• Privacy Policy for the DMG MORI Event App

Privacy Policy for the DMG MORI Event App

Preamble

This service (hereinafter: "App") is provided by DMG MORI AKTIENGESELLSCHAFT, Gildemeisterstraße 60, 33689 Bielefeld and DMG MORI Global Marketing GmbH, Antoniusstraße 14, 73249 Wernau (hereinafter: "DMG MORI", we" or "us") as the controller within the scope of the respectively applicable data protection law.

In the context of the App, we enable you to retrieve and view the following information: location map, machine overview with technical data and videos regarding all the machines, QR code scanner, optional push notifications. If you are using the App, we will process your personal data. Personal data means any information relating to an identified or identifiable natural person. Since the protection of your privacy during the use of the App is a priority for us, we would like to provide you with the following information about which personal data we process when you are using the App and how we handle said data. In addition, we would like to inform you about the legal basis for the processing of your data and, where the processing is necessary for the purposes of our legitimate interests, also about our legitimate interests.

You can view this Privacy Policy at any time under the "Data Privacy" menu item in the App, or under https://en.dmgmori.com/dataprotection-event-app.  

1. Information about the processing of your data

Certain information will be processed automatically as soon as you are using the App. Please find below a list of the specific personal data which are processed:

  1. Information collected during the download
    When you are downloading the App, certain necessary information is transmitted to your app store (e.g. Google Play or Apple App Store); especially the user name, the email address, the customer number of your account, the time of the download, payment information and the unique device identifier may be processed in this context. The processing of this data is exclusively performed by the respective app store and is beyond our control.
  2. Automatically collected information
    In the context of your use of the App, we automatically collect certain data that are necessary for the use of the App. These data include: internal device ID, operating system version, time and country of App access.

    These data are automatically transmitted to us, but not stored, in order to (1) enable us to provide the service and the associated functionalities to you; (2) improve the functionalities and performance features of the App, and (3) prevent and eliminate any abuse and malfunctions. This data processing is justified due to the fact that (1) the processing is necessary for the performance of the contract between you, as the data subject, and us pursuant to point (b) of Art. 6(1) GDPR for the use of the App, or (2) we have legitimate interest in guaranteeing the functioning and the error-free operation of the App and in being able to offer a service meeting the demand of the market and in line with the interests, which overrides your rights and interests regarding the protection of your personal data within the scope of point (f) of Art. 6(1) GDPR.
  3. Use of the App
    When you are using our App, you have the option to enter, manage and edit various information, tasks and activities (so-called user data). This information includes in particular data for your trade fair visit such as the location map, machine overview with technical data and videos regarding all the machines, QR code scanner, optional push notifications.

    In addition, we use "Google Firebase" for analyzing and categorizing user groups and for the optional provision of push notifications. Further information regarding the privacy policy of "Google Firebase" is available at https://firebase.google.com/support/privacy.

    In addition, the App requires the following permissions:
  • Internet access: required in order to retrieve product information from our event website as well as the trade fair program and other content pages from the Contentful CMS. Both systems as such do not receive any data and are not used for storing user data.
  • Camera access: required in order to allow you to use the QR code scanner during the trade fair visit, in order to obtain additional information on each machine inside the App.

All the above described data processing is justified due to the fact that (1) the processing is necessary for the performance of the contract between you, as the data subject, and us pursuant to point (b) of Art. 6(1) GDPR for the use of the App, or (2) we have legitimate interest in guaranteeing the functioning and the error-free operation of the App, which overrides your rights and interests regarding the protection of your personal data within the scope of point (f) of Art. 6(1) GDPR.

2. Disclosure and transfer of data

Apart from the occasions expressly specified in this Privacy Policy, a disclosure of your personal data without your express prior consent will only take place if it is legally permissible and/or necessary. This may, inter alia, be the case if the processing is necessary in order to protect vital interests of the user or another natural person.

  1. The data that you provide during registration are, to the extent necessary, disclosed within the DMG MORI Group for internal administration purposes, including joint customer service.

    A potential disclosure of the personal data is justified due to the fact that we have a legitimate interest in disclosing the data for administrative purposes within our group and that your rights and interests regarding the protection of your personal data are not overriding within the scope of point (f) of Art. 6(1) GDPR.
  2. If necessary for the investigation of unlawful and/or abusive App use or for the establishment of rights, personal data will be transferred to the law enforcement authorities or other authorities as well as, if applicable, to harmed third parties or legal advisers. However, such a transfer will only take place if there are indications suggesting unlawful and/or abusive conduct. Personal data may also be disclosed if such disclosure serves the purpose of enforcing terms of use or other legal claims. In addition, we are required by law to provide, upon request, information to certain public bodies. These bodies are law enforcement authorities, authorities prosecuting administrative offenses subject to a fine, and the fiscal authorities.

    A potential disclosure of personal data is justified due to the fact that (1) the processing is necessary for the fulfillment of a legal obligation that we are subject to pursuant to point (f) of Art. 6(1) GDPR in conjunction with national legal provisions regarding the disclosure of data to law enforcement authorities; or (2) if there are indications of abusive conduct or if we seek to enforce our terms of use, other conditions or legal claims, we have a legitimate interest in disclosing the data to said third parties and your rights and interests with regard to the protection of your personal data are not overriding within the scope of point (f) of Art. 6(1) GDPR.
  3. In order to provide our service, we are dependent on contractually affiliated companies of DMG MORI AKTIENGESELLSCHAFT, Gildemeisterstraße 60, DE-33689 Bielefeld and on the following third-party companies and external service providers:

    App developer: Hybrid Heroes GmbH, Reichenberger Str. 113a, 10999 Berlin.

    A potential disclosure of the personal data is justified due to the fact that (1) we have a legitimate interest in disclosing the data for administrative purposes within our group and your rights and interests regarding the protection of your personal data are not overriding within the scope of point (f) of Art. 6(1) GDPR, and (2) we have chosen our third-party companies and external service providers as processors within the scope of Art. 28(1) GDPR with care, have regularly audited them and subjected them to the contractual obligation to exclusively process any personal data as instructed by us.
  4. In the context of the further development of our business, the structure of our company might change such that the legal form might be changed, subsidiaries, divisions and parts of the company might be established, purchased or sold. In case of such transactions, the customer information might be transferred along with the part of the company to be transferred. We will ensure in any case of disclosure of personal data to third parties in the above described scope, that such disclosure is performed in accordance with this Privacy Policy and applicable data protection law.

    A potential disclosure of the personal data is justified due to the fact that we have a legitimate interest in adjusting our company form, if need be, to the respective economic and legal circumstances and that your rights and interests regarding the protection of your personal data are not overriding within the scope of point (f) of Art. 6(1) GDPR.

3. Data transfer to third countries

We also process data in states outside the European Economic Area ("EEA"). Specifically:

  • Google LLC, 1600 Amphitheatre Parkway, Mountain View, California, United States, 94043

With regard to the United States, the European Commission decided in its decision of 12 July 2016 that the provisions of the EU-U.S. Privacy Shield provided an adequate level of data protection (adequacy decision, Art. 45 GDPR). Google LLC is a company that is certified under the EU-U.S. Privacy Shield.

4. Changes of purpose

Your personal data will only be processed for other purposes than the ones described above if this is permitted by law or if you have consented to the changed purpose of the data processing. In case of further processing for other purposes than the ones for which the data were originally collected, we will inform you prior to the further processing for those other purposes and will provide you with any additional information relevant in this regard.

5. Period of data storage

We will erase or anonymize your personal data as soon as they are no longer necessary for the purposes for which we have collected and used them as described in the sections above. We will usually store your personal data for the duration of the use and/or contractual relationship of/for the App plus a period of 6 months, during which we will, after the erasure of the data, keep a back-up copy, unless such data are required for a longer period of time for law enforcement purposes or for securing, establishing or enforcing legal claims.

This shall not affect any specific provisions contained in this Privacy Policy or legal requirements for the storage and erasure of personal data, in particular such data that we must retain for tax reasons.

6. Your rights as a data subject

  1. Right of access
    You have the right to obtain from us at any time upon request information within the scope of Art. 15 GDPR about the personal data concerning you which we are processing. In order to obtain such information, you may send your request by mail to the address provided below or per email to responsibility@dmgmori.com.
  2. Right to rectification of inaccurate data
    You have the right to obtain from us without undue delay the rectification of personal data concerning you, if such data are inaccurate. Please feel free to contact us to this end at the contact addresses provided below.
  3. Right to erasure
    Under the conditions described in Art. 17 GDPR, you have the right to obtain from us the erasure of personal data concerning you. These conditions give rise to a right to erasure in particular if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, if the personal data have been unlawfully processed, if the data subject objects to processing or if the personal data have to be erased for compliance with Union or Member State law to which we are subject. With regard to the period of data storage see also section 5 of this Privacy Policy. Please contact us at the contact addresses provided below, if you would like to exercise your right to erasure.
  4. Right to restriction of processing
    You have the right to obtain from us restriction of processing in accordance with Art. 18 GDPR. This right exists in particular if the accuracy of the personal data is contested between the user and us, for a period enabling us to verify the accuracy; and if, in case of an existing right to erasure, the user requests a restriction of processing instead of erasure; furthermore, this right exists if the data are no longer necessary for the purposes pursued by us, but if the user requires them for the establishment, exercise or defense of legal claims, and if the successful exercise of the right to object is still disputed between us and the user. Please contact us at the contact addresses provided below, if you would like to exercise your right to restriction of processing.
  5. Right to data portability
    You have the right to receive from us the personal data that you have provided to us in a structured, commonly used and machine-readable format in accordance with Art. 20 GDPR. Please contact us at the contact addresses provided below, if you would like to exercise your right to data portability.
  6. Withdrawal of consent
    If you have given us your consent to the processing of your personal data, you can withdraw this consent at any time, free of charge and without incurring any future disadvantages. In order to do so, please send an email to disagree@dmgmori.com or a message to the contact addresses provided below. After you withdraw your consent, your personal data will no longer be used for the aforementioned purposes and – subject to a permitted processing for other purposes – will be erased immediately.

7. Right to object

Furthermore, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) of Art. 6(1) GDPR (data processing in the public interest) or on point (f) of Art. 6(1) (data processing based on a weighing of interests); this also applies to profiling based on this provision (Art. 21 GDPR). If you object, we shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

8. Right to lodge a complaint

Furthermore, according to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority with regard to our processing of your personal data.

9. Contact

If you have any questions or concerns regarding our handling of your personal data or if you would like to exercise the rights specified under sections 6 and 7 as the data subject, please feel free to contact us at responsibility@dmgmori.com. In addition, you may contact our Group Data Protection Officer at GILDEMEISTER Beteiligungen GmbH, FAO Group Data Protection, DECKEL MAHO Straße 1, DE-87459 Pfronten, responsibility@dmgmori.com.

10. Changes to this Privacy Policy

We will always keep this Privacy Policy up to date. Therefore, we reserve the right to change this Privacy Policy from time to time and to subsequently apply these changes to the collection, processing or use of your data. The current version of this Privacy Policy is at all times available under "Data Privacy" in the App and under https://en.dmgmori.com/dataprotection-event-app.

DMG MORI uses cookies to ensure you the best experience on our website. When you browse the website you agree to our use of cookies. More information on data protection and revocationTerms and ConditionsImprintExlusion of liability