Data protection

Data misuse

In accordance with § 28 Paragraph 3 of the Federal Data Protection Act (BSDG) and the Basic Data Protection Regulation (DSGVO), we hereby object to any commercial use or transmission and forwarding of our data (including the data of all authors) for advertising purposes, market or opinion research.

Collection and processing of personal data

We, PROAUT TECHNOLOGY GmbH (for details see imprint), are the responsible party for data processing on this website. We take the protection of your personal data very seriously and strictly adhere to the rules of the Federal Data Protection Act (BSDG) and the General Data Protection Regulation (DSGVO), which form the legal basis for our handling of personal data.

Personal data is not collected by us on this website.

We provide e-mail addresses and telephone/fax numbers for you to contact us. In this way, you can also provide us with personal data. Personal data is data with which you can be personally identified. Please note that the transmission of data by e-mail is not a secure transmission and that we are not responsible for the transmission path up to our company’s own IT system.

Therefore, any communication of this data is expressly on a voluntary basis and thus constitutes your consent to its storage and processing. This data will be treated confidentially and will not be passed on to third parties. Insofar as this involves information on communication channels (e.g. e-mail address, telephone number), you also consent to us contacting you via this communication channel, if necessary, in order to respond to your request. You can withdraw your consent or object to certain processing operations at any time.

We will process, store and archive your personal data exclusively for the following purposes:

to process and respond to your request
to fulfil and commercially process any contracts that may subsequently be concluded
to inform you about our offers
to carry out an application procedure in the case of job applications

Data transmission to third parties

Your data will not be transferred to third parties unless we are legally obliged to do so. Insofar as external service providers come into contact with your personal data, we have ensured through legal, technical and organisational measures as well as through regular checks that they comply with the provisions of the data protection laws.

Right to information

You have the right to request information about the data stored about you. At your request, the information can also be provided electronically.

Right to rectification, erasure or blocking

You have the right to request the correction, deletion or blocking of personal data stored about you. If legal regulations do not permit deletion, your data will be blocked instead so that it is only accessible for the purposes of mandatory legal regulations.

To exercise your aforementioned rights of revocation, information, correction, deletion or blocking of your personal data, please contact us via the e-mail address info@proaut.eu. The exercise of your above rights is free of charge for you.

You also have the right to lodge a complaint with the competent supervisory authority.

Use of Google Maps

We use the “Google Maps” component of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter “Google”, on our website. Each time the “Google Maps” component is called up, Google sets a cookie in order to process user settings and data when displaying the page on which the “Google Maps” component is integrated. As a rule, this cookie is not deleted by closing the browser, but expires after a certain period of time, unless you manually delete it beforehand. If you do not agree to this processing of your data, you have the option of deactivating the “Google Maps” service and thus preventing the transfer of data to Google. To do this, you must deactivate the Java Script function in your browser. However, we would like to point out that in this case you will not be able to use “Google Maps” or only to a limited extent. The use of “Google Maps” and the information obtained via “Google Maps” is in accordance with the Google Terms of Use http://www.google.de/intl/de/policies/terms/regional.html as well as the additional terms and conditions for “Google Maps” https://www.google.com/intl/de_de/help/terms_maps.html.

Server log files

The provider of the pages may automatically collect and store information in so-called server log files, which your browser automatically transmits to us. These are:

browser type and browser version
Operating system used
referrer URL
Host name of the accessing computer
Time of the server request
IP address

This data is not merged with other data sources.

The basis for data processing is Art. 6 para. 1 lit. f DSGVO, which allows the processing of data based on overriding interests of the website operator. The website operator has a legitimate interest in the technically error-free and optimised provision of its services. The server log data is required in each case for the accessibility of the website and to ensure the proper functioning of the website.

Reporting Office

As part of our Compliance Management System, we have established a whistleblower hotline. You have the opportunity to report incidents covered by the Whistleblower Protection Act (HinSchG) or incidents in which we otherwise have a legitimate interest in obtaining information. For the receipt and evaluation of such reports, we have commissioned the law firm Heuking Kühn Lüer Wojtek as an outsourced internal reporting office (hereinafter referred to as the “Reporting Office”). Reports to the Reporting Office can be submitted via a web form, by phone, by email, or in person. Reports to the Reporting Office can be made anonymously. The use of the Reporting Office is voluntary.

If you submit a report to the Reporting Office, it will capture the information you provide. This includes your personal data if you disclose it, and typically the names and other personal data of the individuals you mention in your report. Details regarding the handling of your personal data by the Reporting Office can be found in the Reporting Office’s privacy policy (https://whistlefox.heuking.de/UserContent/Legal/Datenschutzinformation_de.pdf)

a.) Categories of personal data we process

We receive a report from the Reporting Office, which, after reviewing the report, may contain the following personal data:

Names and other personal data of the reporting person only if the reporting person does not wish to remain anonymous and agrees to the disclosure to us;
Names and other personal data resulting from the report of the individuals mentioned in the report. As part of the further clarification of the reported incident and its processing, additional personal data may be collected and processed by us.

b) Purposes of data processing, legal basis

The processing of data transmitted to us by the Reporting Office serves the handling and management of reports of compliance violations, violations of legal regulations, and violations related to our business operations by employees, customers, suppliers, and other third parties. The legal basis for processing your personal data as the reporting person is, if you disclose your identity and agree to the disclosure of your name by the Reporting Office to us, your consent (Art. 6 para. 1 sentence 1 lit. a GDPR). To the extent that incidents fall under the Whistleblower Protection Act (HinSchG), Art. 6 para. 1 sentence 1 lit B GDPR in conjunction with § 10 HinSchG is the legal basis for processing the personal data of you as the reporting person and of the person(s) affected by the report. Outside the scope of the HinSchG, the legal basis for processing your personal data and the personal data of individuals affected by the report is our legitimate interest in uncovering and preventing legal violations and misconduct (Art. 6 para. 1 sentence 1 lit. f GDPR). A legitimate interest in uncovering and preventing legal violations and misconduct exists where we are legally obligated in certain areas. In addition, such violations can cause not only significant economic damage but also substantial reputational loss. If the affected person is one of our employees, the legal basis for processing in the course of processing or further investigation of the reported incident is also Art. 6 para. 1 sentence 1 lit. b GDPR) and, if applicable, our legitimate interest as described above (Art. 6 para. 1 sentence 1 lit. f GDPR).

c) Disclosure to third parties

The confidential treatment of all reports and data by the Reporting Office is ensured at all times and in every processing step. This particularly concerns the personal data of the reporting person as well as the person(s) affected by the report. Only designated, authorized individuals bound to handle information confidentially have access to incoming reports and information about the processing of the report or follow-up measures. If the report concerns another company within our corporate group, we will share the contents of the report and the results of the further investigation with that company within our corporate group. We may also disclose the contents of the report and the results of the further investigation of the reported incident to courts, authorities, and other public entities. This may occur if we are legally obligated to disclose the data or if it is necessary for the assertion, exercise, or defense of legal claims. In the course of investigative measures and in the assertion, exercise, or defense of legal claims, we may also engage the support of law firms or audit firms. Additionally, we may involve (technical) service providers in the investigation and processing of the reported incident, who act as data processors for us within the meaning of Art. 28 GDPR and operate on the basis of corresponding agreements. These service providers may also become aware of the contents of the whistleblower report but are obligated to handle the affected data confidentially. Personal data of the reporting person and the affected individuals may, despite maintaining confidentiality, come to the attention of authorities, courts, or third parties in exceptional situations. This is the case when the disclosure of this information is mandatory for us, such as in the context of an official investigation (e.g., in the course of a criminal investigation) or when it is necessary for the assertion, exercise, or defense of legal claims. Moreover, the reported information must, under certain conditions, be disclosed to the individuals affected by the report.

d) Duration of data storage

Personal data will be stored as long as necessary for the investigation of the report and any subsequent measures, or as long as there is a legitimate interest on our part, or as long as required by law. After that, the data will be deleted in accordance with legal requirements.

e) Transfer of data to third countries

As a rule, no personal data from reports is transferred to countries outside the European Union (EU) or the European Economic Area (EEA), unless the report concerns a company within our corporate group located in a country outside the EU or EEA. Countries outside the European Union or the European Economic Area may have different regulations for the protection of personal data. In such a case, when sharing information, we adhere to the relevant data protection regulations.