1. Field of Application
This data protection declaration applies to the handling of your personal data when you visit our website at www.ims-experts.com or submit an application to us by electronic or postal means.
2. Who is responsible and who can I contact?
IMS Messsysteme GmbH of Dieselstrasse 55, 42579 Heiligenhaus, Germany, which is registered at Wuppertal District Court under HRB 17583, is responsible for the processing of your personal data as described below. You can contact the following address with respect to all data protection inquiries:
IMS Messsysteme GmbH
42579 Heiligenhaus, Germany
Phone: +49 (0) 2056 975 – 0
Fax: +49 (0) 2056 975 – 140
You can contact our company Data Protection Officer at:
Boris Nicolaj Willm
Monschauer Straße 12
Telefon: +49 (0) 211 695289 92
3. Which data of yours do we process?
We collect and process various items of personal data from you according to the specific processing situations. Below you will find a list of the data relating to the respective processing situation:
You can always visit our website without disclosing your identity. Insofar as you use the offers provided by IMS on the Internet pages without registration, we process the following from you, among other things:
- Data about the use of the Internet pages provided (e.g. the browser used, the operating system used, the referrer URL, the time of the server enquiry, the contents accessed and the duration of use)
- IP address
- Further technical data which is comparable with the above
3.2 Which data do we process when sending our newsletters and product information?
If we provide you with information as part of pre-contractual measures or an existing business relationship, we only process the data that are necessary. These are:
- Your personal details (first name and surname)
- Companies name
- Contact details (telephone number, email address)
3.3 What data do we process when you contact us?
Depending on your request, you can contact us via various contact forms on our website. We provide various contact forms on our website, which we use for the purpose of answering inquiries about our services or products. We only process the personal data required for the respective purposes, in particular:
- Your personal details (first name and surname)
- Companies name
- Contact details (telephone number, email address);
- Your needs
4. Who do we collect your personal data from?
We collect personal data in various ways. We regularly collect your personal data directly from you when you visit our website or take advantage of the services offered, such as the integrated contact forms. scheduling wizard, chat bot or registration for a webinar.
5. For what purposes do we process your data and on what legal basis?
We process your personal data exclusively in accordance with the provisions of the General Data Protection Regulation (“GDPR“) and the Federal Data Protection Act (“BDSG“). In certain situations we also process your personal data to fulfil other legal obligations or on the basis of your express consent.
5.1 For the fulfilment of contractual obligations
We process your personal data for the fulfilment of contractual or contract-like obligations or the establishment of a contract, for example in order to provide support to existing customers or answer questions.
5.2 On the basis of legitimate interests
We also process your personal data to protect our legitimate interests, unless your interests or fundamental rights and fundamental freedoms which require the protection of your personal data prevail.
Subject to an appraisal decision to be taken in individual cases, we assume as standard that our legitimate interests prevail within the context of the following processing situations, although this list is not exhaustive:
- Optimisation of our offers and services
- Analysis of the use of our Internet pages
- Ensuring the confidentiality and integrity of our IT systems
- Speed up and simplify communication with interested parties
5.3 On the basis of your consent
If you have given us consent separately to process your personal data, we will process your personal data within the framework of and on the basis of this consent. Consent may, for example, relate to the forwarding of data to partner companies, the evaluation of your data for targeted advertising measures or the dispatch of newsletters.
Consent is always voluntary. Any refusal or revocation of consent will have no negative consequences for you.
6. Who do we forward your information to?
6.1 Companies, Agencies and Partners of the IMS Group
As a matter of principle, we only forward your personal data to our affiliated companies or partners and agencies if this is necessary for the establishment, execution or termination of a contract or contract-like relationship. Our partners and agencies are in particular independent commercial agents for the distribution of our goods and services at home and abroad. For example, when you contact us, we share the information you provide to us with the IMS Group company responsible for the region in each case so that they can offer you our products and services in accordance with your requirements and the region to which your enquiry relates.
The companies of the IMS Group include:
– IMS Röntgensysteme GmbH (Germany)
– IMS Systems Inc. (USA)
– IMS do Brasil (Brazil)
– IMS Maco Services Pvt. Ltd. (India)
– IMS Messsysteme (Shanghai) Co. Ltd. (China)
– IMS Service LLC (Russia)
– IMS SYS Mexico SA DE CV (Mexico)
– IMS Systems Korea Co., Ltd. (Korea)
– IMS Metalurji Servis Ltd. Sti. (Turkey)
– IMS Sistemas de Medida, S.L. (Spain)
– IMS Maco Measuring Systems (FEZ) (UAE)
– surcon GmbH (Germany)
– Xapt GmbH (Germany)
6.2 Transfer to Order Processors
For the processing of your data we also use external service providers to whom we forward your personal data and who only process the data on our behalf in a contractually secured manner. Order processors are also contractually obliged, for example, to optionally delete or return the data upon termination of the commissioning process. The order processors used by us include Google for the provision of analysis services on the use of our Internet pages. Detailed information about Google’s services can be found in section 12.5.
6.2.1 Audio and video conferences, webinar tools
We use online conference tools, among others, for communication with our customers and interested parties. If you communicate with us by video or audio conference via the Internet, we and the provider of the respective conference tool collect and process your personal data.
The conference tools record all data that you provide/use to use the tools (e-mail address and/or your telephone number). Further, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “contextual information” in connection with the communication process (metadata).
In addition, the provider of the tool processes all technical data required to handle the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker as well as the type of connection.
If content is exchanged, uploaded or otherwise made available within the tool, it is also stored on the servers of the tool providers. Such content includes, in particular, cloud recordings, chat/ instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information shared during use of the service.
Please note that we do not have full control over the data processing operations of the tools used. Our options are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the privacy policies of the tools used, which we have listed below this text.
We have no influence on the storage period of your data stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.
We have concluded an order-processing contract with the provider of ClickMeeting and fully implement the strict requirements of the German data protection authorities when using ClickMeeting.
6.2.2 CRM system
In order to collect and store the data of interested parties, we use a CRM system from the provider Pipedrive OÜ, with its registered office at Mustamäe tee 3a, 10615 Tallinn, Estonia. The data of our prospective customers are stored in the database for 2 years and beyond that if this is necessary to fulfil the purpose.
This website uses Mailjet for sending newsletters. The provider is Mailjet SAS (Global HQ) office and postal address Paris: 13-13 to, rue de l’Aubrac, 75012 Paris, France.
Mailjet is a service with which, among other things, the dispatch of newsletters can be organized and analyzed. The data entered by you for the purpose of receiving the newsletter will be stored on the servers of Mailjet.
Data analysis by Mailjet
With the aid of Mailjet we are able to analyze our newsletter campaigns. For example, we can see if a newsletter message has been opened and which links have been clicked. In this way, we can determine which links have been clicked particularly often.
We can also see whether certain previously defined actions were performed after opening/clicking (conversion rate). For example, we can tell if you have made a purchase after clicking on the newsletter.
Mailjet also allows us to classify newsletter recipients into different categories (“clusters”). For example, the newsletter recipients can be subdivided according to age, gender, or place of residence. In this way, the newsletters can be better adapted to the respective target groups. If you do not want Mailjet to analyze you, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. Furthermore, you can unsubscribe from the newsletter directly on the website.
For detailed information on the functions of Mailjet, please refer to the following link: https://www.mailjet.de/funktion/.
Data processing is based on your agreement (Art. 6(1)(a) GDPR). You can revoke this agreement at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
The data deposited with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored for other purposes with us remain unaffected.
After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist is used only for this purpose and not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). The storage in the blacklist is indefinite. You may object to the storage if your interests outweigh our legitimate interest.
Execution of a contract data processing agreement
We have entered into a contract data processing agreement with the provider of Mailjet and implement the strict provisions of the German data protection agencies to the fullest when using Mailjet.
We have integrated OneDrive to host data in the cloud. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (hereinafter “OneDrive”).
As a business partner, you can use OneDrive – with the appropriate authorization – to upload, store and synchronize various file types. All content that you upload is stored on OneDrive’s servers.
The use of OneDrive is based on Art. 6 para. 1 lit. f DSGVO. According to this, there is a legitimate interest of the provider in a reliable data exchange.
We have concluded an AV contract with the above-mentioned provider, which ensures that personal data may only be processed in accordance with our instructions and in compliance with the data protection requirements of the DSGVO.
6.3 Forwarding of data on the basis of legal obligations or for the safeguarding of legitimate interests
Insofar as we are obliged to do so by law, as a result of a court order or an enforceable official order, we will transfer your personal data to bodies that are entitled to receive information.
6.4 Other Forms of Transfer
7. Do we transfer your data to third countries?
In some processing situations we may transfer your personal data to countries outside the European Union or the European Economic Area, i.e. so-called third countries. Within the context of the transfer of personal data to a third country, we will ensure as a standard procedure by means of appropriate guarantees, for example by concluding the standard contractual clauses of the European Commission, that the transfer of data only takes place on the basis of a level of protection which is in line with the GDPR.
8. For how long do we store your personal data?
We only process and store your personal data for as long as this is necessary for our processing purposes.
Upon request, we will regularly delete the data collected and stored within the framework of the use and provision of our Internet pages at any time and independently within a few days, unless we have a special interest in its continued storage in individual cases, such as in the case of cyber attacks.
Within the context of a contact inquiry we store your data in all cases only for the duration which is necessary in order to answer your contact inquiry. If you have registered for a newsletter or we send you regular product information as an existing customer, we will process your data until you have objected to such processing or have revoked your consent.
Insofar as a longer storage period is required due to statutory storage and documentation obligations or for the protection of our legitimate interests, such as possible legal disputes, your personal data will also be stored and processed after the expiry of the above-mentioned period. Upon the completion of a contract or contract-like relationship, we will, as far as possible, immediately block your personal data for further processing.
Final deletion is carried out after the expiry of the periods resulting from the legal storage and documentation obligations, which are between two and ten years and are based, among other things, on the German Tax Code or the German Commercial Code.
9. Your Rights
Below you will find a summary of your rights regarding the processing of your personal data by us:
9.1 Rights to Information, Erasure, Rectification, Restriction of the Processing and Data Portability
According to Article 15 of the GDPR you have the right to information, which means that you can request confirmation as to whether or not we process your personal data. If this is the case, you have the right to request comprehensive information on this personal data from us.
In accordance with Article 16 GDPR, you may request that incorrect data about you is corrected without delay.
According to Art. 17 GDPR, you have the right to request the erasure of your personal data if this is (i) no longer necessary for the purposes for which it was collected, (ii) you have revoked your consent to its processing, (iii) you have lodged an objection to its processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate reasons for continued processing, (iv) your personal data has been processed unlawfully, (v) the erasure of the personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which IMS is subject, or (vi) the personal data has been collected in relation to information society services that are provided pursuant to Art. 8 para. 1 of the GDPR.
According to Art. 18 GDPR, you have the right to request the restriction of processing under the following conditions: Such a right exists if (i) you have contested the accuracy of your personal data, (ii) the processing is unlawful and you refuse the erasure of the personal data and instead request the restriction of its use, (iii) the data is no longer required for the purposes of processing but you need it for the assertion, exercising or defence of legal claims, or (iv) you have filed an objection to the processing pursuant to Art. 21 para. 1 GDPR, as long as it is not yet clear whether we have legitimate reasons for the processing which outweigh yours.
Pursuant to Art. 19 GDPR, you have the right to request information about the recipients of data to whom the rectification or erasure of your personal data or a restriction on its processing has been communicated.
According to Art. 20 GDPR, you have the right to receive the personal data relating to you from us in a structured, current and machine-readable format and to transmit this data to another data controller.
If the processing or transmission of your personal data is based on consent declared by you, you can revoke your consent at any time with future effect.
Furthermore, you have the right of objection to the processing of your data or a decision taken by IMS with regard to one of the rights exercised by you to the North Rhine-Westphalia Data Protection Commissioner, Postfach 20 04 44, 40102 Düsseldorf, Germany.
In order to assert your rights under section 9.1, you can contact the addresses stated under section 2 informally by post, fax or email.
9.3 Right of Objection according to Art. 21 GDPR
9.3.1 Objection on the Grounds of your Specific Situation
According to Art. 21 para. 1 GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your specific situation if this processing is carried out for the purposes of our legitimate interests, including profiling based on this (e.g. for a credit assessment). Further processing of your personal data will then no longer be carried out unless we can prove compelling reasons worthy of protection for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
9.3.2 Objection to Direct Advertising
According to Art. 21 para. 2 GDPR you have the right to object at any time to the use of your personal data for the purposes of direct advertising. This also applies to profiling, insofar as it is associated with such direct advertising. If you object to the processing for direct advertising purposes, we will no longer process your personal data for these purposes.
9.3.3 Contact Option
You can declare your objection informally by post, fax or email, addressed to:
IMS Messsysteme GmbH
42579 Heiligenhaus, Germany
Phone: +49 (0) 2056 975 – 330
Fax: +49 (0) 2056 975 – 140
10. Is there an obligation on your part to make personal data available?
There is neither a contractual nor a legal obligation to provide us with your personal data for the use of our Internet pages. However, if you wish to contact us, certain details are required so that we can process your enquiry.
11. Is such processing based on automated decision-making or profiling?
You have the right not to be subject to a decision which is based exclusively on automated processing, including profiling, if the decision is not necessary for the conclusion or fulfilment of a contract, is not required by mandatory legal regulations or is not based on your express consent.
IMS does not use automated decision-making procedures, including profiling, unless we have explicitly informed you of them.
12. What type of cookies and tracking technology do we use?
You can limit the use of tracking technology by changing the settings of your browser. You can determine what access you grant us to your devices and whether and for how long cookies can be stored on your device. Cookies that have already been saved can also be deleted at any time. Please note that the functionality of our Internet pages may be impaired after the deactivation of all cookies. Similar functions (such as flash cookies) which are used by so-called browser add-ons can be switched off or deleted by changing the settings of the browser add-on or via the website of the browser add-on producer.
12.1 What are cookies?
A cookie is a small file that is transferred during the use of a website from the host server of the website and stored on the user’s device (desktop computer, laptop, tablet, smartphone, other Internet-enabled devices) by the browser used. Cookies are used to store information about the user and to retrieve it when the website is accessed again.
12.2 What are cookies used for?
Cookies help us to understand the use of our web pages, analyse trends, administer the website, track a user’s steps on our website, collect demographic information about our user base as a whole, enable you to navigate efficiently between the pages, remember your preferences and settings on our web pages and generally improve your browsing experience while doing so. Cookies also help us to display advertisements to you that match your interests and are relevant to you. We process the data collected using tracking technologies in order to (i) remember information so that you do not have to re-enter it during your visit or a repeat visit, (ii) be able to provide you with personalised content, including advertising, (iii) be able to recognise you across multiple devices, (iv) be able to check the functionality and efficiency of our Internet pages, (v) be able to collect aggregated key data regarding the total number of visitors, traffic, usage and demographic patterns on our Internet sites, (vi) be able to diagnose and resolve technical problems and (vii) be able to implement any other plans for and improvements to our website.
12.3 What types of cookies are used on our website?
The cookies used on our website can usually be divided up into one of the following categories: Mandatory cookies, analysis cookies, function-related cookies, advertising cookies or cookies of social networks.
12.3.1 Mandatory Cookies
These cookies are indispensable for the functioning of our Internet pages and enable you to move around our Internet pages and to use their functions. Without these cookies, certain services that are necessary for the full use of our website cannot be provided.
12.3.2 Analysis Cookies
With the help of these cookies we collect information about how users use our Internet pages, e.g. which pages are accessed and read most frequently, or how users move from one link to the next. All information collected by this type of cookie does not relate to an individual user, but is aggregated and processed with the information of other users. The cookies provide us with analytical data on how our websites work and how we can improve them.
12.3.3 Function-related Cookies
These cookies allow us to save a specific selection that you have made and adapt our website in such a way that it offers you extended functions and content. These cookies can be used, for example, to save your language selection or country selection.
12.3.4 Advertising Cookies
These cookies are used to be able to show you targeted advertising. These cookies are also used to limit the number of advertisements displayed and measure the effectiveness of a particular advertising campaign. Such cookies can also store information about other websites that you have already visited and make this data available to other organisations, e.g. advertising partners. This means that after your visit to our website, you may see advertising and commercials about our offers and services on other websites.
12.3.5 Social Networking Cookies
In order to facilitate the exchange of content on the Internet, some of our websites may contain small software applications from third parties, e.g. Facebook, Twitter, LinkedIn or Google+, for the exchange of data. The cookies are not stored by us, but by the third-party provider on your device. We cannot monitor these cookies. For further information you should therefore visit the websites of the third parties.
12.4 How long are cookies stored on my devices?
The storage time essentially depends on whether the cookie is a “persistent” or “session-related” cookie. Session-related cookies are deleted after you leave the websites that have set the cookie. Persistent cookies remain on your device even after you have finished browsing until they are deleted or until they have expired.
12.5 Third-party Cookies – Use of Google Analytics
Some of the cookies stored on your device originate from us. Other cookies are stored on your device when you visit our Internet pages by third parties which we have previously integrated into our Internet pages. These third parties provide us with a particular function or service in connection with our Internet pages. Although we can control the selection of the third-party providers, we have no influence on the use of the cookies by the third-party provider. Some third-party providers may use advertising cookies. The advertising industry in the European Union has developed a system which enables you to refuse the use of such cookies. Further information is available at www.youronlinechoices.eu. For more information on the use of third-party cookies, please visit the websites of the provider concerned.
Within the context of the provision of our Internet pages, cookies from the third-party provider Google are used. Their use is explained below:
The data processed by us in conjunction with Google Analytics is automatically deleted after 14 days. You can object to the processing of your data within the scope of “Google Analytics” at any time with future effect by accessing the following link http://tools.google.com/dlpage/gaoptout?hl=de and following the instructions contained therein.
When fonts are loaded, a large amount of technical information is exchanged with Google’s servers, such as technical information about the hardware and software you are using or your IP address. The exchange of this data is mandatory so that the service offered by Google can be used.
12.6 Can mobile devices determine my location?
If you use our Internet pages with a mobile device with activated location determination, we may be able to collect information about your current location, geo-coordinates and geo-targeting data, as well as the type of mobile device. However, most mobile devices offer the option of disabling location determination in the settings.
12.7 Right of Objection
You have the right to object to the processing of the data processed under this section 12. You can prevent this data from being processed by changing the settings of your browser. However, it is possible that then you will only be able to use the Internet pages provided by us to a limited extent.
12.8 Integration of Third-Party Services and Content into our Website
It may happen that third-party content, such as videos from YouTube or graphics from other websites, is integrated within our website. This always requires that the providers of this content (hereafter referred to as “third-party providers“) process the IP address or comparable data of visitors to our Internet pages, since without the IP address they could not send the content to the browser of the respective visitor. The IP address is therefore required for the display of this content. We endeavour to use only such content whose respective providers use the IP address or other personal data solely for the presentation of the contents. However, we have no influence on whether the third-party providers store the IP address or other personal data, e.g. for statistical purposes. To the extent that we are aware of this, we will inform you of it.
In conjunction with the creation of our newsletter and the presentation of our Internet pages (hereafter collectively referred to as “our online offers“), we use the Google Fonts service for the graphic design. When you access our online offers, the integrated fonts are downloaded from Google’s servers, among other things, in order to display our online offers on your device as we intend. We use the Google service to ensure the consistent presentation of our online offerings on different devices.
13. Information on data transfer to the USA
Our website includes tools, among others, from companies based in the USA. If these tools are active, your personal data may be transferred to the US servers of these companies. Please note that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to release personal data to security authorities without you as the data subject being able to take legal action against this. It therefore cannot be precluded that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no influence on these processing activities.