Contact details of the Group Data Privacy Officers
Group Data Privacy Officer
“Personal data” is any information that can identify or make an individual identifiable. This includes, for example, your first and last name, title, company, postal address, email address, telephone number, mobile number, username and password, and any information you may provide in free text fields or in other messages you send to us.
Processing of Personal Data
When you download software that we offer, we may also collect information required for authentication purposes. When you register for a congress or an event, we will collect information required for your admittance to and organization of such events. Furthermore, your browser transmits your IP address automatically when you are visiting our Website. We will use your personal data only to the extent necessary for the purpose for which it was collected and will retain it for these purposes or as required by applicable law and then delete it. As far as possible, we will attempt to use only anonymous information or pseudonyms if the use of personal data is not required. Any personal data collected may be stored in a data filling system for which G+D is the data controller.
Data Transfer to Third Parties
Your personal data is not shared with any third parties unless you have consented to such transfer or this is permitted by applicable law, for example, where this is required for the performance of a contract with you. In case of an inquiry by you which relates to subsidiaries of the G+D Group (“Group Companies”) residing in other countries, this inquiry along with the information required to respond to you will be forwarded to the relevant Group Company. Such Group Companies may be located outside your country of residence, including countries outside the European Union (“EU”) or European Economic Area (“EEA”). You can view a list of the Group Companies at the end of this page.
In addition, we may use service providers located in countries outside the EU or EEA, who act as data processors on our behalf. Please note that G+D has taken appropriate measures with all its Group Companies in order to secure an adequate level of data protection in line with the applicable requirements. In particular, the transfer of personal data among group companies is subject to binding data protection regulations pursuant to Article 47 GDPR (Binding Corporate Rules). Further information on this can be found here.
(Re)Marketing Services by Google
(Re)Marketing services (“marketing services”) is a service provided by Google. Marketing services allow us to display more targeted advertising to potentially interested parties. When users are shown advertisements for products in which they have already shown interest, this is referred to as remarketing. This is made possible through the use of (re)marketing tags when you access our website, and other websites on which marketing services are active. These tags create cookies, if you have given us your consent, which are text files that are stored on your end device and which allow your use of the website to be analyzed.
Your data will be processed in connection with marketing services in pseudonymized form. From the perspective of Google, advertisements are therefore not delivered to a specific person, but rather to specific – anonymized – cookie-holders. This is not the case if you, as a user, agree anything to the contrary and have given Google your consent accordingly. Otherwise, all data will be transmitted to Google’s servers in the USA in an anonymized form and manner, and stored there.
- For more information on how your data are used by Google for marketing purposes, please visit: https://www.google.com/policies/technologies/ads
- If you wish to opt out of internet-based advertising via Google marketing services, you can use the setting and opt-out options provided by Google at: http://www.google.com/ads/preferences.
Google Maps is a Google service that allows enables us to display interactive maps on our website. The legal basis for using Google Maps is point (f) of Article 6(1) GDPR. We use Google Maps to allow enable visitors to find our companies easily, including any locations mentioned on our website (e.g., for events, trade shows, etc.). This constitutes our legitimate interest in accordance with point (f) of Article 6(1) GDPR.
If you are also logged in to your Google user account at the same time as visiting our website, these data will be associated with your Google account. If you do not wish this to take place, you have tomust log out of your Google user account before visiting the subpages in question. Google may use the data for marketing, market research, and personalized advertising.
- For more information, please see the short text below: https://policies.google.com/technologies/partner-sites
- Your use of the Google Maps function is subject to the Google Terms of Service, for more information see: https://maps.google.com/help/terms_maps.html
- Google also processes your personal data in the US and is subject to the EU-US Privacy Shield Framework: https://www.privacyshield.gov/EU-US-Framework
LinkedIn Insight Tag
You can prevent the collection of your data via the LinkedIn tag by clicking the link below. This will allow you to install an opt-out cookie which prevents your data from being collected when you visit this website in the future. [Install opt-out cookie].
G+D recognises the need to adequately protect the privacy of children and/or users who are under the age of 18 (“minors”). Our website is not intended for minors. G+D does not target its website to minors and does not knowingly collect personal data from minors without parental or guardian consent.
G+D uses technical and organizational security measures, in particular access, availability and input controls including encryption methods and means of protection of media utilizing personal data, as well as the assignment of qualified personnel which is responsible for the security of personal data, to ensure that the personal data you provide cannot be undermined by unauthorised, accidental or deliberate manipulation, damage, loss, deletion, or unauthorized access, processing or disclosure. Our security measures are continually upgraded and adjusted in line with the current state of knowledge. Due to the nature of the Internet, a transmission of information may be not always be completely secure. Hence, we cannot ensure the security of your personal data during a transfer over the internet to our website. Once we have received your personal data, however, we will use the appropriate technical and organizational measures to protect your personal data.
Links to other websites
If you wish, you may follow us on Facebook and other third-party social media platforms (e.g. LinkedIn, Twitter). Should you choose to do so, we will process the respective personal data you provide us with, or which the respective platform operator provides us with in relation to you. Pursuant to Article 26 GDPR, we and the platform operator are joint controllers with regard to these personal data. You can control your own privacy settings within the framework of the social media platform.
Our processing of your personal data in connection with our social media content is based on our legitimate interests in accordance with Article 6(1) point f of the GDPR. For technical reasons, we need to process certain personal data in order to provide our social media content (e.g. IP address; personal data you have provided to the respective platform operator or to us).
We use service providers to provide our social media content. The data transmitted to us in connection with our social media content are also automatically transmitted to the respective social media platform operator.
Contact Possibility, Data Protection Rights
Irrespective of this, you are entitled to the following rights in accordance with the applicable data protection law and if the legal requirements are met:
- Right of access to your personal data stored by us (Article 15 GDPR);
- Right to rectification of inaccurate or incomplete personal data concerning you stored by us (Article 16 GDPR);
- Right to erasure of your personal data stored by us, e.g. if there is no longer a legitimate business purpose for processing in accordance with applicable law and statutory storage obligations do not require further storage (Article 17 GDPR);
- Right to restriction of processing if the accuracy of the personal data is contested by you or the processing is unlawful (Article 18 GDPR);
- Right to data portability, i.e. the right to receive the personal data concerning you, which you have provided us with in a structured, commonly used and machine-readable format (Article 20 GDPR);
- Right to withdraw granted consent (Article 7 GDPR);
- Right to object to the processing of your personal data insofar as such processing is carried out based on point (e) or (f) of Article 6(1) GDPR (Article 21 GDPR);
Right to lodge a complaint with a supervisory authority (Article 77 GDPR); a list of the data protection authorities in Germany can be found under the following link:
The supervisory authority responsible for G+D headquarters in Munich is the State Office for Data Protection Supervision in Bavaria (www.lda.bayern.de).
You can contact us at any time to enforce your privacy rights. In addition, we would like to inform you that G+D has implemented a whistleblowing tool (BKMS system) which is available 24/7 worldwide to enable all G+D employees and others to report potential compliance violations. The tool can be accessed via the following link: https://www.bkms-system.net/bkwebanon/report/clientInfo?cin=7gd4&language=eng
List of privacy contacts by country
Transparency Information in accordance with the GDPR
Summary of Giesecke+Devrient Group’s Binding Corporate Rules
Flyer Binding Corporate Rules (BCR)
Statement of Principles on Corporate Data Privacy
Last update: Version 1.5. vom 03. Dezember 2019
Effective date: May 22, 2018