Skip to main content
logo

27.06.2024GENERAL DATA PROTECTION INFORMATION OF JAT JENAER ANTRIEBSTECHNIK GMBH

JAT - Jenaer Antriebstechnik GmbH ("JAT", "we", "us/our") strives to protect and respect your privacy. With this privacy notice, we would like to inform you about the basis and purposes on which we process personal data that we collect from you or that you provide to us. We would also like to inform you about the data protection rights to which you are entitled, including your right to object to individual processing operations carried out by JAT.

Supplementary data protection notices apply to certain categories of data processing. You can find some of them linked below.

If necessary, we will also inform you about certain data processing at the appropriate points to the extent that it appears appropriate, e.g. Please contact us if you have any questions, comments or concerns about this Notice or our processing of your personal data, or if such data should change.


1 General Privacy Notice


1.1 Who is responsible for data processing and who can I contact?

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

Jenaer Antriebstechnik GmbH Buchaer Str. 1 07745 JenaPhone: +49 3641 63376-0 Fax: +49 3641 63376-99E-mail: info@jat-gmbh.de

You can reach our company data protection officer at the above contact details and by e-mail at datenschutz@jat-gmbh.de


1.2 What data do we collect?

We process the following types of personal data, among others:

  • Master data: name, address;
  • Contact details: such as telephone number, e-mail address, business relationship, interest, company affiliation; • Requests: such as offers, requests, expressions of interest, feedback;
  • Contact history: such as correspondence, contracts, services, orders, tickets, joint appointments;
  • Contact preferences: preferred contact medium, marketing messages received,
  • Competition data: for drawing and notifying the winners;
  • Financial and payment data: such as bank account number, billing address, payments received;
  • Customer data: e.g. correspondence, contracts, services, orders, joint appointments;
  • Device data: details of your devices with which you visit our website, such as the operating system used, browser type, language set, IP address;
  • Usage data for visiting our website, if applicable, access to content such as newsletters from which an accessing device reaches our website (so-called refere-rrer), the resources you access (individual websites), date and time of this access, IP address, the Internet service provider of the accessing device, search terms used. Please note the separate privacy policy for users of our website


1.3 For what purposes do we collect, use and store this personal data?

We collect, use and store your personal data:

1.3.1 if you have given us your consent (Art. 6 para. 1 lit. a GDPR)

  • to receive a newsletter or information and offers about JAT services and products that may be of interest to you, by post, telephone, messenger or e-mail.If you give your consent to receive direct marketing, we always offer you the opportunity to withdraw your consent or to contact us, e.g. directly in our newsletters.

1.3.2 if necessary, to comply with pre-contractual measures (Art. 6 para. 1 lit. b GDPR)

  • Processing of your enquiries and in this regard. Contact
  • to decide on the establishment of an employment relationship in the case of applications, In particular, we process the data that you have sent us in connection with your application in order to check your suitability for the position (or, if applicable, other open positions in our companies) and to carry out the application process.

1.3.3 if necessary, for the fulfilment of contractual obligations (Art. 6 para. 1 lit. b GDPR)

  • for example, for the execution of the contract, the invoicing and delivery of services or products
  • for the processing of competitions,
  • for example, to contact you for these purposes by post, telephone, e-mail, messenger service.

1.3.4 to the extent necessary to comply with a legal obligation (Art. 6 para. 1 lit. c GDPR)

  • to send confirmation links by e-mail;
  • to store the data collected for the execution of the contract until the expiry of the statutory retention periods.

1.3.5 insofar as the legitimate interests of JAT require it and no interests worthy of protection of data subjects prevail and you have not objected to the use (Art. 6 para. 1 lit. f GDPR)

  • to provide law enforcement authorities with the information necessary for criminal prosecution in the event of suspicion of a criminal offence;
  • for the purposes of maintaining, maintaining and improving our systems and services, controlling data protection and backing up data;
  • to respond to inquiries and complaints outside the performance of contractual obligations;
  • for internal administrative purposes;
  • photographing or filming events for the purposes of documentation and reporting and, if necessary, publishing the recordings on our website and social media channels;
  • detect, prevent, or otherwise combat fraud, security flaws, or technical issues;
  • to protect and safeguard our legitimate business interests, terms and conditions, and legal rights and obligations. This includes, but is not limited to, use in connection with compliance, regulatory, audit, and legal claims (including disclosure of such information in connection with legal proceedings or litigation), and other ethical and compliance reporting requirements;
  • to direct advertising .

In connection with the sale of a service to you or your company, we may process your postal contact details outside of the existence of a specific consent, in order to occasionally send you information about new JATs services in this way (direct marketing). Under the legal requirements of § 7 para. 3 UWG, we are also entitled to use the e-mail address that you provided when you placed your binding order for a service for direct advertising of our own, similar goods or services.

The JAT may also convert personal data into anonymous data and (usually on an aggregated statistical basis) for e.g. Market research and analysis, to improve the website, to analyze trends and to monitor the success of advertising campaigns. Aggregated personal data does not allow you to be identified or otherwise identified.


1.4 Who receives your data?

1.4.1 Transfers to companies that provide services to us as processors

Your personal data will be passed on to companies that provide services on behalf of JAT under instructions. These are companies in the categories of IT services (software providers, newsletter services, website hosters, IT support), archiving, document processing, compliance, data destruction, lettershop, marketing, recruiting, printing services, telecommunications, billing.

1.4.2 Transfers to third countries

When you communicate with us via email, it will be processed on cloud-based servers of our email service provider, Microsoft Corp. In this context, the processing of personal data in the so-called third country United States, i.e. outside the EEA, cannot be ruled out. In its decision of 10.07.2023, the EU Commission (within the framework of the so-called EU-US Data Privacy Framework) recognised the level of data protection for certain companies from the United States as adequate in accordance with Art. 45 GDPR. Microsoft Corp. has also been certified under the so-called EU-US Data Privacy Framework. With these service providers, we have also provided appropriate safeguards through standard contractual clauses issued by the EU Commission, which provide you with enforceable rights and effective remedies. We use the Standard Contractual Clauses with Module Two, which you  can find here.

1.4.3 Transfers to third parties

We will share your information with third parties if we are required by law to disclose your personal information or if we believe it is necessary to protect the rights, property, or safety of JAT, our customers, or third parties. Transfers to public authorities and/or law enforcement agencies are made to the extent required by law or where it is necessary to protect our legitimate interests in accordance with applicable laws. Transfers to potential or actual buyers will be made in the event that JAT sells any of its businesses or assets that contain personal information. We will inform you separately about these transfers to third parties in accordance with Articles 13 and 14 of the GDPR.

1.5 Is there an obligation for me to provide data?

As part of our business relationship, you must provide the personal data that is necessary for the initiation, execution and fulfilment of the associated contractual obligations or that we are legally obliged to collect. Without this data, we will usually have to refuse to conclude the contract or will no longer be able to perform an existing contract and may have to terminate it.1.6 How long do we store your data? JAT processes and stores personal data of data subjects only for as long as the purpose pursued requires it or is required by law. For example, retention periods under commercial and tax law may prevent deletion. The periods specified there for retention or documentation are up to ten years. If the purpose of storage ceases to apply or a legally prescribed storage period expires, the personal data will be routinely restricted or deleted in accordance with the statutory provisions, unless they are used as evidence.

 

2 What are your privacy rights?

Every person affected by our personal data processing has the right to information in accordance with Article 15 of the GDPR, the right to rectification in accordance with Article 16 of the GDPR, the right to erasure in accordance with Article 17 of the GDPR, the right to restriction of processing in accordance with Article 18 of the GDPR, the right to object in accordance with Article 21 of the GDPR and the right to data portability in accordance with Article 20 of the GDPR. The right to information and the right to erasure are subject to the restrictions under §§ 34 and 35 BDSG. In addition, you have the right to lodge a complaint with the supervisory authority for data protection, e.g. the data protection authority responsible for your place of residence, your place of work or the place of the data protection violation.If you have any questions about this data protection notice or would like to contact us for any other reason in relation to the processing of personal data, please contact us at: datenschutz@jat-gmbh.de

2.1 Information about your right to object in accordance with Article 21 GDPR

2.1.1 Case-by-case right of objection

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you that is carried out on the basis of Article 6 (1) (e) or (f) GDPR (data processing on the basis of a legal obligation or balancing of interests); this also applies, to the extent applicable, to profiling based on this provision within the meaning of Article 4 (4) GDPR. In individual cases, we also process your personal data in order to operate direct marketing. You also have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to the professional insofar as it is related to such direct advertising. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. In cases of direct marketing by e-mail, you can revoke your receipt at any time without incurring any costs other than the transmission costs according to the basic rates. A message in text form to the contact data of the JAT mentioned above (e.g. e-mail, fax, letter) is sufficient for this purpose.

2.1.2 Revocation of consents given

You can revoke any consent you have given to us at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent before the revocation.

2.1.3 Exercise, objection or revocation of consent given

The objection can be made in any form:

  • by clicking on unsubscribe at the bottom of an email message (newsletter);
  • by using our contact form ;
  • by written notification to the contact details specified in Section 1.
  • To opt-out of receiving emails or other promotional materials, you can also follow the instructions in the relevant communication.


3 Updates to this Privacy Notice

This privacy policy may be updated regularly. We will update the date at the top of this website accordingly and encourage you to check it for any changes.

4 Supplementary data protection notice for users of our JAT website (jat-gmbh.de) and the JAT information portal (jat-gmbh.info)

This data protection notice applies to users of the www.jat-gmbh.de website and the JAT Information Online Portal (jat-gmbh.info) and supplements the General Data Protection Notice of JAT - Jenaer Antriebstechnik GmbH.

4.1 What additional data is collected, processed and shared with your use of these websites?

4.1.1 Collection of usage and device data and processing in log files

On the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) in the elimination of malfunctions, the guarantee of system security and the detection and tracking of unauthorized access or access attempts, we collect data about every access to the server on which the website is located (so-called server log files). The access data includes the address of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.Log file information is stored for a maximum period of 90 days for security reasons (e.g. to investigate acts of abuse or fraud) and then deleted. Data whose further retention is necessary for evidentiary purposes is exempt from deletion until the respective incident has been finally clarified.

4.1.2 Use of cookies

Cookies are small files containing information that are transmitted from our web server to the web browsers of the users of this website and stored there for later retrieval. We only use "session cookies", which are only stored for the duration of the current visit to our online presence (e.g. to be able to recognize the storage of your login status). A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. In addition, a cookie contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our online offer and, for example, log out or close the browser.

4.1.3 How can I object to the use of cookies?

You can block or remove cookies through your internet browser (Firefox Help, Microsoft Internet Explorer Help, Google Chrome Help) or with the help of third-party software.

4.2 Customer Account

In order to provide customer-specific information, licenses, access and downloads, we offer customers access to a password-protected customer account. The creation of the customer account is voluntary and takes place on the basis of your consent within the meaning of Art. 6 (1) (a) GDPR. For this purpose, we process your e-mail address and provide a password of your choice. Together with your e-mail address, this will be used to access your customer account.Please treat your personal access data confidentially and, in particular, not make it accessible to any unauthorised third party. We cannot accept any liability for misused passwords, unless we are responsible for the misuse. Please note that you will automatically remain logged in even after you leave our website, unless you actively log out. You have the option of revoking your consent at any time with effect for the future, i.e. delete your account. Please note, however, that this does not mean the deletion of all customer data.

4.3 Data collection when using our newsletter

With your consent, we will send you our newsletter by e-mail and process the e-mail address you have provided. We use your name for personal address but also to create a personalized user profile.With a tracking pixel, a technology comparable to cookies, we also process data on your use of the newsletter on the basis of your consent (§ 25 para. 1 TTDSG, Art. 6 para. 1 lit. a GDPR) in our newsletter in order to be able to analyze acceptance (reach) and usage preferences (e.g. whether a newsletter has been opened and which links have been followed). This serves to improve our offer on our website and newsletters and to align them as closely as possible to target groups. Beyond the statistical evaluation, there is no further data processing of this usage data.

4.4 Data processing with the use of our contact form

If you send us enquiries via the contact form, the details and contact details you have left behind will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. As a matter of principle, we do not pass on this data without your consent. The processing of this data is carried out within the framework of the procedure referred to in No. 1.3.5 and legal basis. The data you enter in the contact form will be processed until you ask us to delete it and there are no legitimate interests to the contrary, or the purpose for storing the data no longer applies (e.g. after your request has been processed) or legal obligations provide for storage beyond this. If you have also given us your consent to receive our innovation mail, your contact details will also be processed for the purpose of sending the newsletter until further notice. The processing of this data is carried out within the framework of the procedure referred to in No. 1.3.1 – 1.3.5.If you contact us to order a free trade fair ticket from us, you have agreed to receive our newsletter in return. We process your contact data for the purpose of executing this order or provision and sending the newsletter for the duration of your newsletter subscription.

4.5 Data processing with the use of our contact form – bot review

In order to make it more difficult for automated programs and scripts (so-called "bots") to use our websites and to protect them from misuse, we use a bot detection system from the provider Friendly Captcha within the scope of our legitimate interest (§ 25 para. 2 no. 2 TTDSG, Art. 6 para. 1 lit. f GDPR). The visitor's browser receives a computational task from Friendly Captcha. The complexity of the computational task depends on various risk factors. Your device solves the calculation task, which requires certain system resources, transmits the calculation result to the service provider and receives an answer as to whether the puzzle has been solved correctly by the end device. In addition, the visitor's browser transmits connection data, environmental data, interaction data and functional data to the service provider in order to evaluate how likely it is that it is a human user or bot and transmits the result to our web server.

4.6 Links to third-party websites

Our website may contain links to third parties. JAT assumes no responsibility for the content of websites linked to this website. If you visit a third-party website, it is your responsibility to ensure that you read the privacy policy and terms applicable to that website.

5 supplementary data protection notice for users of our JAT fan page on Facebook.com (https://www.facebook.com/JAT/)

This data protection notice applies to users of the JAT fan page on Facebook.com www.face-book.com/JAT.drive and supplements the general data protection information of JAT.

5.1 Who is responsible for data processing and who can I contact?

The following responsible bodies are jointly responsible within the meaning of Art. 26 of the General Data Protection Regulation (GDPR).

Operator of the platform Facebook
Meta Platforms Ireland Ltd.4 Grand Canal SquareGrand Canal HarbourDublin 2 IrelandYou can contact the company data protection officer of Meta Platform Ireland Ltd. via this form.

The editorially responsible for this fan page on Facebook is
: JAT GmbH
, Buchaer Staße 1
, 07745 JenaTel: +49 3641 63376-0E-Mail info@jat-gmbh.de

You can reach our company data protection officer at the above contact details or by e-mail at datenschutz@jat-gmbh.de

5.2 What data do we process?

5.2.1 Data you provide to us in the event of general enquiries via the message form

In the case of messages sent to us, we process your Facebook username as well as any other information that you provide when using the message form on the fan page or that we take from your public profile. We process your request or contributions in order to process them and, if necessary, answer them. This includes, for example, information that you provide when you give us:

  • submit a request for a specific service;
  • Ask a question or give us feedback.

This processing is based on our legitimate interest in accordance with Art. 6 (1) (f) GDPR to be able to contact you in response to your enquiries or contributions, as well as to identify usage preferences (e.g. number of so-called followers, number of views of individual page areas, user statistics by age, geography and language) and to be able to improve and align the offer on our fan page as closely as possible to target groups. As well as to assert legal claims and defend in legal disputes, to assist authorities in the prosecution of criminal offences, to provide you with information about our services, offers or technical developments (direct marketing) that you as our customer request from us or that we believe may interest you, where permitted by law.

5.2.2 Statistical data that we evaluate

If you interact with our fan page or our content on Facebook, the operator of the Facebook platform collects usage data. We do not have direct access to this usage data, but we do have access to statistical information based on it.

  • Generate page statistics, including how many users we reached with which posts, how many responded to them and how our fan page is interacted with;
  • Understand the demographic characteristics of the target audience we reach;
  • Measure the effectiveness and distribution of our ads on Facebook.

This processing is based on our legitimate interest in accordance with Art. 6 (1) (f) GDPR to identify acceptance and usage preferences (e.g. number of so-called followers, number of views of individual page areas, user statistics by age, geography and language) and to be able to improve and align the offer on our fan page as closely as possible to the target group.

5.3 Data that Facebook collects when you visit this website

When you access our fan page, the operator of the Facebook platform as another controller collects various direct personal information about you and your device and processes it for various purposes, including Facebook's own purposes. Facebook Ireland Limited ("Facebook") is generally responsible for the collection and further processing of personal user data on Facebook's websites. Please note that Facebook collects and processes certain information about your visit to our fan page even if you do not have a Facebook user account or are not logged in to Facebook. For information on the processing of personal data by Facebook, please refer to Facebook's Privacy Policy https://www.facebook.com/privacy/explanation

5.4 Personal data attributable to other controllers

If you "share", "comment", "like" or "reply" to one of our posts, data processing takes place that can be attributed to you or the platform operator Facebook. We are not responsible for this data processing within the meaning of Art. 4 No. 7 GDPR. JAT is not obliged to review the contributions, comments or content uploaded, posted or submitted by the users. However, JAT reserves the right to reject, block or remove in particular submitted posts, comments or content from blogs and forums – insofar as they are publicly accessible on our fan page – without prior notice as soon as JAT has become aware of their illegality.

5.5 Where do we store your personal data?

With the use of this fan page, data is also transferred to countries outside the European Economic Area ("EEA"). For these countries, there is no adequacy decision by the EU Commission, except that there are no data protection regulations comparable to those of the EU (so-called third countries).
Meta Platforms Inc., the U.S. parent company of Meta Platforms Ireland Ltd., is certified under the EU-U.S. Data Privacy Framework and thus pledges to comply with European data protection regulations.

5.6 How long do we store your data?

JAT processes and stores personal data of data subjects only for as long as is necessary for the fulfilment of the purpose or to the extent required by law and the data is processed in JAT's IT systems. Retention periods under commercial and tax law can also prevent deletion. The retention and documentation periods specified there are up to ten years. If the purpose of storage ceases to apply or if a legally prescribed storage period expires, the personal data will be routinely restricted or deleted in accordance with the statutory provisions, unless they are used as evidence.

5.7 Other recipients?

In addition to service providers acting on our behalf and aforementioned recipients (including, but not limited to, Facebook), we may also disclose your personal information to third parties if we are under a duty to disclose or share your personal information in order to comply with a legal obligation or to protect the rights, property, or safety of JAT, our customers, or others.

5.8 Your rights as a data subject

Every person affected by our personal data processing has the right to information in accordance with Article 15 of the GDPR, the right to rectification in accordance with Article 16 of the GDPR, the right to erasure in accordance with Article 17 of the GDPR, the right to restriction of processing in accordance with Article 18 of the GDPR, the right to object in accordance with Article 21 of the GDPR and the right to data portability in accordance with Article 20 of the GDPR. The right to information and the right to erasure are subject to the restrictions under §§ 34 and 35 BDSG. In addition, there is a right to lodge a complaint with a data protection supervisory authority in accordance with Article 77 GDPR in conjunction with Section 19 BDSG. These rights can be exercised vis-à-vis both of the above-mentioned responsible bodies. If you would like to exercise your rights vis-à-vis Facebook, please follow the instructions on Facebook to do so: https://www.facebook.com/privacy/explanation

5.8.1 Exercise, objection or revocation of consent given

Your objection can be made in any form and can also be addressed to us by telephone. Facebook Ireland Limited ("Facebook") is generally responsible for the collection and further processing of personal user data on Facebook's websites. Please note that Facebook collects and processes certain information about your visit to our Facebook page even if you do not have a Facebook user account or are not logged in to Face-book. For information on the processing of personal data by Facebook, please refer to Facebook's Privacy Policy.

6 supplementary data protection notice for participation in our video conferences

This separate privacy notice applies to users who share our video conferencing systems with us. This supplements the above general data protection notice of the JAT. We use various video conferencing tools for communication. The data is processed as part of your participation in a video conference or online event.

6.1 What additional data is collected, processed and shared with your use of our video conference software?

6.1.1 Processing of Content, Usage and Device Data

In addition to image and sound, the following data is typically processed: name and IP address of the participant, name of the room, data on the device used. In addition, depending on usage, content can be generated from shared screens, chats, whiteboard posts or statuses. If available, telephone dial-in data can be processed: All voice communication as well as traffic data (telephone number, dial-in number, PIN, call duration). In the event of technical errors, the error ID and the device data affected by it are also stored.The online events are typically not recorded. During such a video conference, all participants can see, read and listen to data from screen shares, chats, videos, audios and whiteboard contributions.
By participating in video conferences and activating your device camera, you agree to the processing of your data. Please note that any transmission to the United States may also be carried out by Microsoft Corp.

6.2 Who receives your data?

6.2.1 Transfers to companies that provide services to us as processors

Your personal data will be passed on to companies that provide video conferencing systems on our behalf in accordance with our instructions. The provider of our video conferencing system, Microsoft Corp., provides Microsoft Teams for us.

6.2.2 Transfers to third countries

If you share our video conferencing services with us, certain connection data will be processed on cloud-based servers of the US service providers. In this context, a transfer of personal data to so-called unsafe third countries outside the EEA cannot be ruled out. There is no so-called adequacy decision for these third countries, which is why they do not have a high level of data protection comparable to that of the EU. With these service providers, we have therefore provided appropriate safeguards by means of standard contractual clauses issued by the EU Commission, which provide you with enforceable rights and effective remedies. We use the Standard Contractual Clauses with Module Two, which you  can find here. We also try to enable you to use such software in a data-saving way (e.g. participating in a video conference without registering your e-mail address in MS Teams).

Write an e-mailSubscribe newsletterFollow us on LinkedIn