(Information on the processing of your personal data)
a) Who is responsible for data processing and whom can I contact?
ACE International GmbH
Mr Michael Bott
Sandstraße 2-6, 55543 Bad Kreuznach
b) What do we process your data for and on what legal basis?
The personal data collected directly from you will be processed by ACE International GmbH for the purpose of implementing or terminating the business relationship. Furthermore, your personal data is collected and processed for the purpose of exercising or fulfilling obligations arising from laws.
The processing of your data by us is carried out on the basis of article 6 paragraph 1 letter b) GDPR.
c) Who receives your data?
Within our company, access to your data is granted to those entities that need it to fulfil our contractual and legal obligations. The following recipients will also receive your data:
|Who receives your data?||Which data?|
|Internal departments||Base data and contact details, insofar as this is necessary for processing the business relationship|
|External service providers (depending on requirements, e.g. financial institutions as well as service providers required under the contract)||Base data and contact data, insofar as this is necessary for processing the business relationship|
|Authorities (depending on necessity e.g. tax authorities)||As far as access is necessary|
d) Is there a transfer to countries outside the EU?
The transfer of your personal data to countries outside the EU (so-called third countries) is not intended. Should ACE International GmbH intend to transfer your personal data to third countries, we will inform you accordingly.
e) How long will your data be stored?
We process and store your data for as long as necessary to fulfil our contractual and legal obligations. Please note that our business relationship with you may be a continuing obligation which may last for years.
If your data is no longer required for the fulfilment of contractual or legal obligations, we will delete it, unless its further processing or archiving is necessary for legal reasons. These legal reasons include, for example, commercial and tax retention obligations (from the German Commercial Code and the German Fiscal Code). The periods of data retention specified there are usually two to ten years.
Furthermore, we may need your data for evidence purposes in connection with warranty claims, the termination of the business relationship or with regard to the rights and obligations arising from our contract. With regard to these data, they are usually deleted after the expiry of the limitation periods, whereby the regular limitation period of the German Civil Code is three years.
f) What rights do you have
You are entitled at any time to request information from ACE International GmbH about the data stored about you. Furthermore, you can at any time request ACE International GmbH to correct, delete, restrict and transfer personal data or to object to the processing. To do so, please contact our data protection officer at the above address.
If you are of the opinion that the processing of your personal data is unlawful, you have the right to complain to the responsible supervisory authority, the State Commissioner for Data Protection and Freedom of Information of Rhineland-Palatinate.
g) Obligation to provide personal data
Within the framework of our business relationship, you must provide us with the data required for the establishment, execution and termination of the business relationship and for the fulfilment of the associated contractual obligations or which we are legally obliged to collect. Without this data, we are generally not in a position to conclude, implement and terminate a contract with you or your employer.
h) Automated decision making and profiling
No automated decisions or other profiling measures are carried out.
i) Direct mail
Where ACE International GmbH processes personal data for the purpose of direct marketing, the data subject shall have the right to object at any time to the processing of personal data for the purpose of such marketing. This also applies to profiling, insofar as it is connected with such direct marketing. If the data subject objects to ACE International GmbH processing for the purposes of direct marketing, ACE International GmbH will no longer process the personal data for these purposes.
If no consent has been given for the sending of an e-mail to be classified as direct advertising, the legal basis for this is provided by § 7 para. 3 UWG. You can object to the processing of your data at any time by contacting the respective company or the data protection officer.
On the basis of our legitimate interests (Art. 6 para. 1 lit. f. GDPR), we use Google Analytics to optimise and analyse the website.
Google is certified under the Privacy Shield Agreement and therefore provides a guarantee of compliance with the European General Data Protection Regulation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
If you have agreed to the analysis and processing of your data for statistical purposes, we will transmit the raw data anonymously to Google Analytics. Google uses the information for evaluation on our instructions.
There is no combination of your data for clear identification. Your transmitted and anonymised data will be automatically deleted after 14 months.
Data Protection information for the use of “Web conference tools” for ACE International GmbH
We would like to inform you about the processing of personal data in connection with the use of “Zoom”, “Teams” or similar services.
Purpose of processing
We use tools such as “Zoom”, “Teams” or similar services to run conference calls, online meetings, video conferences and / or webinars (below: „Online-Meetings“)
ACE International GmbH is responsible for data processing that is directly related to the implementation of “online meetings”.
Note: As soon as you access the “Zoom” website, the provider of “Zoom” is responsible to process the data.
Opening the website is only necessary for the use of “Zoom” in order to download the software.
You can use “Zoom” or “Teams”, if you enter the respective meeting ID and possibly any other access data for the meeting directly in the “Zoom” or “Teams” app.
If you do not want or cannot use the “Zoom” app, the basic functions can also be used via a browser version, which you will find on the “Zoom” website.
Which data will be processed?
While using “Zoom”, “Teams” or similar services, different types of data will be processed. The extent of the data also depends on which data you are using before or when you are participating in an “online meeting”.
The following personal data are the subject of processing:
User information: first name, last name, telephone (optional), email address, password (if “Single Sign-On” is not used), profile picture (optional), Department (optional)
Meeting metadata: topic, description (optional), participant IP addresses, device / hardware information
For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, a text file of the online meeting chat.
Dialing in by telephone: Information on the incoming and outgoing phone number, country name, start and end time of the call. It is also possible that further connection data, such as the device’s IP address is saved.
Text, audio and video data: You may have the option of using the chat, question or survey functions in an “online meeting”. In this respect, the text entries you have made are processed in order to display them in the “online meeting” and, if necessary, to log them.
In order to enable the display of video and the playback of audio, the data from the microphone of your end device and any video camera of the end device are processed accordingly during the duration of the meeting.
You can switch off or mute the camera or microphone yourself at any time using the “Zoom” applications.
Scope of processing
We use “Zoom”, “Teams” or similar services to conduct “online meetings”. If we want to record “online meetings”, we will inform you in advance and – if necessary – ask for your consent.
If a recording of the meeting takes place, this will also be shown in the “Zoom” and “Teams” app.
If it is necessary for the purpose of logging results of an online meeting, we will log the chat content. However, this will usually not be the case.
In the case of webinars, we can also process the questions asked by webinar participants for the purpose of recording and following up webinars.
If you are registered as a user of “Zoom” or “Teams”, reports about “Online Meetings” (meeting metadata, data on telephone dial-in, questions and answers in webinars, survey function in webinars) can be saved for up to one month.
The possibility of software-based “attention monitoring” (“attention tracking”) existing in “online meeting” tools such as “zoom” is deactivated.
Automated decision making in the meaning of Art. 22 GDPR is not used.
Legal basis for data processing
As far as personal data of employees of ACE International GmbH are processed, § 26 BDSG is the legal basis of the data processing.
If in connection with the use of “Zoom” or “Teams” or similar services personal data is not necessary for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component when using “Zoom”.
Art. 6 Para. 1 lit. f) GDPR is the legal basis for data processing. In these cases, we are interested in the effective implementation of “online meetings”.
Incidentally, the legal basis for data processing when holding “online meetings” is Art. 6 Para. 1 lit. b) GDPR, insofar as the meetings are carried out within the framework of contractual relationships.
If there is no contractual relationship, the legal basis is Art. 6 Para. 1 lit. f) GDPR. Here, too, we are interested in the effective implementation of “online meetings”.
Recipient / transfer of data
Personal data that are processed in connection with the participation in “online meetings” are generally not passed on to third parties unless they are not intended to be passed on.
Please note that content from “online meetings” and personal meetings are often used to communicate information with customers, interested parties or third parties and are therefore intended to be passed on.
Other recipients: The provider of “Zoom” necessarily receives knowledge of the above-named Data, insofar as this is provided in the context of our order processing contract with “Zoom”.
Data processing outside the European Union
“Zoom” is a service provided by a company in the United States. The processing of personal data also takes place in a third country.
An adequate level of data protection is guaranteed on the one hand by the “Privacy Shield” certification of the Zoom Video Communications, Inc., and on the other hand by the conclusion of the so-called EU standard contractual clauses.
Data protection officer
According to Art. 37 GDPR, we are not obliged to appoint a data protection officer. Nevertheless, we have set up a corresponding inspection body.
Your rights as an affected person
You have the right to get informed about your personal data. You can contact us at any time for information.
In the case of a request for information that is not submitted in writing, we ask for your understanding that we may require you to provide proof that you are the person you claim to be.
You also have the right to correct, delete or the restrict on processing, insofar as you are legally entitled to do so.
Furthermore, you have a right to object against perception within the scope of personal requirements.
A right for data portability also exists within the framework of the data protection regulations.
Deletion of data
We generally delete personal data when there is no need for further storage.
A requirement may exist, if the data is still required in order to be able to perform contractual services, to be able to check and grant or reject warranty and possibly guarantee claims.
In the case of statutory retention requirements, deletion is only considered after the respective retention obligation has expired.
Right to lodge a complaint with a supervisory authority
You have the right to complain about the processing of personal data by us to a data protection supervisory authority.
Changes to this data protection notice
We will revise this data protection notice in the event of changes to data processing or other occasions that makes this necessary. The current version can always be found on this website.
As of May 19, 2020