Thank you for your interest in our company – we appreciate that you have come to our website!
Visitors to the website of SimulationsDienstleistungsZentrum GmbH are free to browse and view all of its pages without providing any personal data. Only if a data subject (within the meaning set out in the definition section below) wishes to make use of a particular service of SimulationsDienstleistungsZentrum GmbH through our website may provision and processing of certain personal data relating to him or her become necessary. If the processing of personal data is necessary, but lacks a legal/statutory basis (within the meaning of Section 17. of our Pricacy Policy / Data Protection Statement), we will always seek the data subject’s consent prior to engaging in any such processing activities.
We will process all personal data confided to us (such as the name, address, email address or telephone number of a data subject) in strict accordance with the provisions of the General Data Protection Regulation (GDPR) and consistent with the applicable national data protection legislation by which SimulationsDienstleistungsZentrum GmbH is required to abide.
With this in mind, SimulationsDienstleistungsZentrum GmbH, in its capacity as a person/entity responsible for data processing (referred to, in brief, as the “data controller” within the meaning set out in the definition provided below), has implemented numerous technical and organisational measures to ensure that the personal data processed via this website are always protected to the greatest extent feasible. Despite these state-of-the-art precautions, however, Internet-based data transmission may present security loopholes so that ultimate vulnerability protection cannot be guaranteed. Therefore, every data subject is at liberty to transmit their personal data to us through alternative means and channels (for instance, by telephone).
a) Personal data
“Personal data” means any information relating to an identified or identifiable natural person (referred to as the “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
“Data subject” means any identified or identifiable natural person whose personal data are processed by the data controller (within the meaning set out in the definition provided below).
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
“Restriction of processing” means the marking of stored personal data with the aim of limiting their processing in the future.
“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
“Pseudonymisation” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
g) Data controller or person/entity responsible for data processing
“Data controller” (often briefly referred to as a “controller”) or “person/entity responsible for data processing” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the data controller or the specific criteria for a data controller’s nomination may be provided for by Union or Member State law.
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the data controller.
“Recipient” means a natural or legal person, public authority, agency or other body to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law are not regarded as recipients.
j) Third party
“Third party” means a natural or legal person, public authority, agency or body other than the data subject, a data controller, processor and persons who, under the direct authority of the data controller or processor, are authorised to process personal data.
“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s will by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2. Name and address of the person/entity responsible for data processing (data controller)
Within the meaning and for the purposes of the General Data Protection Regulation, other privacy legislation applicable in the Member States of the European Union, as well as other rules and regulations related to privacy, the data controller is:
Tel.: +49 231 975050 0
By employing cookies, SimulationsDienstleistungsZentrum GmbH can provide visitors to this website with more user-friendly services than would otherwise be possible.
By selecting the appropriate settings on their web browser, data subjects can, at any time, permanently object to cookies being set by our website. Cookies that have already been set can also be deleted at any time through a web browser or via other software programmes. This function is available in all common web browsers. If a data subject disables the setting of cookies in the web browser used, some features of our website may not be fully available to him or her.
4. Collection of general data and information
Each time a data subject or an automated system accesses the website of SimulationsDienstleistungsZentrum GmbH, the site will collect a range of general data and information. This general data and information will be saved in the server’s log files.
The general data and information that may be collected include: (1) the browser type and version used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrer), (4) the sub-websites (pages) that are accessed via an accessing system on our website, (5) the date and time of access to our website, (6) an Internet Protocol address (IP address), (7) the Internet service providers of the accessing system, and (8) other similar data and information serving to avert danger in the event of an attack on our information technology systems.
SimulationsDienstleistungsZentrum GmbH will never use the general data and information specified above for the purpose of identifying data subjects. Rather, these details are solely required to (1) deliver the content of our website correctly, (2) optimise the content and advertisement for our website, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information they may require to conduct criminal prosecution in the event of a cyberattack.
Therefore, SimulationsDienstleistungsZentrum GmbH will analyse this anonymously collected data and information solely for strictly statistical purposes and for the purpose of enhancing data protection and security in our organisation so as to ensure an optimum level of protection for the personal data we need to process. The anonymous data contained in the server log files will, of course, always be stored separately from all personal data provided by a data subject.
5. Website contact option
The website of SimulationsDienstleistungsZentrum GmbH contains statutorily required information that enables fast electronic contact with our company and direct communication with us. These details include a general address for so-called electronic mail (i.e. an email address). If a data subject contacts the person/entity responsible for data processing (data controller) by email or via a contact form, the personal data transmitted by the data subject will be automatically stored.
Any such personal data which a data subject, by an act of his or her own free will, transmits to the person/entity resonsible for data processing (data controller) will be stored for the purpose of processing the data subject’s inquiry/request or other communication and/or for contacting (i.e. replying to) the data subject. This personal data will not be not passed on to third parties.
6. Routine erasure (irretrievable deletion) and blocking of personal data
The person/entity responsible for data processing (data controller) will process and store the data subject’s personal data only for the period of time required to meet the purpose for which the data was intended to be stored, or for the retention period provided for by the European legislator of directives and regulations or by other legislators in laws or regulations to which the data controller is subject, as the case may be.
If the storage purpose ceases to apply or if a storage/retention period prescribed by the European legislator of directives and regulations or by another competent legislator expires, the personal data will be routinely blocked or erased in accordance with the statutory requirements.
7. Rights of the data subject
a) Right to obtain confirmation
Under the provisions enacted by the European legislator of directives and regulations, any data subject has the right to obtain from the person/entity responsible for data processing (data controller) a confirmation as to whether or not data relating to him or her are being processed. If a data subject wishes to exercise this confirmation right, he or she may contact an employee of the data controller at any time.
b) Right to obtain information/Right of access
Under the provisions enacted by the European legislator of directives and regulations, any data subject has the right to obtain, at any time and free of charge, information from the person/entity responsible for data processing (data controller) about the personal data stored in relation to him/her and to request a copy of that information. Furthermore, the European legislator of directives and regulations has granted the data subject access to the following information:
• the purpose(s) of the processing
• the categories of personal data concerned by the processing
• the recipients or categories of recipient to whom the personal data have been or will be disclosed, including, but not limited to, recipients in third countries or international organisations
• where possible, the envisaged period for which the personal data will be stored, or, where this is not possible, the criteria used to determine that period
• the existence of the right to request from the data controller either rectification or erasure of personal data relating to the data subject, or restriction of processing of his/her personal data, or to altogether object to such processing
• the right to lodge a complaint with a supervisory authority
• where the personal data are not collected from the data subject, any available information as to their source
• the existence of an automated decision-making process, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of any such processing for the data subject
Furthermore, the data subject has a right to obtain information as to whether or not his/her personal data have been transferred to a third country or to an international organisation. Where this is the case, the data subject has the right to be informed of the appropriate safeguards relating to the transfer.
If a data subject wishes to exercise this right of access/information, he or she may contact an employee of the data controller at any time.
c) Right to rectification
Under the provisions enacted by the European legislator of directives and regulations, any data subject has the right to obtain from the data controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purpose(s) of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
If a data subject wishes to exercise this right to rectification, he or she may contact an employee of the data controller at any time.
d) Right to erasure (right to be forgotten)
Under the provisions enacted by the European legislator of directives and regulations, any data subject has the right to obtain from the data controller the erasure of personal data concerning him or her without undue delay where one of the following grounds applies and provided that processing is not legitimately required:
• The personal data are no longer necessary in relation to the purpose(s) for which they were collected or otherwise processed.
• The data subject withdraws his/her consent on which the processing is based according to Art. 6 (1) (a) GDPR, or Art. 9 (2) (a) GDPR, and where there is no other legal ground for the processing.
• The data subject objects to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21 (1) GDPR.
• The personal data have been unlawfully processed.
• The personal data have to be erased for compliance with a legal obligation under Union or Member State law to which the data controller is subject.
• The personal data have been collected in relation to the offer of information society services referred to in Art. 8 (1) GDPR.
Where any of the above-mentioned grounds apply and a data subject wishes to obtain erasure of his or her personal data stored at SimulationsDienstleistungsZentrum GmbH, he or she may contact an employee of the data controller at any time. The employee of SimulationsDienstleistungsZentrum GmbH will arrange for the request for erasure to be accommodated without undue delay.
Where SimulationsDienstleistungsZentrum GmbH has made the personal data public and is obliged, in its capacity as a data controller pursuant to Art 17 (1) GDPR, to erase the personal data, SimulationsDienstleistungsZentrum GmbH, taking account of the available technology and the cost of implementation, will take reasonable steps, including technical measures, to inform other a data controllers processing the personal data that the data subject has requested erasure by such a data controllers of any links to, or copy or replication of, those personal data, unless the processing is legitimately required. The SimulationsDienstleistungsZentrum GmbH employee will arrange the necessary measures on a case-by-case basis.
e) Right to restriction of processing
Under the provisions enacted by the European legislator of directives and regulations, any data subject has the right to obtain from the data controller restriction of processing where one of the following applies:
• The accuracy of the personal data is contested by the data subject – in this case, restriction will apply for a period enabling the data controller to verify the accuracy of the personal data.
• The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.
• The data controller no longer needs the personal data for the purpose(s) of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
• The data subject has objected to processing pursuant to Art. 21 (1) GDPR pending the verification whether the legitimate grounds of the data controller override those of the data subject.
Where any of the above-mentioned grounds apply and a data subject wishes to obtain restriction of processing of his or her personal data stored at SimulationsDienstleistungsZentrum GmbH, he or she may contact an employee of the data controller at any time. The employee of SimulationsDienstleistungsZentrum GmbH will arrange for the processing to be restricted.
f) Right to data portability
Under the provisions enacted by the European legislator of directives and regulations, any data subject has the right to receive the personal data concerning him or her, and which he or she has provided to a data controller, in a structured, commonly used and machine-readable format. The data subject also has the right to transmit those data to another controller without hindrance from the data controller to which the personal data have been provided,
subject to the proviso that the processing is based either on consent given pursuant to Art. 6 (1) GDPR or Art. 9 (1) GDPR, or on a contract pursuant to Art. 6 (1) GDPR, and provided that the processing is carried out by automated means. That right does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller.
Furthermore, in exercising his or her right to data portability pursuant to Art. 20(1) GDPR, the data subject has the right to have personal data transmitted directly from one controller to another, where technically feasible and provided that the rights and freedoms of other persons are not adversely affected thereby.
The data subject may contact an employee of SimulationsDienstleistungsZentrum GmbH at any time to exercise his or her right to data portability.
g) Right to object
Under the provisions enacted by the European legislator of directives and regulations, any data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her if the processing is based on Art. 6 (1) (e) or (f) GDPR. This also applies to profiling procedures based on these provisions.
In the event of an objection, SimulationsDienstleistungsZentrum GmbH will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject concerned or unless the purpose of the processing is to assert, exercise or defend against legal claims.
Where SimulationsDienstleistungsZentrum GmbH processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of his/her personal data for any such such marketing purposes. The same right exists in respect of profiling procedures, to the extent that the profiling is related to such direct marketing. Where the data subject objects to the processing for direct marketing purposes by SimulationsDienstleistungsZentrum GmbH, then SimulationsDienstleistungsZentrum GmbH will no longer process the personal data for any such purposes.
In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to the processing of his/her personal data for scientific or historical research purposes or for statistical purposes in accordance with Art. 89(1) GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
In order to exercise his or her right to objection, the data subject may directly contact any SimulationsDienstleistungsZentrum GmbH employee. In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, the data subject may also exercise his or her right to object by automated means that use technical specifications.
h) Automated individual (case-by-case) decision-making, including profiling
Under the provisions enacted by the European legislator of directives and regulations, any data subject has the right not to be subject to decisions solely based on automated processing, including profiling procedures, that produce legal effects for him or her or significantly affects him or her adversely in a similar way.
However, this right does not apply if the decision (1) is necessary for entering into or performing a contract between the data subject and the data controller, or (2) is authorised by Union or Member State law to which the data controller is subject and which also lays down suitable measures to safeguard the data subject’s rights, freedoms and legitimate interests, or (3) is based on the data subject’s explicit prior consent.
If the decision (1) is necessary for entering into or performing a contract between the data subject and the data controller, or if it (2) is based on the data subject’s explicit prior consent, SimulationsDienstleistungsZentrum GmbH will implement suitable measures to safeguard the data subject’s rights,freedoms and legitimate interests, at least the right to obtain human intervention on the part of the data controller, to express his or her point of view and to contest the decision.
If the data subject wishes to assert rights relating to automated decision-making, he or she may contact an employee of the data controller at any time.
i) Right to withdraw consent given under privacy law
Under the provisions enacted by the European legislator of directives and regulations, any data subject has the right to withdraw, at any time, his or her prior consent given to the processing of his or her personal data.
If the data subject wishes to exercise his or her right to withdraw his or her consent, he or she may contact an employee of the data controller at any time.
8. Data protection for job applications and recruitment procedures
The data controller collects and processes the personal data of applicants for the purpose of administering the recruitment procedure. Processing may also be carried out electronically, particularly in cases where an applicant sends his or her application documents to the data controller by electronic means, for example by email or via a web form provided on the website.
If the data controller concludes an employment contract with an applicant, the data transmitted will be stored for the purpose of administering the employment relationship in compliance with the applicable statutory provisions.
If the data controller does not conclude an employment contract with the applicant, the application documents will be automatically erased two months from the date on which the applicant was notified of the decision of refusal. The data will not be retained beyond this period unless erasure would be contrary to other legitimate interests of the data controller. Other legitimate interests in this sense include, for example, the requirement to retain data in the context of a burden of proof employed in proceedings under the General Equal Treatment Act (“AGG” / “Allgemeines Gleichbehandlungsgesetz”).
We use Google Analytics, a web analysis service offered by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, i.e. text files that serve to analyse the use visitors make of our web pages and online services. The information generated by the cookie about the visitors’ use of these pages will be transmitted to and stored by Google on servers in the United States.
We use Google Analytics with the extension “_anonymizeIp()”, meaning that IP addresses are truncated (shortened) and then further processed on servers located in Europe before they are transmitted to Google; this prevents IP addresses from being associated with any particular individual. Google uses this information for the purpose of evaluating visits to our website, for compiling reports on website activity for us and for providing other services relating to website activity and Internet usage. Google may also forward this information to third parties if it is required to do so by law or if third parties process these data on Google’s behalf.
Under no circumstances will Google associate a visitor’s IP address transmitted by his or her browser with any other data held by Google.
You can prevent cookies from being stored on your computer by configuring your browser software accordingly. However, please be aware that if you do so you may not be able to fully benefit from all features of this website.You can object to the collection and storage of your data for Google Analytics at any time with future effect (“ex nunc”) by applying Google’s Browser Plug-in. You can prevent data collection by Google Analytics by clicking on the link below. An opt-out cookie will be set to prevent collection of your data on future visits to this site: Disable Google Analytics.
Google Analytics is used in accordance with the requirements agreed upon between the German data protection authorities and Google.
The third-party provider is: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. For more information about this third-party provider, please refer to:
We also use the Remarketing technology provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). This Google feature is designed to present to website visitors interest-based advertisements broadcast via Google’s advertising network. The website visitor’s browser stores so-called “cookies” on the computer, i.e. text files enabling the visitor to be recognised when he or she accesses websites that belong to Google’s advertising network. On these websites, the visitor may be presented with ads that specifically relate to content that he or she previously viewed on websites using Google’s remarketing feature. Google states that it does not collect any personal data during this process.
Please note that since 15 May 2017, Google has enhanced all remarketing campaigns to take advantage of a so-called cross-device functionality. For users having set up their own Google Account to be able to use different Google services (Google Search, Gmail, YouTube, Chrome, Google Maps, PlayStore, Google Drive etc.), this means that Google will now merge the data of each Google Account user at both cross-service and cross-device level. However, users can disable this feature in their Google Account settings (myaccount.google.com).
We use the online advertising programme “Google AdWords” and the conversion tracking function of Google AdWords. Google conversion tracking is an analysis service tool provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). If you click on an advertisement placed by Google, a conversion tracking cookie will be placed on your computer. These conversion cookies expire after 30 days, they do not contain any personal data and, therefore, cannot be used for personal identification of the user.
If you are routed to a page of our website via an advertisement placed by Google and the temporary conversion tracking cookie has not yet expired, Google and we will be able to recognise that you clicked on the ad and were routed to that page. Each Google AdWords customer is assigned a different cookie, so it will not be possible for other AdWords customers to track our cookies (and vice versa).
The information collected by the conversion cookie is used to compile conversion statistics for AdWords customers having opted for this feature. Each of these customers can see the total number of users who clicked on their ad and were routed to a page containing a conversion tracking tag. However, they will not receive information that would allow them to identify users personally.
The provider uses the “Remarketing” or “Similar Target Group” feature offered by Google Inc. (“Google”). This technology enables the provider to address visitors to the website with targeted promotional information by displaying personalised, interest-based ads when they visit other websites in the Google Display Network. In order to analyse website usage, based on which the interest-related advertisements are displayed, Google uses so-called cookies (i.e. small files with a numerical code), and stores them in the website visitor’s browser. This numerical code serves to record visits to the website and to collect anonymous data about its use. No personal data relating to website visitors are stored. If, after visiting our website, you access another website in the Google Display Network, you will see advertisements that are likely to relate to the product and information categories you previously viewed.
We use Google Fonts on our web pages. Google Fonts is a service operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
While the pages of our website are loading, fonts (i.e. type faces) will be downloaded from Google’s servers. In this process, the visitor’s IP address is transmitted to Google’s servers. Also, Google is made aware of which page you are visiting.
This website uses Google Maps API technology to visualise geographic information. In the use of Google Maps, Google collects, processes and uses data relating to the use of map features by visitors. For more information about Google’s data processing procedure, please refer to Google’s Privacy Notices. If you wish, you can also change your personal privacy settings in Google’s privacy centre (“Privacy Center”), which is available on Google’s Privacy page.
More detailed instructions on how to manage your own data relating to Google products can be found here.
The data controller has integrated components of Twitter on this website. Twitter is a multilingual, publicly accessible microblogging service through which users may publish and spread so-called “tweets”, i.e. short messages limited to 280 characters. These short messages are available to everyone, including to those who are not registered with Twitter. The tweets are also displayed to the so-called followers of the respective twitterer. Followers are other Twitter users who follow a twitterer’s tweets. Twitter allows to address a wide audience via hashtags, links or retweets.
The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
Each time a data subject accesses one of the pages of this website, which is operated by the data controller and on which a Twitter component (Twitter button) has been integrated, the Internet browser on the individual’s IT system is automatically prompted by the respective Twitter component to download a representation of the corresponding Twitter component from Twitter. Further information on Twitter buttons can be found here: Information. As part of this technical process, Twitter is informed about which specific page of our website is being visited by the data subject. The purpose of integrating the Twitter component is to enable our users to share the content of this website, to make this website known in the digital world and to increase the amount of traffic, i.e. the number of visitors to our website.
If and long as the data subject is logged in to Twitter while visiting our website, Twitter will recognise which specific page of our website the data subject accesses with each visit to our website and for the entire duration of the respective stay on our website. This information will be collected by the Twitter component and assigned by Twitter to the Twitter account associated with the respective data subject. If the data subject clicks a Twitter button integrated on our website, Twitter will assign this information to his or her personal Twitter user account and will store and process this personal data.
Twitter receives information via the Twitter component that the data subject has visited our website whenever the data subject is logged in to Twitter while accessing our website; this information will be transmitted regardless of whether or not the data subject clicks on the Twitter component. If the data subject does not want this information to be transmitted to Twitter, he or she can prevent transmission of the data by logging out of their Twitter account before accessing our website.
To protect our website from attacks and malicious bots as well as to boost website performance, we use services provided by our technology partner CloudFlare Inc., 101 Townsend St, San Francisco, CA 94107 USA. All data transmitted to and from this server are routed through Cloudflare’s CDN (“Content Delivery Network”).
In order to be able to effectively detect and block attacks, Cloudflare temporarily stores access data that will usually be deleted within 4 hours, but no later than after 3 days. Cloudflare operates under the EU-U.S. Privacy Shield Agreement. For more information, please visit the following links:
EU-US Privacy Shield
Cloudflare Privacy & Security Policy
17. Legal/statutory basis for the processing
Art. 6 (1) (a) GDPR provides our legal basis for processing operations that require consent to be obtained for a specific processing purpose. If the processing of personal data is required for the performance of a contract to which the data subject is a party, as is the case, for example, when processing operations are necessary for the supply of goods or provision of other services or consideration, the processing is based on Art. 6 (1) (b) GDPR.
The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in the case of inquiries about our services and products. If our company is subject to a legal obligation requiring the processing of personal data, such as for the fulfilment of tax obligations, the processing is based on Art. 6 (1) (c) GDPR.
In rare cases, the processing of personal data may be required to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured in our company and his or her name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. In this case, the processing would be based on Art. 6 (1) (d) GDPR.
Finally, processing operations may be based on Art. 6 (1) (f) GDPR. This legal basis is used for processing operations that are not covered by any of the above-mentioned legal grounds if the processing is necessary to safeguard a legitimate interest of our company or a third party, except where such interests are overridden by the interests, basic rights and fundamental freedoms of the data subject. We are particularly entitled to perform said processing operations because they have been specifically mentioned by the European legislator, who took the view that a legitimate interest could be presumed in cases where the person concerned is a customer of the data controller (cf. Recital 47 Sentence 2 GDPR)).
18. Legitimate interests in the processing pursued by the data controller or a third party
Where the processing of personal data is based on Article 6 (1) (f) GDPR, our legitimate interest lies in the conduct of our business for the benefit and wellbeing of all our employees and shareholders.
19. Duration for which the personal data is stored
The criterion used to determine the period of storage of personal data is the applicable statutory retention period. After expiration of this period, the data concerned are routinely deleted, unless their retention is required for contract fulfilment or initiation.
20. Provision of personal data under statutory or contractual requirements; Personal data required to enter into a contract; Obligation of the data subject to provide the personal data; Possible consequences of failure to provide such data
Please note that the provision of personal data may be required by law (e.g. tax regulations) or can also result from contractual provisions (e.g. information on the contractual partner). Sometimes, it may be necessary for a contract to be concluded that the data subject provides us with personal data which must subsequently be processed by us. The data subject is, for example, obliged to provide us with personal data if our company signs a contract with him or her. Failure to provide the personal data would result in non-conclusion of the contract. Before providing personal data, the data subject must contact one of our employees. This employee will inform the data subject on a case-by-case basis whether the provision of personal data is required by law or contract or required for the conclusion of the contract, whether there is an obligation to provide the personal data and what consequences the failure to provide the personal data would have.
21. Existence of automated decision-making practices
As a responsible company, we do not employ automatic decision-making or profiling practices.
22. Encrypted data transmission
All data entered by you on our webpages are transmitted to us in encrypted form so that they are protected from being viewed by third parties. We only use state-of-the-art encryption technology.
Nevertheless, please refrain from sending us medical data relating to persons (including you) or other sensitive information via our website.
We offer you the widest possible privacy that can currently be achieved with “normal means” on the Internet: our website consistently enforces an encrypted transmission of all content; you can recognise this by the green lock in or next to the address bar. This allows third parties to still see which pages you are visiting, but content cannot be read.
23. SSL encryption
This site uses SSL encryption for security reasons and in order to protect the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognise an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.
If SSL encryption is activated, the data you transfer to us cannot be read by third parties.
24. AR App provided by SIMULATIONSDIENSTLEISTUNGSZENTRUM GMBH
By installing and using the AR app offered by SIMULATIONSDIENSTLEISTUNGSZENTRUM GMBH via Google Play Store, you agree to the processing of camera data via your mobile phone. The data sent to us for implementing the functions will not be stored as personalised data, nor will they be processed or disclosed to third parties.