Data protection statement
As a “safety & security” service provider, we at NewTec GmbH are committed to protecting your personal data – from a professional but also a moral perspective. We take this seriously, because protecting your privacy is something that we value greatly. We process your personal data in compliance with the applicable requirements of the valid data protection laws. Personal data are all information that can be associated with a specific individual. Relevant personal data include data about you personally (e.g. address, name, date of birth, religion), sales data and invoicing data (e.g. bank details). Below, we have outlined how your data are handled.
Responsibility and contact
Responsibility for processing your personal data resides with NewTec GmbH, Buchenweg 3, 89284 Pfaffenhofen a. d. Roth, Germany. For all queries and questions concerning data protection, you can contact NewTec GmbH at firstname.lastname@example.org.
Name and address (data protection officer)
Maximilian Pothmann (Deutsche Datenschutzkanzlei), Bahnhofsstrasse 50, 87435 Kempten, Germany. The data protection officer can be contacted directly at email@example.com with any questions you may have.
Purposes of processing and legal basis
NewTec GmbH processes personal data in the course of its working partnerships with business partners. These business partners are: customers, sales partners, suppliers and interested parties.
- Contact data (business/private) (first and last name, address, telephone, fax and mobile phone number, and e-mail address,
- Payment data to handle payment processes,
- Data provided voluntarily and as part of a project, e.g. project information, inquiries and orders,
- Specific, verifiable data (compliance) include dates of birth and identity card information.
NewTec GmbH processes the requisite personal data for the following purposes:
- Communication concerning services and projects, e.g. the processing of business partner inquiries,
- The planning, fulfilment and management of business relationships, e.g. for invoicing and accounting purposes, deliveries and the handling of services,
- The maintenance of organisational and information security aspects in respect of services as well as the NewTec GmbH web pages,
- The prevention and monitoring of and follow-up on security risks and/or acts of wilful intent aimed at causing damage or harm,
- Compliance with legal requirements, existing obligations to conduct checks and verifications as part of our compliance duties, and with internal guidelines and standards,
- Settlement of legal disputes, enforcement of existing contracts, and defending legal claims.
Unless otherwise expressly stated, the legal basis for collecting personal data for the purpose of processing is the following:
- Fulfilment and adherence to a contract with you (Article 6(1)(b) GDPR),
- Fulfilment of legal obligations (Article 6(1)(c) GDPR),
- Safeguarding of a legitimate interest in initiating, implementing and handling business relationships with NewTec GmbH (Article 6(1)(f) GDPR).
Consent to the processing of personal data
In certain instances, we require your consent to process your personal data. We will specifically ask you for such consent and use it as the legal basis for processing personal data (Article 6(1)(a) GDPR).
Processors and third parties
Personal data are also used by other companies commissioned by NewTec GmbH within the bounds of our business partnerships. Such companies are either subsidiaries of NewTec GmbH (NewTrust GmbH) or external companies. Those who may potentially receive your data include address, IT, shipping and invoicing service providers, collection agencies, network operators, consultants or other service and cooperation partners.
This allows visited website pages and servers to differentiate the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognised and identified using the unique cookie ID.
The data subject may, at any time, prevent the setting of cookies through our website by making the setting changes to their Internet browser and may thus permanently deny the setting of cookies. Moreover, cookies that have previously been placed may be deleted at any time via an Internet browser or other software programs. This is possible with all commonly-used Internet browsers. If the data subject disables the setting of cookies in the Internet browser used, it is very possible that the full functionality of our website may not be used.
Collection of general data and information
The NewTec GmbH website collects a series of general data and information when a data subject or automated system visits the website. These general data and information are stored in the server log files.
The following may be collected: (1) the types of browser and the versions used; (2) the operating system used by the accessing system; (3) the website from which an accessing system reaches our website (so-called referrer); (4) the sub-pages that are accessed via an accessing system on our website; (5) the date and time the website is accessed; (6) an Internet protocol address (IP address); (7) the Internet service provider of the accessing system; and (8) any other similar data and information that may serve to ward off attacks on our information technology systems.
When using these general data and information, NewTec GmbH does not make any associations with the data subject. Instead, this information is needed (1) to provide our website content accurately; (2) to optimise the content of our website; (3) to ensure the long-term viability of our information technology systems and website technology; and (4) to provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber-attack.
To this end, NewTec GmbH analyses these anonymously collected data and information statistically and also with the aim of increasing our company’s data protection and data security so as ultimately to ensure the optimal level of protection for the personal data that we process. The anonymous data in the server log files are stored separately from any and all personal data provided by a data subject.
The NewTec GmbH website is managed by a third-party provider, which is responsible for the security of your personal data and is bound by the statutory provisions of the GDPR. In the course of the third-party provider making its services available, so-called “web analytics” functions are used. Within these web analytics functions, data are solely collected for statistical purposes and to optimise the technical features of our website service.
The following data are collected and compiled:
- Referrer (information on the previously visited pages)
- Requested website or file (information on what pages are accessed on the website)
- Browser (information on the web browser used)
- Operating system (information on the operating system used when visiting the website)
- Devices (information on the type of device used)
- Time (information on the time of day that the website is accessed)
- IP address (anonymised IP address; only for the purpose of determining the location from which the website is accessed)
All of the data referred to in the above points are anonymised when stored, thereby making it impossible to associate them with natural persons. For details on data storage and their erasure, please refer to “Data storage and erasure”.
Registering on our website
The data subject has the option of registering with the controller’s website, which involves supplying certain personal data. The personal data transferred to the controller are those entered in the corresponding fields that are used for the purpose of registering. The personal data provided by the data subject are collected and stored exclusively for internal use by the controller and for its own purposes. The controller can arrange for the personal data to be forwarded to one or more processors, such as a parcel service provider, which will equally only use the personal data for an internal purpose attributable to the controller.
When registering on the controller’s website, the IP address assigned to the data subject by the internet service provider (ISP), the data, and the time of registration will furthermore be stored. These data are stored as it is the only way to prevent our services being abused and, when needed, such data help to solve crimes that may have been committed. In this respect, the storage of such data is a necessary safeguard for the controller. These data are never forwarded to third parties unless there is a legal obligation to do so or their forwarding facilitates criminal prosecution.
The data subject’s registration, which involves the voluntary provision of personal data, helps the controller to provide the data subject with content or services which, by their very nature, can only be offered to registered users. Registered individuals are at liberty, at any time, either to amend the personal data provided at the time of registration or to request that such data be erased from the controller’s database.
The controller will, at any time requested by a data subject, inform the data subject in question as to what personal data have been saved. The controller will, at the request or instruction of the data subject, furthermore rectify incorrect personal data or erase personal data provided that this does not conflict with any legal obligations to preserve the data. In this connection, any member of the controller’s entire staff may be contacted by the data subject.
Contact options via the website
In keeping with statutory requirements, the website operated by NewTec GmbH contains information that enables you to contact our company quickly through electronic means and also directly via a general postal address as well as so-called electronic post (e-mail address).
If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data, which are transmitted voluntarily by a data subject to the data controller, are stored for the purpose of processing the request or contacting the data subject.
None of these personal data are disclosed to third parties.
Data storage and erasure
Unless a storage time is expressly specified, your personal data – after being collected (e.g. within the bounds of your declaration of consent) and the intended purpose of such collection having been accomplished, and provided that no legal obligations to preserve the data (e.g. obligations to preserve such data under commercial or fiscal law) oppose such erasure – will be erased.
Right of access, to rectification and to erasure
NewTec GmbH will gladly furnish you with information as to what personal data concerning you have been collected, stored or forwarded in compliance with the applicable laws and guidelines. In addition to the options available to you under the applicable statutory regulations, you may also exercise other rights.
- Rectification – you may request that data such as your name, address, etc. be corrected,
- Erasure – you may request that all or part of your personal data be erased,
- Restriction of processing – you may request that your data be temporarily blocked for specific purposes.
Right to object and to withdraw consent
Should there be grounds that add weight to your specific interest and thus override the interests of NewTec GmbH, you may object to your personal data being collected and processed. No other contractual provisions concerning the processing of personal data as part of a service provided will be taken into consideration.
Should we be in possession of a specific or extraordinary declaration of consent to the processing of your personal data, you may contact us to withdraw such consent.
Right to lodge a complaint
If you have any questions or complaints, you have the right to contact the incumbent supervisory authority (Bavarian Data Protection Authority – www.lda.bayern.de).
Right to data portability
You have the right to receive personal data concerning you in a readable, commonly used and structured format. You are entitled to transfer these data to another controller, or, where possible, to have us transfer them to another controller. You can apply for this by sending an e-mail to firstname.lastname@example.org.