Data Privacy Statement
Implementation and area of applicability
The protection of your private sphere is of great importance to Discom – Elektronische Systeme und Komponenten GmbH (hereinafter referred to as “Discom”). We consider it to be our obligation to store personal data securely and to ensure that all personal data is used and saved in accordance with the applicable data protection laws. It goes without saying that our philosophy also includes us not misusing personal data which is in our possession.
By visiting www.discom.de (hereinafter “the website”) or by reading our online communication via various channels, such as our social media pages (referred to jointly as “online channels”), you have shown your interest in us, our products and our services. We very much appreciate this. This Data Privacy Statement explains what types of personal data are collected and how Discom uses this data when you interact with us, for example by visiting our website, using or purchasing our products or services, getting in touch with our customer service department, subscribing to our newsletter, participating in our webinars or interacting with Discom in other ways. The Data Privacy Statement in particular further describes all types of online and offline collection of data, as well as your rights in relation to your personal data. This Data Privacy Statement does not apply to personal data of applicants which is collected by our careers site. This data is subject to the Discom/HBK Data Privacy Statement – Recruitment (can be accessed here).
The Data Privacy Statement may be adjusted in the future. The last change took place on 01 October 2020. The most up-to-date Data Privacy Statement is published on our website. We recommend that you regularly check the website for changes to this Data Privacy Statement. [You can save or print out this Data Privacy Statement with the relevant browser functions].
2. About Us
Discom is the global market and technology leader in end-of-line production tests for drives in automobiles. The mid-sized enterprise is a leader worldwide in acoustic quality analysis. As an innovation driver, Discom develops and markets systems for the automotive industry and its suppliers for testing assembly units during manufacturing:
- Gearboxes of all types
- Electric and combustion engines
- Tapered roller bearings
- Axles and actuators
The measurement systems make it possible to ensure a high level of manufacturing quality and optimize process costs in manufacturing.
3. Who is responsible for your personal data?
Discom, headquartered Maschmühlenweg 81, 37081 Göttingen, Germany is responsible for processing of personal data which comes under the scope of application of this Data Privacy Statement.
Should you have any questions concerning this Data Privacy Statement, the use of our website, our products, services, solutions or events and your interaction with us in connection with the use of your personal data or your rights in relation to this, you can contact us via the following email address: [email protected].
4. For what purposes do we process your personal data?
4.1 In order to respond to your questions and process your queries
i. What does this purpose mean?
Should you get in touch with us via [[email protected]] or using the [contact form] on our website, we will respond to your query with the assistance of your personal data.
ii. On what legal basis do we process your personal data?
We process your personal data in accordance with our legitimate interest in the management of our relationships with existing and potential customers, suppliers and business partners.
iii. What personal data do we process for this purpose?
For this purpose, we process your name, your contact data, your correspondence with Discom and all other personal data which is necessary in order to respond to your query.
4.2 In order to carry out your orders and process your payments, as well as for the customer service department
i. What does this purpose mean?
We use your personal data in order to process and deliver your order, to let you know the order status and to inform you of the transaction (for example if it fails), as well as to provide services to you as a customer.
ii. On what legal basis do we process your personal data?
We use your personal data in order to process and deliver your order, to let you know the order status and to inform you of the transaction (for example if it fails), as well as to provide services to you as a customer.
iii. What personal data do we process for this purpose?
For this purpose, we process your name and contact data, credit card and other payment information, your agreement to our general terms and conditions of business and your correspondence with Discom.
4.3 For the development and improvement of products and/or services
i. What does this purpose mean?
We process your personal data in order to evaluate and improve our products and services. We convert your personal data into statistical or aggregated data in order to analyze customer behavior and to adjust the services we offer. On an aggregated basis (i.e. in a manner which means that you are not personally identifiable), we also carry out market trend analysis, in order to adjust our products and marketing to new developments. For this purpose, we analyze how often you read the newsletter and visit our website, which sites you click on, which downloads you carry out and what goods you have purchased via our website. Based on this information, we can make changes to our products and services, newsletters or the website, and can also adjust our products and services.
ii. On what legal basis do we process your personal data?
We process your personal data on the basis of our legitimate interest in the development and improvement of our products and services for our customer in relation to customer requirements and major market trends and developments.
iii. What personal data do we process for this purpose?
For this purpose, we process your contact data, personal data (such as name and date of birth), your vocation, payment information and transaction history, your demographic data (such as your country and preferred language), as well as your correspondence with us. We process your data which is acquired in connection with your use of the website, such as your IP address, history of sites visited, your clicking and surfing behavior, as well as the duration of your session.
4.4 In order to provide you with the functions of our website and to administer the website in terms of technology and function
We process your technical data in order to provide you with the functions of our website and to enable our website administrators to manage and improve the performance of our website. Should you enter data in our websites (for example product preferences or your location) in order to obtain relevant information or functions, Discom processes this data in order to provide you with the requested information or functions.
ii. On what legal basis do we process your personal data?
We process your personal data in accordance with our legitimate interest in maintaining the functionality of our website and enabling the processing of payments via our website.
iii. What personal data do we process for this purpose?
For this purpose, we process the personal data which you have entered in our website or the functions and technical data of your device which is generated by you using the website, such as your IP address, Internet browser used, the pages visited on the website, clicking and surfing behavior and the duration of the session.
4.5 If applicable, to set up and administer your website account and to ensure confidentiality
i. What does this purpose mean?
Should you wish to register and set up an account with us, it is necessary for you to provide us with your personal data. Once your account has been set up, we will send you your personal registration data. We also use your personal data in order to administer and secure your account – for example we can change your password for you.
ii. On what legal basis do we process your personal data?
We process your personal data on the basis of our legitimate interest in (i) administering of our customer relationships by means of effective accounts management and (ii) protecting the confidentiality and integrity of our information networks, including the website accounts.
iii. What personal data do we process for this purpose?
For this purpose, we process your name, e-mail address, title, telephone number, gender and date of birth, address, all other information which you have deposited into your account, your registration and security related access data (such as your passwords, password reminders and similar information) which enables us to verify you and to provide you with access to your account.
4.6 For customer relationship management (CRM)
i. What does this purpose mean?
Discom sends you messages in order to administer your relationship and account with us, and to notify you of any product recalls.
ii. On what legal basis do we process your personal data?
The processing takes place on the basis of our legitimate interest in the development and management of existing customer relationships.
iii. What personal data do we process for this purpose?
For this purpose, we process your name and contact data, personal data such as your name and date of birth, contact preferences, payment information and transaction data, whether you wish to receive our newsletter or not and your correspondence with us.
4.7 For direct marketing purposes
i. What does this purpose mean?
Our range of products, services and solutions is constantly developing in order to respond to the increasing demands of the markets in which we operate. For this purpose, we can provide you with information concerning products, services, solutions, campaigns and offers which correspond to or are similar to those you have received after submitting a query or which may be of interest to you. We can also invite you to participate in market studies or request that you provide feedback in connection with our events, products, services and solutions.
ii. On what legal basis do we process your personal data?
We generally process your personal data in accordance with your consent, which you can revoke at any time free-of-charge. In a certain number of small cases, we can however provide you with advertising offers, also without your consent. You always have the option of rejecting the receipt of these notifications by following the instructions which are contained in every message. Should you de-register, we will no longer send you any direct advertising.
iii. What personal data do we process for this purpose?
We process your name and contact data, your payment, order and transaction histories, as well as data from market studies.
4.8 For organizational analysis, internal reporting, acquisitions and sales, as well as in order to carry out business processes and internal administration
i. What does this purpose mean?
At Discom, we process your personal data when creating and carrying out internal reports (management reporting) and analysis on the basis on aggregated personal data. We also carry out customer, supplier and business partner surveys, in order to fund out more about your views and opinions within the framework of the reporting process. In addition, your personal data can also be processed within the framework of mergers, acquisitions and sales, as well as in order to carry out such transactions. We process your personal data as part of general business activities and the internal administration of our company, also in the course of asset and order administration. In addition, your personal data can be used when we carry out audits and investigations in order to comply with applicable legal obligations and/or internal guidelines of Discom, to carry out commercial investigations and to administer our database of customers, suppliers and business partners.
We also process your personal data for accounting and billing purposes, for archiving and backup purposes, in order to carry out correct bookkeeping, as well as within the framework of disputes resolution.
ii. On what legal basis do we process your personal data?
We process your personal data in accordance with our legitimate interest in the day-to-day management of Discom and to develop and implement plans for strategic growth.
iii. What personal data do we process for this purpose?
For this purpose, we can process your contact data, your personal data (such as name and date of birth), your payment and transaction data (including credit and payment data and order history), your responses to our surveys, data which is saved in our IT system, data which was generated when performing your contract with Discom and your correspondence with us.
4.9 To comply with laws
i. What does this purpose mean?
Discom processes your personal data in order to comply with laws and regulations (for example tax and commercial behavior guidelines and duties of care, including “know your customer” requirements). This may include the disclosure of your personal data to authorities or other supervisory bodies.
ii. On what legal basis do we process your personal data?
We process your personal data in order to comply with legal requirements or the regulations of the authorities to which we are subject.
iii. What personal data do we process for this purpose?
For this purpose, we process your contact data, such as your name and e-mail address, personal data such as your name and date of birth, payment information, transaction history (including your order history), your chamber of commerce and tax data, as well as all other information which is requested by the responsible government or supervisory authority.
4.10 Zum Schutz von Gesundheit und Sicherheit sowie zur Gewährleistung der Integrität
i. What does this purpose mean?
Should you be invited to Discom, we process your personal data in order to protect our employees, customers, suppliers and business partners, as well as their assets. In this context, we verify your access rights to our facilities and can check your personal data against the publicly accessible register of criminal offenses and/or of the criminal prosecution authorities.
ii. On what legal basis do we process your personal data?
We process your personal data within the framework of our legitimate interest in ensuring the health and safety of other persons, as well as in order to authenticate the status and access rights of third parties while on our premises.
iii. What personal data do we process for this purpose?
For this purposes, we process your name, date of birth, payment information and the transaction history, as well as the history of your visits to our premises.
5. How long do we store your personal data for?
We store your personal data for as long as is necessary for the purposes named above and for the duration which was stated to you when your personal data was obtained.
The criteria we take into account when determining the retention periods include the following:
- Retention in case of queries: In case of follow-up queries, we can retain your personal data for a reasonable period of time, should you have expressed an interest in events, products, services or solutions.
- Retention in accordance with legal requirements and regulations of the authorities: We check whether we must continue to retain your personal data after the expiry of the retention period in case of queries (see above) in accordance with legal requirements and regulations of the authorities. Some or all of these criteria may be relevant to the retention of your personal data which is gathered in connection with our events, products, services, solutions and/or use of our website.
- Retention which is permitted in accordance with applicable laws: We will continue to retain your personal data, should this be necessary in order to provide you with our services and the retention of this personal data is necessary in order to pursue our legitimate interests or is in the public interest.
6. Cookies
We also gather data with the assistance of cookies. Cookies are small information data sets which save and access data concerning your visit to our website, for example the domain name of your Internet provider, the sites accessed by you and the time of the access. We can process the data which is gathered by us in order to provide you with a seamless, consistent and personalized user experience, for example by providing you with personalized recommendations on the basis of your use of the website.
You can find out more about how we use cookies and how you can de-activate them in our cookie notice. You can find it here.
Lesen Sie in unserer Cookie-Richtlinie mehr darüber, wie wir Cookies verwenden und wie Sie diese deaktivieren können. Sie finden diese hier.
7. Who has access to your personal data?
7.1 Access to your personal data within Discom and Spectris PLC (hereinafter “Spectris”)
Your personal data is only available to persons within Discom who require access to it and only to the extent which is necessary in order to fulfill the purpose named in section 4 “For what purposes do we process your personal data?” (see above). We will take suitable measures to ensure sufficient protection of your personal data.
We may also pass your personal data on to our associated companies within the Spectris PLC corporate group (of which Discom is a member). We may exchange your data amongst ourselves for administrative purposes, in order to receive a comprehensive overview of your contacts and contracts with the Spectris Group. This allows us to provide a comprehensive range of products and services. Should our associated companies send you information concerning events, products, services or solutions which may be of interest to you, this takes place with your consent (if required under applicable laws).
In addition, within the framework of a group-wide data protection program of Spectris, Discom is subject to the Spectris binding corporate rules (hereinafter “BCR”), i.e. your personal data is treated with the same degree of care when being exchanged within the Spectris Group, regardless of the processing location.
7.2 Third party access to your personal data
The following third parties may have access to your personal data:
- Associated companies, distributors or contracts, for example should we consider this to be necessary in order to provide you with a comprehensive solution for your stated commercial requirements or in order for our contractors to be able to carry out maintenance to the products which have been purchased by you.
- Banks
- Insurance companies
- IT service providers, including website administrators
- Auditors and forensic experts
- Government and regulatory authorities and other third parties to whom we must disclose information in accordance with applicable laws, for example in order to comply with the order of a court or a request by a regulatory authority or similar legal proceedings or in other cases where this is necessary in order to fulfill a legal obligation or for the administration of justice.
- Relevant third parties or their professional advisers in the case of a merger, takeover or sale of a part or all of our assets.
- Third party service providers who carry out services on our behalf. Examples include the sending of newsletters, the management of our customer lists, the analysis of new databases, support with advertising measures, the processing of payments (credit card, payment following invoice, etc), as well as customer service.
Where third parties receive access to your personal data, Discom will take the necessary contractual, technical and organizational measures in order to ensure that your personal data is only processed to the extent that is strictly necessary. Should your personal data be transferred to a recipient in a country which does not provide reasonable protection for personal data, Discom will conclude agreements with the relevant third party which restrict the purpose of the use and disclosure of your personal data and which provide for reasonable protection of your personal data.
7.3 Personal data received from third parties
We co-operate closely with third parties (including business partners, sub-contractors in the area of technical, payment and delivery services, advertising networks and analysis and search information providers) and we may receive personal data from these relating to you. Such data received from third parties is stored in accordance with the duty of care described in this Data Privacy Statement and in line with all additional restrictions which are imposed on us by the third party which provided us with your personal data.
8. How is your personal data protected and secured?
Discom has taken sufficient security precautions in order to guarantee the confidentiality and security of your personal data. Discom has also taken reasonable technical, physical and organizational measures in order to protect your personal data against unintended or unlawful deletion, loss, damage, alteration, unauthorized disclosure or access and against all other forms of unlawful processing or further processing (in particular unnecessary gathering).
In order to encrypt sensitive data, for example credit card numbers for online purchases via the website, we use the Secure Sockets Layer (SSL) security protocol which is customary in the sector. We use the most up-to-date 128-bit encryption technology in all areas of the website where you are required to submit personal data or account information. This means that the credit card information which you send is encrypted by your computer and is then de-encrypted by us, which limits the risk of other persons accessing your personal data during the transfer process. You can check this by searching for a closed lock symbol in the lower part of your web browser or “https” at the start of the address of the website.
In order to protect credit card numbers and similar transaction data, we do indeed use encryption, however please bear in mind that no method of transfer over the Internet can be 100% secure. Even though we take reasonable security measures to protect your personal data after receipt, you must also ensure that you have taken suitable measures in order to protect your personal data.
9. Links to other websites
Our online channels may contain links to other, interesting websites. However, should you leave our websites via such links, please bear in mind that we have no control over the other website. Therefore, we are not responsible for the protection of the data which you provide when visiting such websites. These websites are also not subject to the provisions of this Data Privacy Statement. Please proceed with caution and observe the data protection notice which applies to the relevant website.
10. Your rights
In accordance with applicable data protection laws, you are entitled to various rights in relation to the processing of your personal data. These include:
- The right to receive information in relation to your personal data
- The right to have the personal data saved by us rectified
- Under certain conditions:
- The right to have your personal data erased
- The right to have the processing of your personal data restricted
- The right to have your personal data transferred to another processor;
- Should the processing take place in accordance with your consent, the right to revoke this consent
- And the right to submit a complaint to a data protection supervisory authority (in Germany, this is the State Data Protection Officer of the Federal State of Hesse). You can find a list of further authorities here.
Further information concerning the scope of these rights can be found in the Data Subject Request Form. Should you wish to claim your rights, please fill in the application form and send it to the data protection officer [email protected] (with any supporting documents). Note that, in order for us to respond to your request, we may require you to verify your identity.
We also wish to inform you that you may not be entitled to some (or all) of these rights in your legal ordinance. In addition, we can reject orders which are repeatedly placed in an unreasonable manner, which require a disproportionately high degree of technological expertise (for example the development of a new system or the basic alteration of an existing practice), which endanger the private spheres of other persons or which are seriously impractical (for example requests for information which is on backup systems).
We would recommend that you update your personal data via your account on our website. If you have registered on our website, you can log into your account in order to update your personal data and marketing preferences.