The responsibility for collecting, processing and using your personal data in accordance with the GDPR lies with
Company: IST Metz GmbH
Address: Lauterstrasse 14-18, 72622 Nuertingen, Germany
Phone: +49 (0)7022 6002 0
2.1 Access data
We collect information about you when you use this website. We automatically collect information about how you use our website and interact with us, and store data about your computer or mobile device. We collect, store and use data about every occasion on which our website is accessed (server log files). The access data includes the date and time the website is accessed, the time zone difference to Greenwich Mean Time (GMT), the content of the request (specific page), the volume of data transmitted, a report of successful access (HTTP response code), the language and version of the browser used, the operating system used and its access status, the referrer URL (i.e. the previous page visited), the IP address and the requesting provider.
We use this log data, which does not contain any references to you as a person or any other profiling, for statistical evaluations for the purpose of operating, optimising and ensuring the security of our website. We also use this data to collect anonymous information about the number of visitors to our website (traffic) and about the extent to which and the way in which our website and services are used. Based on this information, we can provide personalised and location-specific content, analyse data traffic, detect and resolve errors and improve our services.
We reserve the right to check the protocol data retrospectively if there is justified suspicion of unlawful use on the basis of concrete evidence. We save IP addresses for a limited amount of time in the log files if this is necessary for security purposes. We also save IP addresses if we have concrete suspicion of a crime being committed using our Website.
2.2 Contact via e-mail
If you contact us (e.g. via our contact form or e-mail), we save your details so that we can process your request and any related requests. We only save and use other personal data if you give your consent for us to do so or if this is permitted by law.
2.3 Google Analytics
We use Google Analytics, a web analysis service by Google Inc. (“Google”). Google Analytics uses “cookies”. These are text files which are saved to your computer and analyse your use of the Website. The information produced by the cookies about the user’s use of this Website is usually transmitted to a Google server in the USA and saved there.
However, if IP anonymisation is activated on the site, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the European Economic Area before being transmitted. The complete IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases. IP anonymisation is used on this Website. Google will use this information on our behalf to assess your use of our Website, produce reports on website activities and provide us with more services related to the use of the Website and the Internet.
The IP address transmitted from your browser using Google Analytics will not be merged with other Google data. You can prevent cookies from being saved by changing the appropriate setting in your browser. Please note doing this may mean that you cannot make full use of all functions on this Website.
You can also prevent cookies collecting data related to your use of the Website (including your IP address) and prevent Google processing these data by downloading and installing the browser plugin available via this link: https://tools.google.com/dlpage/gaoptout?hl=en-GB.
As an alternative to the browser plugin or if you are on a browser on a mobile device, you can click on the following link to enable an opt-out cookie, which will prevent Google Analytics collecting data on this Website in the future (this opt-out cookie will only work in this browser and only for this domain. If you delete the cookies from your browser, you will have to click this link again): Disable Google Analytics
2.4 Legal framework and storage period
The legal framework for processing data in accordance with the aforementioned sections is article 6 para. 1 f) of the GDPR. Our interests in processing data are, in particular, ensuring that our Website runs and is secure, investigating how visitors use our Website and simplifying the use of our Website.
If not otherwise specifically stated, we save personal data only for as long as is necessary to fulfil the intended purpose.
According to relevant law, you have various rights with regard to your personal data. If you would like to claim these rights, please send an e-mail or a letter with information with which we can clearly identify you to the address given in section 1.
Below, you will find an overview of your rights.
3.1 Right to confirmation and information
You have, at all times, the right to receive confirmation from us whether personal data concerning you is being processed. If this is the case, you have the right to receive information about your stored personal data along with a copy of this data free of charge. Furthermore, you have the right to the following information:
If personal data is transmitted to third countries or to an international organisation, you have the right to be informed of the appropriate safeguards pursuant to article 46 of the GDPR with regard to this transmission.
3.2 Right to rectification
You have the right to request us to immediately rectify any incorrect personal data about you. In consideration of the purposes, you have the right to have incomplete personal data completed, including by means of a supplementary statement.
3.3 Right to erasure (‘Right to be forgotten’)
You have the right to request that your personal data be immediately deleted, and we are obliged to delete personal data immediately as long as one of the following reasons applies:
If we have made personal data public and we are obliged by article 17 of the GDPR to delete it, we will take appropriate measures, including technical measures, in consideration of the available technology and implementation costs to inform those who are responsible for processing personal data that you have requested them to delete all links to this personal data and copies or replicas of this personal data.
3.4 Right to restriction of processing
You have the right to request us to restrict the processing of your data if one of the following prerequisites is valid:
3.5 Right to data portability
You have the right to receive personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us, if:
In exercising your right to data portability pursuant to paragraph 1, you have the right to have the personal data transmitted directly from one controller to another, where technically feasible.
3.6 Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6 paragraph 1 of the GDPR, including profiling based on those provisions. We will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Where we process personal data for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Article 89 paragraph 1 of the GDPR, you, on grounds relating to your particular situation, have the right to object to processing of personal data concerning you, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
3.7 Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you in a similar way.
3.8 Right to withdraw consent
You have the right to withdraw your consent for processing personal data at any time.
3.9 Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you is unlawful.
We do our utmost to ensure the security of your data within the relevant data protection laws and technical capabilities.
Your personal data are transferred using encryption. We use the encryption system SSL (Secure Sockets Layer), but please note that absolute security cannot be guaranteed when transmitting data online (e.g. via e-mail correspondence). It is not possible to ensure complete protection from access by third parties.
In order to secure your data, we take technical and organisational security measures which we always keep up to date with the current state of technology.
We also cannot guarantee that our service will be available at certain times; errors, disruptions and outages are not completely avoidable. The servers we use are backed up thoroughly and regularly.
Automated decision-making does not occur on the basis of collecting personal data.
As a matter of principle, we only use your personal data within our company.
If and to the extent that we are involved with third parties (such as logistics service provider) for the purpose of fulfilling a contract, they will only receive personal data which is necessary for the relevant service.
In the case that we outsource particular parts of our data processing, we will bind the data processor by contract to use personal data only in accordance with the requirements of data protection law and to guarantee the protection of the rights of the affected person.
Transferring data to bodies or persons outside of the EU outside of the cases described in the explanation in point 2.3 do not occur and are not planned.