Privacy Policy

SECTION I. – General Information

We appreciate your interest in our company and our services. We consider it our primary task to protect the confidentiality of the personal data you provide and to protect it from unauthorised access. We therefore take the utmost care and apply state-of-the-art security standards to ensure maximum protection of your personal data. To this end we have adopted technical and organisational measures, which ensure that the data protection regulations are observed both by us and also by our external service providers. Please read these regulations to familiarise yourself with the nature, scope and aim of the processing of personal data by us as the providers of this website. The lawful basis on which we process your personal data is provided under Regulation (EU) 2016/679 General Data Protection Regulation.

– hereinafter referred to as the “GDPR” –

Enhanced regulatory provisions apply in Germany under the Federal Data Protection Act [Bundesdatenschutzgesetz], in supplement to the provisions of the GDPR.

– hereinafter referred to as the “BDSG” –

To the extent that no other information is provided in the future, you are neither required by law nor by contract to provide your personal data to us, nor is it absolutely necessary to conclude a contract with us. You are not fundamentally obliged to provide your personal data. Refusal to provide your personal data has no consequences for you as a user when viewing our website. This applies only where no other information is given in the subsequent processing operations.

 

SECTION II. – Definitions

Legislation requires personal data to be processed lawfully, in good faith and in a manner that is reasonable for the Data Subject. In order to ensure this, we hereby inform you of the individual legal definitions which are also used in this data protection statement. This data protection statement is based on terms similar to those used by the European Commission when adopting the General Data Protection Regulation (GDPR). The terms used here are presented in abbreviated form, correspondingly and without any claim to their completeness or the legal certainty of the wording. For further information please refer to Regulation (EU) 2016/679 of the European Parliament and of the Council dated 27 April 2016, in so far as this description does not sufficiently clarify the definitions or explain the legal form. We use the following terminology in our data protection statement, including but not limited to:

“Personal data”
Personal data is all the information, which relates to an  identified or identifiable natural person.

– hereinafter referred to as the “Data Subject” or “pers. data” –

“Processing”
Processing is any process or series of processes carried  out in the context of personal data.

“Restriction”
A restriction on processing is the marking of stored  personal data with the aim of limiting its future processing.

“Profiling”
Profiling is any type of automated processing in which  personal data is used to evaluate certain personal aspects relating to a natural person.

“Pseudonymisation”
Pseudonymisation is the processing of personal data in such a way that this can no longer be assigned to a Data Subject without the need for additional information.

“Data Controller”
A data controller is the natural or legal person, who alone or together with others decide on the purposes and means of processing.

“Processor”
A processor is a natural or legal person who processes data on behalf of the Data Subject.

“Recipient“
A recipient is a natural or legal person, authority, institution or other body to whom personal data is disclosed, regardless of whether it involves a third party or not.

“Third party”
A third party is a natural or legal person, who, under the direct authority of the Data Controller, is authorised to process personal data.

 “Consent”
Consent is each expression of will unequivocally given by  the Data Subject voluntarily for a particular case in the form of a declaration or a unique action of confirmation.

 

SECTION III. – Data Controller

a.    Data Controller

The Data Controller in the sense of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), as well as any other data protection laws and other regulations on data protection in the Member States of the European Union:

ASC Armored Specialty Cars GmbH
Keltenstraße 26-28
72766 Reutlingen (Germany)

Phone:   +49 7127 9298-0
Fax:        +49 7127 9298 50

E-mail:   info@asc-germany.de
Website: https://www.asc-germany.de

 

b.    DATA PROTECTION OFFICER

The data protection officer of the Data Controller for processing is:

DDSB GmbH
Mr. Andreas Peter Mückl
Untere Dornäcker 21
72379 Hechingen (Germany)

Phone:   +49 7471 5010-100
Fax:        +49 7471 5010-190

E-mail:   privacy@ddsb.de
Website: https://www.ddsb-datenschutz.de

 

c.    DATA PROTECTION SUPERVISORY AUTHORITY

Responsible supervisory authority:

The State Commissioner for Data Protection and
the Freedom of Information for Baden-Württemberg

[Landesbeauftragte für den Datenschutz und
die Informationsfreiheit Baden-Württemberg]

Postfach 102932
70025 Stuttgart (Germany)

Phone:   +49 711 61554 10
Fax:        +49 711 61554 115

E-mail:   poststelle@lfdi.bwl.de
Website: https://www.baden-wuerttemberg.datenschutz.de

 

SECTION IV. – Use and Purpose of the processing and its Lawful Bases

1.    Use and Purpose of the Processing

We process personal data that we receive directly from our customers in the course of our business relationship. In addition, we process personal data that we collect from other companies, to carry out orders, to fulfil contracts or on the basis of consent we have received from you, for example. We also process personal data that we have legitimately gained and are permitted to process from publicly available sources, such as commercial registers, the press, the media or the internet. The personal data provided by you will be processed according to the applicable regulations on personal data protection, only for the purposes communicated by you and for which you have given consent for its use. In particular, for:

  • initiation or performance of the contract with you;
  • being able to process and answer your enquiries adequately and effectively;
  • tailoring services and offers to you;
  • processing your requests and orders;
  • providing particular information or offers to you;
  • maintaining legitimate business interests, in terms of customer service and customer

Your personal data is not disclosed to third parties without your express consent.

 

2.    Lawful Basis for the Processing of Personal Data

The processing of personal data is only lawful if there is a lawful basis for the processing. The lawful basis for the processing may, in accordance with Article 6(1)(a) to (f) of the GDPR, in particular be:

a) the Data Subject has given their consent to the processing of personal data concerning them for one or more specific purposes;

b) the processing is necessary for the fulfilment of a contract to which the Data Subject is a contractual party or in order to fulfil contractual requirements at the request of the Data Subject;

c) the processing is necessary to fulfil a legal obligation to which the Data Controller is subject;

d) the processing is necessary to protect the vital interests of the Data Subject or another natural person;

e) the processing is necessary for the performance of a task in the public interest or in the exercise of public authority conferred on the Data Controller;

f) the processing is necessary to safeguard the legitimate interests of the Data Controller or a third party, unless the interests or fundamental rights and freedoms of the Data Subject, which require the protection of personal data, prevail, in particular where the Data Subject is a child.

 

SECTION IV. – Collection of Personal Data

1.    Server Log Files

With each visit to our website, whether by a Data Subject or via an automated system, a set of general data and information is collected for the maintenance and safe operation of our website. This general data and information is stored in the log files of the server. This data is collected only to the extent that it is technically necessary. The data remains anonymous and is evaluated exclusively for statistical purposes to improve our websites and online services. The data collected is used solely for statistical evaluations and to improve the website. We reserve the right, however, to review the server log files subsequently, in the event that concrete and valid evidence indicates an illegal use of our website.

 

2.    Acquisition and Processing of the Data Types in Server Log Files

Where the website is used for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to guarantee its stability and security. These items are:

  • websites visited
  • time of access
  • amount of data sent in bytes
  • source/reference from which you accessed the page
  • information about the internet service provider of the accessing system
  • browser type used and its version
  • operating system used for browser access
  • IP address used (anonymised)
  • website from which an accessing system reaches our website (the referrer)
  • the sub-pages that are controlled via an access system on our website
  • other similar data and information used for risk prevention in the case of attacks on our
    information technology systems.

When using this general data and information, ASC Armored Specialty Cars GmbH does not draw any conclusions about the Data Subject. Rather, this information is needed to

  • correctly deliver the content on our website;
  • optimise the contents and advertising of our website;
  • ensure the functionality of our information technology systems and the technology of
    our website;
  • provide law enforcement authorities with the information necessary for law
    enforcement in the event of a cyber-attack.

This data and information collected anonymously are therefore statistically evaluated by ASC Armored Specialty Cars GmbH with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us.

The anonymous data from the server log files is stored separately from all personal data given by a Data Subject and, therefore, does not provide any conclusions about individual persons. This means that your personal data is protected at all times. This data is processed based on Article 6(1)(f) of the GDPR under the legitimate interest in the provision and secure operation of our website. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement.

 

3.      Cookies

Our website uses cookies. Cookies are small text files that are stored in the web browser or by the web browser on a user’s computer system. If a user visits our website, a cookie may be stored on the user’s operating system. This cookie contains a distinctive character string that enables the browser to be uniquely identified when the website is accessed again. We use cookies to make our website more user-friendly, effective and secure. Cookies also enable our systems to recognise your browser after changing sites and to offer you services. Our sites use “session cookies” to remember your:

  • language settings
  • display settings
  • login information

Session cookies will be deleted from your computer when you close your browser.

We also use a limited number of persistent cookies. These remain on your computer until you delete them or until they expire after a period of up to a year, as a general rule.

Persistent cookies contain the following information:

  • status (hidden or expanded) of some menus and widgets
  • selected tab in the widgets.

The purpose of using technically necessary cookies is to simplify use of websites for users. Some features of our website will not be available without the use of cookies. In this case, it is necessary to identify the browser even after changing the page. The lawful basis for the processing of personal data using technically necessary cookies is Article 6(1)(f) of the GDPR. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement.  We require cookies for the following applications:

  • applying language settings
  • remembering search terms.

We also use cookies on our website to analyse user surfing behaviour. The following data can be transmitted in this way:

  • search terms entered
  • frequency of page views
  • use of website functions.

When accessing our website, users are informed about the use of cookies for analytical purposes and their consent to the processing of personal data used for that purpose is obtained. In this context, reference is also made to this data protection statement. The lawful basis for the processing of personal data using cookies for analytical purposes where the user provides their consent in this regard is Article 6(1)(a) of the GDPR. You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until the time of revocation.

The user data collected by cookies is not used to create user profiles. The data collected from you in this way is pseudonymised by technical means. We are therefore unable to relate this data to you personally. The data is not stored together with your other personal data. These cookies help us to gather reliable information about website usage. In this way, we can measure how well the website complies with the requirements of its users, and, if necessary, make improvements.

The analysis cookies are used to improve the quality of our website and its content. By using analysis cookies, we learn how the site is used and can constantly optimise our service. The data that we have collected about your surfing behaviour on our website is stored under absolutely secure conditions. These cookies are used only for the purposes described here. You can manage and/or delete cookies as you wish. You can delete any cookies that are already on your computer and you can set most browsers so that they are not placed on your computer. If you do this, however, you may have to manually adjust some preferences every time you visit a site, and some services and functions may not work. You can easily accept or reject the cookies on this page. However, you can reject only persistent cookies, which are not strictly necessary. Some cookies are needed because they make certain functions available. Flash cookies cannot be prevented in the browser settings, but by changing the Flash Player settings.

 

4.      Contact Options

On the basis of statutory regulations, the ASC Armored Specialty Cars GmbH website contains information that enables customers to quickly contact us electronically, as well to communicate with us directly, which also includes a general e-mail address. If a Data Subject contacts us by e-mail or any other means of contact, the personal data transmitted by the Data Subject will be automatically stored. We process your personal data which you provide to us by e-mail contact form, etc. to answer and fulfil your requests. You are not obliged to provide your personal data. But if you do not provide us your e-mail address we cannot reply by e-mail. Personal data submitted on a voluntary basis to us is stored for purposes of processing the request and contacting the Data Subject.

This personal data is not transmitted to third parties.

By sending your message, you consent to the processing of the data transferred. This data is processed on the basis of Article 6(1)(a) of the GDPR with your consent. You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until the time of revocation. We will only use your e-mail address to respond to your enquiry. Your data will then be deleted, taking into account statutory and, in particular, tax and commercial law retention periods, unless you have consented to further processing and use.

 

5.      Communication by E-mail

Your personal data is stored using all possible technical and organisational measures so that it is not accessible to third parties. As the recipient, we cannot guarantee complete data security for e-mail communication, so we recommend that you send confidential information by post. This data is processed on the basis of Article 6(1)(a) of the GDPR with your consent. You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until the time of revocation.

 

6.      Form Function

Where there is the possibility of entering personal data on our website, data is disclosed on an expressly voluntary basis. Of course, this data will be handled confidentially by us. By submitting your data, you consent to the processing of the data transferred. This data is processed on the basis of Article 6(1)(a) of the GDPR with your consent. You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until the time of revocation.

 

SECTION VI – Use and Processing

 1.    Information

We only store and process data which you voluntarily provide to us. If you make use of services, generally only data that we absolutely need to provide the services and to safeguard our own legitimate business interests is collected. If we ask you for further information, you are under no obligation to provide it. If the processing of personal data is necessary and there is no lawful basis for such processing, we generally obtain consent for the processing the data of the Data Subject. Personal data is always processed in accordance with the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), and in accordance with the state-specific data protection provisions applicable to ASC Armored Specialty Cars GmbH.

ASC Armored Specialty Cars GmbH has implemented numerous technical and organisational measures as the Data Controller in order to ensure that all personal data processed via this website is protected as best as possible. Nevertheless, internet-based data transmissions can by their very nature have security gaps, so absolute protection cannot be 100% guaranteed. For this reason, every Data Subject is free to transmit personal data to us by alternative means, for example by telephone or post.

 

2.    Consent

If it is necessary to obtain personal data, the processing of which is permitted or provided for on a lawful basis, we collect this from the Data Subject before processing in the form of voluntary consent. You may revoke your consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until the time of revocation.

 

3.    Legitimate Interest

If the processing is absolutely necessary to maintain a legitimate interest of our company or a third party, and it must be ensured that the interests are proportionate and the fundamental rights and freedoms of the Data Subject do not prevail, then we conduct the processing on the basis of Article 6(1)(f) of the GDPR in a considered assessment of risks related to this and in full awareness of our fiduciary duty according to strict assessment criteria, which otherwise are not included in any of the above mentioned lawful bases. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement. We are, in particular, allowed to carry out such processing procedures that sometimes become necessary because they have been specifically provided for in EU legislation. In this regard this maintains the condition that, for example, a legitimate interest could be assumed if the Data Subject is a customer of the Data Controller. (see Recital 47(2) of the GDPR).

 

4.    Direct Marketing

We use your e-mail address, which we have obtained within the framework of a personal contact or in connection with an agency/project undertaking or in connection with a service delivery/claim or in connection with the sale/purchase of a good/product, for the electronic transmission of marketing for our own offers, products or services, which are similar to those that you have already ordered with us, if you have not objected to such use. This data is processed on the basis of Article 6(1)(f) of the GDPR on the basis of the legitimate interest in direct marketing. You have the right at any time to object to the processing of your personal data, without giving any reasons, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement. You can also use the dedicated link in the promotional e-mail. There are no other costs involved in sending this notification other than the transmission costs in accordance with the basic tariffs.

 

5.    Processing of Personal Data

When creating a quotation or offer acceptance, we collect and use personal data only as necessary to generate, fulfil and process quotes and/or contracts, as well as to process requests in this regard. This data must be provided in order to conclude the contract. This data is processed on the basis of Article 6(1)(b) of the GDPR and is necessary to conclude and execute a contract with you. Service providers employed by us and acting on our behalf (order processors, see Article 28 GDPR) can process data for purposes mentioned in Section IV, Part A.

Existing services which the contractor generally uses with third parties as an ancillary service, in support of its operation or its business in the context of order processing, also fall within the sense of this statement. In such cases, personal data is processed by the operator under contract in accordance with Article 28 of the GDPR in connection with Section of the 62 BDSG.

Inasmuch as ancillary services also need to be used for the processing, the processing is based on Article 6(1)(f) GDPR on the basis of the legitimate interest in maintaining business operations. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement. These include ancillary services to ensure the confidentiality, availability, integrity and capacity of the computer hardware and software used and called upon by the contractor, such as:

  • telecommunications providers as part of maintenance and services
  • cleaning and/or security services
  • auditors in the context of certifications
  • waste disposal services
  • data centre services
  • postal/transportation services
  • IT service providers for system maintenance and user service.

 

6.    Data Transfer

Your data is not disclosed to third parties, who then process it under their own responsibility, without your express consent. Only our service partners which we need to conduct the contractual relationship or service providers we use in the course of order processing are excluded from this. The scope of the disclosure of data is limited to a minimum. In all cases, we assure you that when choosing our service providers which we use in individual cases, we select these carefully and in good faith, in terms of their suitability and reliability, ensuring that they satisfy our own requirements and standards.

 

7. Transmissions

Personal data is transmitted to authorised national institutions and authorities only within the framework of relevant laws or unless we are required by a court decision to do so. This data is processed on the basis of Article 6(1)(e) of the GDPR. We may transmit your personal data to the companies referred to under Section II. A. and to companies affiliated with us, to the extent permitted by the purposes set out in Section IV. A. and the lawful bases referred to in Section IV. B.

 

8. Data Transfer to a Third Country

We do not envisage transmitting your data to a third country. If our service providers or partners are located in a country outside the European Economic Area (EEA), we will inform you of the consequences of this in the description of the relevant offer.

 

9. Categories of Recipients

Within ASC Armored Specialty Cars GmbH, only those persons who receive your data and are entrusted with processing the contract or handling your request. Otherwise, personal data is processed on our behalf, on the basis of contracts pursuant to Article 28 of the GDPR in conjunction with Section 62 of the BDSG. In addition to the recipient named in the respective provisions of this data protection statement, this may be to recipients in the following categories:

  • commercial agencies
  • shipping providers
  • payment service providers
  • enterprise resource planning service providers
  • logistics providers
  • cloud and IT service providers
  • tax and business consultants.

The recipients can be also our affiliates, insofar as this is allowed for within the purposes set forth in this statement and lawful bases.

 

10. Duration of Storage

The Data Controller processes and stores the personal data of the Data Subject only for the period that is necessary to achieve the purpose of the storage. After completion of the contract, the data is first stored for the duration of the warranty period; then, taking into account any legal and, in particular, tax and commercial retention periods, your data is stored and then deleted after this period, unless you have agreed to further processing and use or unless this is otherwise determined by the European Commission or any other laws or regulations to which the Data Controller is subject.

 

11. Confidentiality and Data Protection

Our employees and the service companies commissioned by us are contractually bound to confidentiality and to comply with data protection, in accordance with regulations of the German Federal Data Protection Act.

 

12. Children and/or Young People

Our offer is essentially aimed at adults. Persons below the age of 18 should not transmit personal data to us without the consent of their parents or legal guardians. We generally require no personal data from a child or children or a young person or young people, and we do not collect and or disclose such data to third parties. Nevertheless, in special circumstances, we may need and request such personal data to process an application, under our legitimate interest in the application for the establishment of a possible employment relationship.

In such cases, personal data is processed on the basis of Article 6(1)(f) of the GDPR, for the legitimate interest of the aforementioned purpose and to obtain the necessary written consent of one or more parents or guardians in the processing. The parents or guardians may revoke their consent at any time by notifying us, without affecting the lawfulness of processing carried out on the basis of consent until the time of revocation. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement. If the Data Controller concludes an employment or placement contract with an applicant, the data to be transmitted will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. This data is processed on basis of Section 26(1) in conjunction with (8)(2) of the BDSG in the course of employment.

 

13. Job Applications

Insofar as the application is necessary to fulfil a contract with the applicant or to carry out pre-contractual measures, the lawful basis for processing the data is based on Article 6(1)(b) of the GDPR. If this is a speculative application, the data is processed based on Article 6(1)(a) GDPR, with the consent of the applicant. You can revoke consent provided under the lawful basis of Article 6(1)(a) of the GDPR at any time by informing us, without affecting the lawfulness of the processing carried out on the basis of consent until the time of revocation.

Insofar as ancillary services are to be used for processing, the processing is carried out on the basis of Article 6(1)(f) of the GDPR, based on the legitimate interest in the handling of the application process. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement.

The lawful basis for processing the data beyond any other lawful basis is in any case the consent of the applicant in accordance with Article 6(1)(a) of the GDPR. As part of the application process, we obtain the consent of the applicant. You can revoke consent provided under the lawful basis of Article 6(1)(a) of the GDPR at any time by informing us, without affecting the lawfulness of the processing carried out on the basis of consent until the time of revocation. If the processing of personal data is necessary and there is no lawful basis for such processing, we generally obtain consent for the processing the data of the Data Subject. You can revoke consent provided under the lawful basis of Article 6(1)(a) of the GDPR at any time by informing us, without affecting the lawfulness of the processing carried out on the basis of consent until the time of revocation.

As far as employment between you and us is concerned, we may process the personal data already obtained from you for employment purposes. The lawful basis flows from Section 26(1) in conjunction with (8)(2) of the BDSG if this is necessary for the creation, implementation or termination of the employment relationship or for exercising or fulfilling the rights and obligations of the employees resulting therefrom. Otherwise, the application process ends with the receipt of the rejection by the applicant.

In the event that an employment relationship between you and us does not come into effect, we may also continue to store data based on Article 6(1)(f) of the GDPR to the extent necessary to defend against possible legal claims. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. To exercise this right, you may contact us at any time, as the Data Controller or our data protection officer, using the contact details provided in this statement.

 

14. Processing in the Employment Context

Data is processed on the basis of Article 88 of the GDPR in conjunction with Section 26 of the BDSG.

 

SECTION VII. – Technical and Organisational Measures

We have taken technical and organisational security measures to protect your personal information against loss, destruction, manipulation and unauthorised access. Our security measures are continuously updated in accordance with technological development and the state of the art,as far as economically viable and acceptable, so as to keep the confidentiality, integrity, availability and resilience of our systems and services always at the highest level.

 

1. SSL Encryption

To best protect your transmitted data, we use SSL encryption on our websites. You can recognise encrypted connections by the prefix “https://” in the page link in the address line of your browser. Unencrypted pages are identified by “http://”. All data that you send to these SSL websites – such as inquiries or logins – cannot be read by third parties thanks to SSL encryption.

 

2. Organisational Measures

All of our employees and all persons involved in data processing are contractually obliged to observe the data protection laws and provisions and are also bound to the confidential handling of personal data as well as to data protection and confidentiality.

 

3. Automated Decision-Making

As a responsible company, we do not use automatic decision-making.

 

4. Profiling

Profiling is carried out only for logistical reasons to process your order within our enterprise resource planning system.

 

SECTION VIII. – Rights of Data Subjects

You have the following rights pursuant to the statutory requirements under Article 15 to 21 and Article 77 of the GDPR in connection with Section 29 of the BDSG. If you wish to avail yourself of any of the following rights, you may contact our data protection officer or us, as the Data Controller, at any time using the contact details provided in this statement.

  • Information about your data which we store and how we process it
  • Correction of incorrect personal data
  • Deletion of your data which we store, or limitation of data processing, if we are not yet allowed to delete your data due to legal obligations
  • Objection to your data being processed by us
  • Data portability, if you have consented to data processing or have concluded a contract with us.
  • If you have given us your consent, you can revoke it with future effect at any time.

 

Right to objection under Article 21 of the GDPR

Any Data Subject has the right granted by the European Commission, for reasons arising from their particular situation, to object to the processing of personal data relating to them at any time, which is processed on the basis of Article 6(1)(e) or (f) of the GDPR. This also applies to profiling based on these provisions. ASC Armored Specialty Cars GmbH will no longer process personal data in the event of an objection, unless we can prove there are compelling reasons to continue the processing which outweigh the interests, rights and freedoms of the Data Subject, or that the processing serves to assert, exercise or defend legal claims.

If ASC Armored Specialty Cars GmbH processes personal data for direct mailing purposes, the Data Subject has the right to object to the processing of personal data for the purpose of such marketing at any time. This also applies to any profiling connected with such direct marketing. If the Data Subject objects to ASC Armored Specialty Cars GmbH’s processing for direct marketing purposes, ASC Armored Specialty Cars GmbH may no longer process the personal data for these purposes.

The Data Subject has the right, for reasons arising from his/her particular situation, to object to the relevant processing of personal data which ASC Armored Specialty Cars GmbH carries out for scientific or historical research purposes or for statistical purposes, in accordance with Article 89(1) of the GDPR, unless such processing is necessary for the performance of a task in the public interest.

The Data Subject is also free to exercise their right of objection in relation to the use of services of an information company, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.

Without prejudice to any other administrative or judicial remedy, you have the right, in accordance with Article 77 of the GDPR in conjunction with Section 29 of the BDSG, to contact the supervisory authority if you believe that the processing of your personal data is not lawful. The competent supervisory authority varies depending on your country of residence, your work or the nature of the alleged infringement. A list of supervisory authorities (for the non-public sector) and their addresses can be found (in German) at:

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

You also have the right to an effective judicial remedy if you consider that your rights under this regulation have been infringed as a result of processing of your personal data in breach of this regulation.

 

SECTION IX. – Integrated Processing Components

1. Gstatic

Our website uses Java Script code from the website www.gstatic.com of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (Google). If you have activated Java-Script in your browser and have not installed a Java-Script blocker, your browser may send persb. data to Google. We are not aware of what data Google links to the data received and for what purposes Google uses this data. The processing is carried out on the basis of Article 6(1)(f) GDPR for the legitimate interest in the aforementioned purpose. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR.  If you do not want Google to collect data about you via our website, you must deactivate the use of JavaScript code from Google in your browser or block the execution of scripts for the domain www.gstatic.com altogether, e.g. www.noscript.net or www.ghostery.com

 

2. Google APIs

Google APIs of the company Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter: Google) are used on our Internet pages. is used. This is a program interface provided by Google. Within the scope of use, data, such as in particular the IP address, may be transmitted to Google. The processing is carried out on the basis of Article 6(1)(f) GDPR for the legitimate interest in the aforementioned purpose. You have the right at any time to object to the processing of your personal data, for reasons arising from your particular situation, based on Article 6(1)(f) of the GDPR. You can prevent the collection and forwarding of personal data (in particular your IP address) to Google and the processing of this data by Google by deactivating the execution of Java Script in your browser or by installing a tool such as ‚NoScript‘.

 

3. Google WebFonts

Our website uses so-called web fonts provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must connect to Google’s servers. This gives Google knowledge that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our website. You have given your consent to this via our opt-in cookie banner within the meaning of Article 6(1)(a) GDPR. Google LLC, based in the United States, is certified under the U.S. European Privacy Shield Agreement, which ensures compliance with EU privacy standards. For more information about Google Web Fonts, click the following link: https://developers.google.com/fonts/faq and the Google Privacy Policy: https://www.google.com/policies/privacy/

 

5. YouTube (Videos)

We have integrated components from YouTube on this website. YouTube is an Internet video portal that allows video publishers to post video clips and other users to view, rate and comment on them free of charge. YouTube allows the publication of all types of videos, which is why complete film and television programmes as well as music videos, trailers or videos made by users themselves can be accessed via the Internet portal.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Each time you access one of the individual pages of this website, which is operated by us and on which a YouTube component (YouTube video) has been integrated, the Internet browser on your IT system is automatically prompted by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. More information about YouTube can be found at the following link: https://www.youtube.com/intl/en-GB/yt/about/ can be downloaded. As part of this technical process, YouTube and Google receive information about which specific subpage of our website is visited by you.

If the person concerned is logged in to YouTube at the same time, YouTube recognizes which specific subpage of our website you are visiting by calling up a subpage containing a YouTube video. This information is collected by YouTube and Google and assigned to your YouTube account.

YouTube and Google receive information through the YouTube component that you have visited our website whenever you are logged into YouTube at the same time as you visit our website, regardless of whether you click on a YouTube video or not. If you do not want this information to be transmitted to YouTube and Google in this way, you can prevent it from being transmitted by logging out of your YouTube account before accessing our website.

You have given your consent to this via our opt-in cookie banner within the meaning of Article 6(1)(a) GDPR.

The privacy policy published by YouTube, which can be found at the following link:  https://www.google.de/intl/en_us/policies/privacy/ provide information about the collection, processing and use of personal data by YouTube and Google.

 

Section X. – Statutory or Contractual Provisions

1.    Provision of Personal Data

We inform you that the provision of personal data can partly be required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner).

 

2.    Consequences of Failure to Provide Personal Data

A failure to provide personal data can mean that a contract cannot be concluded with you. Before providing any data, you are welcome to contact our data protection officer if you have any questions. They will inform you whether the provision of personal data is legally or contractually determined and whether it is absolutely necessary for the conclusion of the contract with you or whether there is an obligation to provide personal data and what the consequences of a failure to provide the personal data are.

 

3.    Obligation to Provide Data

Sometimes you may be required to supply us with your personal data in order to conclude a contract, which must be processed by us as a result. For example, you are required to provide us with your personal data if our company wishes to enter into a contract with you.

 

4.    Objection to Spam E-Mails

We hereby expressly object to the use of contact details for the purpose of sending unsolicited marketing and information material, which must be published within the scope of the imprint obligation. We expressly reserve the right to take legal action in the event of the unsolicited sending of marketing information, such as spam e-mails.

 

5.    Links to Third Parties

If you use external links which appear on our website, then this data protection statement does not extend to these links. In so far as external links appear, we assure you that no breaches of the applicable data protection laws on the linked websites were identified at the time that the link was included. However, we have no influence on the compliance and implementation of the legal data protection regulations by other providers. Please visit the website of the respective provider to read its data protection policy and for details of its contact for data protection.

 

6.    Responsibility for Contents

Under Section 7(1) of the German Telemedia Act [Telemediengesetz] (TMG), as a service provider we are responsible for our own content on this website in accordance with general legislation. According to Sections 8 to 10 to the TMG, as the operator of this website, we are not obliged to monitor information transmitted or stored on this site by third parties or to monitor the site for signs of illegal activity. Obligations to remove or block the use of information under general legislation remain unaffected.

The free and freely accessible contents of this website were produced with the utmost care. We however expressly point out that we accept no liability or other responsibility for the accuracy, timeliness or completeness of the content provided in this data protection statement. The contents do not serve as legal advice on which you can rely when complying with the legal regulations on data protection – in particular the GDPR – nor can this replace individual legal advice.

 

7.    Liability

Liability claims against ASC Armored Specialty Cars GmbH which refer to damages of a material or intangible or immaterial nature caused by applying the content presented in this data protection statement or using potentially incorrect and incomplete or misleading content are excluded, provided that on the part of ASC Armored Specialty Cars GmbH no demonstrably intentional or grossly negligent fault exists.

 

8.    Legal Effect and Choice of Jurisdiction

Insofar as sections or individual terms in this data protection statement are not, or are no longer or not fully, applicable to the legal situation in question, the content and validity of the remaining parts of the document remains unaffected. German law applies. For consumers, this choice of law applies only insofar as the protection provided is not revoked by mandatory provisions of the laws of the state in which the consumer has their habitual residence (favourability principle).

 

9.    Other Provisions

Changes to the law or to our internal processes may required this data protection statement to be modified. In the event of such a change, we will inform you of this, insofar as possible, six weeks before the changes enter into force. You should read this policy every now and then to stay up to date on how we protect your data and continuously improve our website’s content. If we make material changes to the collection, use and/or disclosure of your personal data that you make available to us, we will advise you in a clear and prominent notification on the website.

You generally have a right of withdrawal with respect to the consent you have granted. Please note that unless you exercise your right of withdrawal), the current version of the privacy policy applies.

In the course of the development of legal provisions, ASC Armored Specialty Cars GmbH expressly reserves the right to amend parts of the statement or the statement in its entirety without separate announcement, to supplement it, to delete it or to cease publication temporarily or permanently. In addition, due to our lack of intention to be legally bound, no contractual relationship between us and you as the user of this content is created by obtaining this freely accessible content. For questions and suggestions on the topic of data protection at ASC Armored Specialty Cars GmbH, please contact: privacy@ddsb.de

We will update this data protection statement when needed, based on the current circumstances, such as changes to legal requirements. The version published here applies.

This data protection statement was created by DDSB GmbH.

Last updated 01/2019