have given your express consent to this in accordance with art. 6 (1) lit. a GDPR;
• if this is legally permissible and required in accordance with art. 6 (1) lit. b GDPR for the processing of contractual relationships with you;
• in the event that a legal obligation exists for the disclosure in accordance with art. 6 (1) lit. c GDPR;
• if the disclosure is necessary to assert, exercise or defend legal claims in accordance with art. 6 (1) lit. f GDPR and if there is no reason to assume that you have a prevailing legitimate interest in the non-disclosure of your data;
• if we or our partners have a legitimate interest in accordance with art. 6 (1) lit. f GDPR to improve products and services and to be able to address customers in a more targeted manner in advertising campaigns thanks to detailed knowledge of target groups. In this case, data will only be passed on to our partners in anonymized form or, if this is not possible, in pseudonymized form; or
• within the framework of commissioned data processing in accordance with art. 28 GDPR. Our service providers process your data only insofar as this is necessary for the fulfillment of their service obligations and are obliged to fully comply with our instructions under data protection law. To ensure this, we have concluded corresponding agreements on commissioned data processing, each of which is linked to corresponding technical and organizational measures in accordance with art. 32 GDPR to ensure an appropriate level of protection.

Your data will not be transferred to a third country outside the European Union without your consent.

Data Subject Rights

You have the right

• in accordance with art. 15 GDPR to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
• in accordance with art. 16 GDPR to request the immediate correction of incorrect or completion of incomplete personal data stored by us;
• in accordance with art. 17 GDPR to request the erasure of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to comply with a legal obligation, for reasons of public interest, or to establish, exercise, or defend legal claims;
• in accordance with art. 18 GDPR to request the processing of your personal data to be restricted, insofar as the accuracy of the data is disputed by you, the processing is unlawful while you object to its erasure and we no longer require the data but you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with art. 21 GDPR;
• in accordance with art. 20 GDPR to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another Data Controller;
• in accordance with art. 22 GDPR to not be subject to a decision based solely on automated processing, including profiling, which has legal effects on you or significantly affects you in a similar manner;
• in accordance with art. 7 (3) GDPR to revoke your consent given to us at any time. This has the consequence that we may no longer continue to process your data based on this consent for the future, but the lawfulness of the processing carried out up to this point is not affected; as well as
• in accordance with art. 77 GDPR, to file complaint with the supervisory authority responsible for us, without prejudice to any other administrative or judicial remedy, if you believe that the processing of your personal data by us does not comply with the articles of the GDPR.

Supervisory Authority

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach

Phone: +49 981 180093 0
Fax: +49 981 180093 800
Email: poststelle@lda.bayern.de

Cookies

Our website – that is the entirety of this Internet presence including all sub-pages – uses cookies. In this context, data may be transmitted to and processed by partners. Detailed information on the individual services that set cookies, as well as the processing purposes, can be found at the bottom of this page.

Via the cookie banner that appears when you visit our web pages, you have the option of agreeing to or rejecting the use of cookies. Cookies that are necessary for the provision of the web service cannot be rejected.

If you wish to generally prevent the use of cookies, you can do so by making local settings in your browser. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

External Content and Third-Party Providers

Our website uses or loads services from third-party providers. This serves the integration of content, external services and elements of third parties, statistical analysis and personalized advertising. Depending on the service, data may be passed on to third parties. By combining this data with other data, it may be possible to create user profiles (tracking). Detailed information on the individual services, as well as the processing purposes, can be found at the bottom of this page.

For technical reason, this website loads external content from the domains https://jobs.b-ite.com, https://static.b-ite.com, https://cs-assets.b-ite.com, https://login.mailingwork.de, and https://mktdplp102cdn.azureedge.net for the duration of your stay. The legal basis is the protection of our legitimate interests (art. 6 (1) lit. f GDPR) for the functional operation of this website.

Server Log Files

We process information from so-called server log files that your browser automatically transmits to us.

• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address

This data will not be merged with data from other sources.

We have a legitimate interest in the technically error-free presentation and optimization of our website; the processing of this data is based on art. 6 (1) lit. f GDPR.

SSL Encryption

Our website uses SSL encryption (Secure Socket Layer) for the secure transmission of data from your browser to our server and to servers that provide files that we are embedding on our website. You can recognize the presence of SSL encryption by the preceding text "https" in front of the address of our website or, depending on your browser, for example by a key symbol in the header.

External Hosting

This website is hosted by an external service provider. Personal data collected on this website is stored on the servers of this service provider. This may include, in particular, IP addresses, website accesses, meta and communication data, contact inquiries, and other data generated automatically via our website.

We are using a professional service provider due to our interest in the secure and efficient provision of our online offer (art. 6 (1) lit. f GDPR).

Further Information on Information Security

We protect our website and other IT systems appropriately against loss, destruction, unauthorized access, unauthorized modification or unauthorized disclosure of your data by means of suitable technical and organizational measures. As we cannot guarantee data security, particularly not in case of unencrypted communication by e-mail, we recommend sending confidential information by letter mail.

Contact and Newsletter

If you contact us (i) via forms on this website or (ii) by e-mail or telephone; (iii) register for a newsletter via contact form or e-mail or (iv) via contact form for access to our partner portal, your contact or inquiry, including the personal data you provide, will be processed by us for the purpose of processing the inquiry and in the event of follow-up questions.

If you subscribe to our newsletter by e-mail or by using the contact form on our website, your personal data transmitted in this way will be processed for this purpose. The legal basis is your consent given by the inquiry or input (art. 6 (1) lit. a GDPR).

You can object to receiving the newsletter at any time by clicking on the unsubscribe link in the newsletter or by sending us a message and thus object to the processing of your personal data (see section "Data Subject Rights").

To verify the authenticity of your e-mail address entered in contact forms on our website, you will receive an automatically generated e-mail after submission with a request to reconfirm the subscription (so-called double opt-in). Only then will your personal data be permanently captured in our newsletter database or the database of interested parties; otherwise it will be deleted.

If you have asked us for information material such as whitepapers or marketing information or registered for one of our webinars/events, we will send you the requested material or contact you as requested. We will then store your data in our database of interested parties until you revoke your consent.

We commission data processors on behalf for some of the activities described above, in particular for sending newsletters or information leaflets, sometimes also in connection with the associated authentication procedures via contact forms (see section "Disclosure and Transfer of Data").

We do not share your data without your consent. Your data is processed on basis of art. 6 (1) lit. b GDPR, if your inquiry is related to the performance of a contract or if it is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of inquiries sent to us (art. 6 (1) lit. f GDPR) or on your consent (art. 6 (1) lit. a GDPR), if this has been obtained or if you have contacted by means of a form.

Your transmitted data will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (for example, after we have completed processing your inquiry). Mandatory legal provisions – in particular legal retention periods – remain unaffected.

Google Tag Manager

We use the service called Google Tag Manager from Google. "Google" is a group of companies and consists of Google Ireland Limited (provider of the service), Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA as well as other affiliates of Google LLC. We have concluded an order processing agreement with Google.

Google Tag Manager is an helper service for loading components based on user consent. The service itself processes personal data only for technically necessary purposes. Components loaded by the Google Tag Manager may in turn collect data under certain circumstances. The Google Tag Manager does not access this data.

For more information on Google Tag Manager, please see Google's privacy policy at https://policies.google.com/privacy.

Please note that American authorities, such as intelligence agencies, could potentially gain access to personal data that is inevitably exchanged with Google due to the Internet Protocol (TCP) when this service is integrated, due to American laws such as the Cloud Act.

Microsoft Dynamics: Contact Forms and Tracking

To make responding to inquiries as efficient as possible, we use contact forms provided by Microsoft Dynamics that transfer information you enter directly into our CRM system. The legal basis is our legitimate interest (art. 6 (1) lit. f GDPR); provider of the service is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

Microsoft Dynamics forms use cookies, insofar as you have consented to the use of cookies for statistical purposes in the cookie banner. Detailed information can be found at the bottom of this page.

By consenting to tracking, your click behavior in future newsletters will be stored on a Microsoft server in the European Union. This is made possible by logging information when you open a newsletter by reloading an implemented dedicated image, a so-called Web Beacon. Clicks on implemented links are also captured by first redirecting these user-specific links to lead to a Microsoft server, then adding additional data (such as user ID, region, operating system, and browser) to the Microsoft database there whenever these links are called up, and then eventually redirecting the link to lead to the original address (URL).

The data entered in the form (including name, company, e-mail address) is stored in the CRM and, if the e-mail address can be associated with a company, the contact is linked to the company’s set of data. Your choice regarding analysis of user behavior is saved, too. If you have consented to tracking, additional data such as opened e-mails, clicks on links, and time stamps are captured.

If you have objected to tracking upon subscribing to the newsletter, your click behavior will not be tracked. Of course, you can also revoke your original consent at any time by calling up the form with your tracking preferences and changing your choice.

More in-detail information about Dynamics 365 Marketing is available at Microsoft’s websites: (i) about marketing e-mails here; (ii) about the corresponding cookies here; and (iii) about data protection aspects of the GDPR here.

Matomo

We have integrated the web analytics software Matomo on our website. Web analytics is the collection, compilation and evaluation of data about the behavior of visitors to websites. A web analytics tool collects, among other things, data about the originating page from which a data subject came to our website (so-called referrer), which sub-pages of the website were accessed or how often and for how long a sub-page was viewed. A web analytics is mainly used to optimize a website and to analyze the costs and benefits of Internet advertising.

The purpose of Matomo is to analyze the flow of visitors to our website. The controller uses the data and information obtained, among other things, to evaluate the use of our website in order to compile online reports showing the activities on our pages.

Our Matomo software is set in such a way that neither cookies are set nor personal data is stored (e.g. IP addresses are anonymized). We do not pass on any of the data collected by Matomo to third parties.

Furthermore, the data subject has the option to object to and prevent collection by Matomo on our website. To do this, the data subject must either activate the "Do Not Track" setting in your browser or use the opt-out setting at the bottom of this page. In the latter case, a technically necessary cookie will be set.

Further information and the applicable data protection provisions of Matomo can be found at https://matomo.org/privacy/.

Links to Third Party Websites

This website includes references to Internet offers of third parties provided in the form of links. If you follow a link to one of these websites, we would like to point out that these websites have their own privacy policies and that we accept no responsibility or liability for this. Not before you click on such a link, will data be transmitted to the link destination; this is a technical necessity. The transmitted data are in particular your IP address, the time at which you clicked on the link, the page on which you clicked on the link and information about your browser. If you do not want data to be transmitted to the link destination, do not click on a link.

Links to Social Networks

You will also find links to Facebook, Xing, Twitter, YouTube, and LinkedIn on this website displayed by means of their corresponding logos. When you click on such a link, your browser establishes a direct connection with the servers of the respective social network. Since the transmission is direct, we do not have any knowledge of the transmitted data.

If you are logged in to the social networks at the same time or if active cookies have already been set on your computer by these social networks, the social networks can associate your visit to our website with your user account there. You can prevent this by logging out of the social networks before or by deactivating or removing cookies that have been set.

For information about the purpose and scope of data collection by the social networks, the further processing and use of the data by the social networks, and your rights in this regard as well as setting options for protecting your privacy, please refer to the privacy policy of the respective social network.

Handling of Applicant Data

We offer you the opportunity to apply at ASC and assure you that your data will be processed in accordance with applicable data protection law and that your data will be treated in strict confidence. Upon request, we will gladly send you more information about transparency.

Objection to Advertising E-Mails

The use of our contact data published on the mandatory “About Us” information for the purpose of sending unsolicited advertising and information material is hereby prohibited. We expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example by e-mail.

Disclaimer

We regularly check and update the information on this website but cannot assume any liability or guarantee for the topicality, correctness and completeness of the information provided. The same applies to other websites to which we refer by means of links.

Notation and Language

In this privacy statement, the legal form of language or the form that seems most appropriate in the context has been used, irrespective of the gender of the person designating it. For reasons of better readability, the simultaneous use of masculine and feminine forms of language has also been dispensed with; all designations apply equally to all genders (m/f/d).

This privacy policy is a translation. Should conflicts or difficulties of interpretation arise, the original of the privacy policy in German language shall solely be binding.

Changes to this Privacy Policy

We reserve the right to change this privacy statement if the legal situation or this online offer or the type of data collection changes. However, this only applies with regard to declarations on data processing. If the user's consent is required or components of this privacy statement contain a regulation of the contractual relationship with users, this privacy statement will only be changed following the user's consent.

As of: May 2021