Data Privacy Statement
1. Implementation and area of applicability
The protection of your private sphere is of great importance to Discom – Elektronische Systeme und Komponenten GmbH (hereinafter referred to as “Discom”). We consider it to be our obligation to store personal data securely and to ensure that all personal data is used and saved in accordance with the applicable data protection laws. It goes without saying that our philosophy also includes us not misusing personal data which is in our possession.
By visiting www.discom.de (hereinafter “the website”) or by reading our online communication via various channels, such as our social media pages (referred to jointly as “online channels”), you have shown your interest in us, our products and our services. We very much appreciate this. This Data Privacy Statement explains what types of personal data are collected and how Discom uses this data when you interact with us, for example by visiting our website, using or purchasing our products or services, getting in touch with our customer service department, subscribing to our newsletter, participating in our webinars or interacting with Discom in other ways. The Data Privacy Statement in particular further describes all types of online and offline collection of data, as well as your rights in relation to your personal data. This Data Privacy Statement does not apply to personal data of applicants which is collected by our careers site. This data is subject to the Discom/HBK Data Privacy Statement – Recruitment (can be accessed here).
2. About us
Discom is the global market and technology leader in end-of-line production tests for drives in automobiles. The mid-sized enterprise is a leader worldwide in acoustic quality analysis. As an innovation driver, Discom develops and markets systems for the automotive industry and its suppliers for testing assembly units during manufacturing:
3. Who is responsible for your personal data?
Discom, headquartered Maschmühlenweg 81, 37081 Göttingen, Germany is responsible for processing of personal data which comes under the scope of application of this Data Privacy Statement.
Should you have any questions concerning this Data Privacy Statement, the use of our website, our products, services, solutions or events and your interaction with us in connection with the use of your personal data or your rights in relation to this, you can contact us via the following email address: [email protected].
4. For what purposes do we process your personal data?
4.1 Für die Beantwortung Ihrer Fragen und die Bearbeitung Ihrer Anfragen
i. What does this purpose mean?
Should you get in touch with us via [[email protected]] or using the [contact form] on our website, we will respond to your query with the assistance of your personal data.
ii. On what legal basis do we process your personal data?
We process your personal data in accordance with our legitimate interest in the management of our relationships with existing and potential customers, suppliers and business partners.
iii. What personal data do we process for this purpose?
For this purpose, we process your name, your contact data, your correspondence with Discom and all other personal data which is necessary in order to respond to your query.
4.2 In order to carry out your orders and process your payments, as well as for the customer service department
i. What does this purpose mean?
We use your personal data in order to process and deliver your order, to let you know the order status and to inform you of the transaction (for example if it fails), as well as to provide services to you as a customer.
ii. On what legal basis do we process your personal data?
We process your personal data, should this be necessary in order to perform a contract between us. Should you not provide the requested information, Discom will not be in the position of being able to process your order and/or to provide services to you as a customer.
iii. What personal data do we process for this purpose?
For this purpose, we process your name and contact data, credit card and other payment information, your agreement to our general terms and conditions of business and your correspondence with Discom.
4.3 For the development and improvement of products and/or services
i. What does this purpose mean?
We process your personal data in order to evaluate and improve our products and services. We convert your personal data into statistical or aggregated data in order to analyze customer behavior and to adjust the services we offer. On an aggregated basis (i.e. in a manner which means that you are not personally identifiable), we also carry out market trend analysis, in order to adjust our products and marketing to new developments.
For this purpose, we analyze how often you read the newsletter and visit our website, which sites you click on, which downloads you carry out and what goods you have purchased via our website. Based on this information, we can make changes to our products and services, newsletters or the website, and can also adjust our products and services.
ii. On what legal basis do we process your personal data?
We process your personal data on the basis of our legitimate interest in the development and improvement of our products and services for our customer in relation to customer requirements and major market trends and developments.
iii. What personal data do we process for this purpose?
For this purpose, we process your contact data, personal data (such as name and date of birth), your vocation, payment information and transaction history, your demographic data (such as your country and preferred language), as well as your correspondence with us. We process your data which is acquired in connection with your use of the website, such as your IP address, history of sites visited, your clicking and surfing behavior, as well as the duration of your session.
4.4 In order to provide you with the functions of our website and to administer the website in terms of technology and function
i. What does this purpose mean?
We process your technical data in order to provide you with the functions of our website and to enable our website administrators to manage and improve the performance of our website. Should you enter data in our websites (for example product preferences or your location) in order to obtain relevant information or functions, Discom processes this data in order to provide you with the requested information or functions.
ii. On what legal basis do we process your personal data?
We process your personal data in accordance with our legitimate interest in maintaining the functionality of our website and enabling the processing of payments via our website.
iii. What personal data do we process for this purpose?
For this purpose, we process the personal data which you have entered in our website or the functions and technical data of your device which is generated by you using the website, such as your IP address, Internet browser used, the pages visited on the website, clicking and surfing behavior and the duration of the session.
4.5 If applicable, to set up and administer your website account and to ensure confidentiality
i. What does this purpose mean?
Should you wish to register and set up an account with us, it is necessary for you to provide us with your personal data. Once your account has been set up, we will send you your personal registration data. We also use your personal data in order to administer and secure your account – for example we can change your password for you.
ii. On what legal basis do we process your personal data?
We process your personal data on the basis of our legitimate interest in (i) administering of our customer relationships by means of effective accounts management and (ii) protecting the confidentiality and integrity of our information networks, including the website accounts.
iii. What personal data do we process for this purpose?
For this purpose, we process your name, e-mail address, title, telephone number, gender and date of birth, address, all other information which you have deposited into your account, your registration and security related access data (such as your passwords, password reminders and similar information) which enables us to verify you and to provide you with access to your account.
4.6 For customer relationship management (CRM)
i. What does this purpose mean?
Discom sends you messages in order to administer your relationship and account with us, and to notify you of any product recalls.
ii. On what legal basis do we process your personal data?
The processing takes place on the basis of our legitimate interest in the development and management of existing customer relationships.
iii. What personal data do we process for this purpose??
Zu diesem Zweck verarbeiten wir Ihren Namen und Ihre Kontaktdaten, persönliche Daten wie Name und Geburtsdatum, Kontaktpräferenzen, Zahlungsinformationen und Transaktionsdaten, ob Sie unseren Newsletter empfangen wollen oder nicht und Ihre Korrespondenz mit uns.
4.7 Für Direktmarketingzwecke
i. Was bedeutet dieser Zweck?
Unser Angebot an Produkten, Dienstleistungen und Lösungen entwickelt sich ständig weiter, um den immer anspruchsvolleren Märkten, in denen wir tätig sind, gerecht zu werden. Zu diesem Zweck können wir Ihnen Informationen über Produkte, Dienstleistungen, Lösungen, Aktionen und Angebote zur Verfügung stellen, die denen entsprechen oder ähneln, die Sie erhalten haben, nach denen Sie gefragt haben oder die für Sie von Interesse sein könnten.
Wir können Sie auch zur Teilnahme an Marktstudien einladen oder Sie um Feedback zu unseren Veranstaltungen, Produkten, Dienstleistungen und Lösungen bitten.
ii. Auf welcher rechtlichen Grundlage verarbeiten wir Ihre personenbezogenen Daten?
Wir verarbeiten Ihre personenbezogenen Daten in der Regel auf Grundlage Ihrer Einwilligung, die Sie jederzeit kostenlos widerrufen können. In bestimmten wenigen Fällen können wir Ihnen jedoch auch ohne Ihre Einwilligung Werbebotschaften zukommen lassen. Sie haben immer die Möglichkeit, den Erhalt dieser Mitteilungen abzulehnen, indem Sie die in jeder Mitteilung enthaltenen Anweisungen befolgen. Wenn Sie sich abmelden, senden wir Ihnen keine Direktwerbung mehr zu.
iii. Welche personenbezogenen Daten verarbeiten wir zu diesem Zweck?
Wir verarbeiten Ihren Namen und Ihre Kontaktdaten, Ihre Zahlungs-, Bestell- und Transaktionshistorie sowie Daten aus Marktstudien.
4.8 Für Organisationsanalysen, das interne Berichtswesen, Akquisitionen und Veräußerungen sowie für die Durchführung von Geschäftsprozessen und die interne Verwaltung
i. Was bedeutet dieser Zweck?
Bei Discom verarbeiten wir Ihre personenbezogenen Daten bei der Erstellung und Durchführung interner Berichte (Management Reporting) und der Analyse anhand aggregierter personenbezogener Daten. Außerdem führen wir Kunden-, Lieferanten- und Geschäftspartnerbefragungen durch, um mehr über Ihre Ansichten und Meinungen im Rahmen des Berichtsprozesses zu erfahren. Darüber hinaus können Ihre personenbezogenen Daten im Rahmen von Fusionen, Übernahmen und Veräußerungen sowie zur Abwicklung solcher Transaktionen verarbeitet werden.
Wir verarbeiten Ihre personenbezogenen Daten im Rahmen der allgemeinen Geschäftstätigkeit und der internen Verwaltung unseres Unternehmens, auch im Rahmen der Vermögens- und Auftragsverwaltung. Darüber hinaus können Ihre personenbezogenen Daten verwendet werden, wenn wir Audits und Untersuchungen durchführen, um geltende gesetzliche Verpflichtungen und/oder interne Richtlinien von Discom einzuhalten, Geschäftskontrollen durchzuführen und unsere Kunden-, Lieferanten- und Geschäftspartnerdatenbank zu verwalten.
Wir verarbeiten Ihre personenbezogenen Daten auch zu Zwecken des Finanz- und Rechnungswesens, zu Archivierungs- und Versicherungszwecken, zur ordnungsgemäßen Unternehmensbuchhaltung sowie im Rahmen der Streitbeilegung.
ii. Auf welcher rechtlichen Grundlage verarbeiten wir Ihre personenbezogenen Daten?
Wir verarbeiten Ihre personenbezogenen Daten, um unserem berechtigten Interesse an der Abwicklung des Tagesgeschäfts von Discom nachzukommen und Pläne für strategisches Wachstum zu entwickeln und umzusetzen.
iii. Welche personenbezogenen Daten verarbeiten wir zu diesem Zweck?
Zu diesem Zweck können wir Ihre Kontaktdaten, Ihre persönlichen Daten (wie Name und Geburtsdatum), Zahlungs- und Transaktionsdaten (einschließlich Kredit- und Zahlungsinformationen und Auftragshistorie), Ihre Antworten auf unsere Umfragen, Daten, die in den IT-Systemen von Discom gespeichert sind, Daten, die während der Durchführung Ihres Vertrags mit Discom erzeugt wurden, und Ihre Korrespondenz mit Discom verarbeiten.
4.9 Zur Einhaltung von Gesetzen
i. Was bedeutet dieser Zweck?
Discom verarbeitet Ihre personenbezogenen Daten zur Einhaltung von Gesetzen und Vorschriften (wie z. B. steuerliche und geschäftliche Verhaltensrichtlinien und Sorgfaltspflichten einschließlich „Know your Customer“-Anforderungen). Dies kann die Offenlegung Ihrer personenbezogenen Daten gegenüber Behörden oder anderen Aufsichtsbehörden beinhalten.
ii. Auf welcher rechtlichen Grundlage verarbeiten wir Ihre personenbezogenen Daten?
Wir verarbeiten Ihre personenbezogenen Daten zur Erfüllung gesetzlicher oder behördlicher Auflagen, denen wir unterliegen können.
iii. Welche personenbezogenen Daten verarbeiten wir zu diesem Zweck?
Zu diesem Zweck verarbeiten wir Ihre Kontaktdaten wie Ihre Anschrift und E-Mail-Adresse, persönliche Daten wie Name und Geburtsdatum, Zahlungsinformationen, Transaktionshistorie (einschließlich Ihrer Auftragshistorie), Ihre Handelskammer- und Steuerdaten sowie alle anderen von der zuständigen Regierungs- oder Aufsichtsbehörde geforderten Informationen.
4.10 Zum Schutz von Gesundheit und Sicherheit sowie zur Gewährleistung der Integrität
i. Was bedeutet dieser Zweck?
Wenn Sie zu Discom eingeladen werden, verarbeiten wir Ihre personenbezogenen Daten, um unsere Mitarbeiter, Kunden, Lieferanten und Geschäftspartner sowie deren Vermögen zu schützen. Vor diesem Hintergrund authentifizieren wir Ihre Zugangsrechte zu unseren Einrichtungen und können Ihre personenbezogenen Daten gegen öffentlich zugängliche Strafregister der Regierung und/oder der Strafverfolgungsbehörden prüfen.
ii. Auf welcher rechtlichen Grundlage verarbeiten wir Ihre personenbezogenen Daten?
Wir verarbeiten Ihre personenbezogenen Daten im Rahmen unseres berechtigten Interesses an der Wahrung der Gesundheit und Sicherheit anderer Personen sowie an der Authentifizierung des Status und der Zugangsrechte Dritter während des Aufenthalts in unseren Einrichtungen.
iii. Welche personenbezogenen Daten verarbeiten wir zu diesem Zweck?
Zu diesem Zweck verarbeiten wir Ihren Namen, das Geburtsdatum, die Zahlungsinformationen und die Transaktionshistorie sowie Ihre Besuchshistorie in unseren Einrichtungen.
5. How long do we store your personal data for?
We store your personal data for as long as is necessary for the purposes named above and for the duration which was stated to you when your personal data was obtained.
The criteria we take into account when determining the retention periods include the following:
- Retention in case of queries: In case of follow-up queries, we can retain your personal data for a reasonable period of time, should you have expressed an interest in events, products, services or solutions.
- Retention in accordance with legal requirements and regulations of the authorities: We check whether we must continue to retain your personal data after the expiry of the retention period in case of queries (see above) in accordance with legal requirements and regulations of the authorities. Some or all of these criteria may be relevant to the retention of your personal data which is gathered in connection with our events, products, services, solutions and/or use of our website.
- Retention which is permitted in accordance with applicable laws: We will continue to retain your personal data, should this be necessary in order to provide you with our services and the retention of this personal data is necessary in order to pursue our legitimate interests or is in the public interest.
6. Cookies
We also gather data with the assistance of cookies. Cookies are small information data sets which save and access data concerning your visit to our website, for example the domain name of your Internet provider, the sites accessed by you and the time of the access. We can process the data which is gathered by us in order to provide you with a seamless, consistent and personalized user experience, for example by providing you with personalized recommendations on the basis of your use of the website.
You can find out more about how we use cookies and how you can de-activate them in our cookie notice. You can find it here.
7. Who has access to your personal data?
7.1 Access to your personal data within Discom and Spectris PLC (hereinafter “Spectris”)
IYour personal data is only available to persons within Discom who require access to it and only to the extent which is necessary in order to fulfill the purpose named in section 4 “For what purposes do we process your personal data?” (see above). We will take suitable measures to ensure sufficient protection of your personal data.
We may also pass your personal data on to our associated companies within the Spectris PLC corporate group (of which Discom is a member). We may exchange your data amongst ourselves for administrative purposes, in order to receive a comprehensive overview of your contacts and contracts with the Spectris Group. This allows us to provide a comprehensive range of products and services. Should our associated companies send you information concerning events, products, services or solutions which may be of interest to you, this takes place with your consent (if required under applicable laws).
In addition, within the framework of a group-wide data protection program of Spectris, Discom is subject to the Spectris binding corporate rules (hereinafter “BCR”), i.e. your personal data is treated with the same degree of care when being exchanged within the Spectris Group, regardless of the processing location.
7.2 Third party access to your personal data
The following third parties may have access to your personal data:
- Associated companies, distributors or contracts, for example should we consider this to be necessary in order to provide you with a comprehensive solution for your stated commercial requirements or in order for our contractors to be able to carry out maintenance to the products which have been purchased by you.
- Banks
- Insurance companies
- IT service providers, including website administrators
- Auditors and forensic experts
- Government and regulatory authorities and other third parties to whom we must disclose information in accordance with applicable laws, for example in order to comply with the order of a court or a request by a regulatory authority or similar legal proceedings or in other cases where this is necessary in order to fulfill a legal obligation or for the administration of justice.
- Relevant third parties or their professional advisers in the case of a merger, takeover or sale of a part or all of our assets.
- Third party service providers who carry out services on our behalf. Examples include the sending of newsletters, the management of our customer lists, the analysis of new databases, support with advertising measures, the processing of payments (credit card, payment following invoice, etc), as well as customer service.
Where third parties receive access to your personal data, Discom will take the necessary contractual, technical and organizational measures in order to ensure that your personal data is only processed to the extent that is strictly necessary. Should your personal data be transferred to a recipient in a country which does not provide reasonable protection for personal data, Discom will conclude agreements with the relevant third party which restrict the purpose of the use and disclosure of your personal data and which provide for reasonable protection of your personal data.
7.3 Personal data received from third parties
We co-operate closely with third parties (including business partners, sub-contractors in the area of technical, payment and delivery services, advertising networks and analysis and search information providers) and we may receive personal data from these relating to you. Such data received from third parties is stored in accordance with the duty of care described in this Data Privacy Statement and in line with all additional restrictions which are imposed on us by the third party which provided us with your personal data.
8. How is your personal data protected and secured?
Discom has taken sufficient security precautions in order to guarantee the confidentiality and security of your personal data. Discom has also taken reasonable technical, physical and organizational measures in order to protect your personal data against unintended or unlawful deletion, loss, damage, alteration, unauthorized disclosure or access and against all other forms of unlawful processing or further processing (in particular unnecessary gathering).
In order to encrypt sensitive data, for example credit card numbers for online purchases via the website, we use the Secure Sockets Layer (SSL) security protocol which is customary in the sector. We use the most up-to-date 128-bit encryption technology in all areas of the website where you are required to submit personal data or account information. This means that the credit card information which you send is encrypted by your computer and is then de-encrypted by us, which limits the risk of other persons accessing your personal data during the transfer process. You can check this by searching for a closed lock symbol in the lower part of your web browser or “https” at the start of the address of the website.
In order to protect credit card numbers and similar transaction data, we do indeed use encryption, however please bear in mind that no method of transfer over the Internet can be 100% secure. Even though we take reasonable security measures to protect your personal data after receipt, you must also ensure that you have taken suitable measures in order to protect your personal data.
9. Links to other websites
Our online channels may contain links to other, interesting websites. However, should you leave our websites via such links, please bear in mind that we have no control over the other website. Therefore, we are not responsible for the protection of the data which you provide when visiting such websites. These websites are also not subject to the provisions of this Data Privacy Statement. Please proceed with caution and observe the data protection notice which applies to the relevant website.
10. Your rights
In accordance with applicable data protection laws, you are entitled to various rights in relation to the processing of your personal data. These include:
- The right to receive information in relation to your personal data
- The right to have the personal data saved by us rectified
- Under certain conditions:
- The right to have your personal data erased
- The right to have the processing of your personal data restricted
- The right to have your personal data transferred to another processor
- Should the processing take place in accordance with your consent, the right to revoke this consent
- And the right to submit a complaint to a data protection supervisory authority (in Germany, this is the State Data Protection Officer of the Federal State of Hesse). You can find a list of further authorities here.
Further information concerning the scope of these rights can be found in the Data Subject Request Form. Should you wish to claim your rights, please fill in the application form and send it to the data protection officer [email protected] (with any supporting documents). Note that, in order for us to respond to your request, we may require you to verify your identity.
We also wish to inform you that you may not be entitled to some (or all) of these rights in your legal ordinance. In addition, we can reject orders which are repeatedly placed in an unreasonable manner, which require a disproportionately high degree of technological expertise (for example the development of a new system or the basic alteration of an existing practice), which endanger the private spheres of other persons or which are seriously impractical (for example requests for information which is on backup systems).
We would recommend that you update your personal data via your account on our website. If you have registered on our website, you can log into your account in order to update your personal data and marketing preferences.
