Privacy Policy

Privacy Policy

Welcome to the C.R.S. iiMotion GmbH website. Thank you for visiting our website and for your interest in our company, products and service. The protection of personal data and your privacy is very important to us. We would like to take this opportunity to describe how we protect your data and what the use of our personalized services means for you. To ensure the best possible protection of your privacy, we always comply with all applicable data protection regulations.

Scope This data protection declaration is intended to inform the users of this website in accordance with the Federal Data Protection Act and GDPR / EU GDPR as well as legal regulations in the BDSG about the nature, scope and purpose of the collection and use of personal data by the website operator. Contact details of the website operator: C.R.S. iiMotion GmbH Peterzeller Straße 8 DE-78048 Villingen-Schwenningen Phone: +49-7721-20697-0 E-Mail: info@crs-iimotion.com Contact details of the data protection officer: Interlock Unternehmensgesellschaft Lerchenstrasse 11 DE-78073 Bad-Dürrheim Phone: +49 (0173) 5641556 E-Mail: aw@qm-weiss.de The website operator takes your data protection very seriously and treats your personal data confidentially and in accordance with the statutory provisions. The use of our website is usually possible without providing personal data. Insofar as personal data (e.g., name, address, or e-mail addresses) are collected on our pages, this is always done on a voluntary basis as far as possible. This data will not be passed on to third parties without your express consent. We would like to point out that data transmission on the Internet (e.g., when communicating by e-mail) may have security gaps. A complete protection of the data against access by third parties is not possible. The use of contact data published within the scope of the imprint obligation by third parties for the purpose of sending unsolicited advertising and information materials is hereby expressly prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

Privacy policy This data protection declaration clarifies the nature, scope, and purpose of the processing of personal data (hereinafter designated as "data") within our online offer and the associated websites, functions, and content as well as external online presences, such as e.g., our social media profile (hereinafter jointly designated as "online offer"). With regard to the terms used, such as e.g., "processing" or "controller", we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Terms used "Personal data" means any information relating to an identified or identifiable natural person (hereinafter designated to as "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more special features that express the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. "Processing" means any operation or set of operations performed with or without the aid of automated procedures in connection with personal data. The term goes far and wide and covers virtually every handling of data. "Pseudonymization" means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person. "Profiling" means any type of automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyses or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, behavior, location or movement of that natural person. "Controller" means the natural or legal person, public authority, agency, or other positions which, alone or jointly with others, determines the purposes and means of the processing of personal data. "Processor" means a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

Hosting The hosting services used by us serve to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services, which we use for the purpose of operating this online offer. In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 para. 1 lit. f GDPR in connections with Art. 28 GDPR (conclusion of order processing contract).

Collection of access data and log files We, or our hosting provider, collect data on each access to the server on which this service is located (so-called server log files) on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR. The access data includes the name of the accessed website, file, date and time of retrieval, amount of data transferred, notification of successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider. Log file information is stored for security reasons (e.g., to investigate misuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is necessary for evidentiary purposes are excluded from deletion until the respective incident has been finally clarified. Types of data processed: • Usage data (e.g., our visited websites, interest in content, access times). • Time at the time of access • Amount of data sent in bytes • Source/reference from which you came to the site • Browser used • Operating system used • IP address used The data collected is only used for statistical evaluations and to improve the website. However, the website operator reserves the right to subsequently check the server log files if there are concrete indications of illegal use.

Categories of data subjects Visitors and users of the online offer (In the following, we also refer to the data subjects collectively as "users"). Purpose of processing • Provision of the online offer, its functions, and contents. • Responding to contact requests and communicating with users. • Security measures. The website operator collects, uses, and passes on your personal data only if this is permitted by law or if you consent to the collection of data. Personal data includes all information that serves to determine your person, and which can be traced back to you – for example, your name, e-mail address and telephone number. Personal data is information about your identity. This includes, for example information such as name, address, telephone number, e-mail address. In order to use our website, it is not necessary for you to disclose personal data. In certain cases, we need your name and address as well as other information so that we can provide the requested services The same applies, for example, to the sending of information material and ordered services or to answering individual questions. Where necessary, we will inform you accordingly. In addition, we only store and process data that you provide to us voluntarily or automatically. Insofar as we ask you for further data, this is voluntary information. The processing of personal data takes place exclusively for the fulfilment of the requested offer and to safeguard one's own legitimate business interests.

Relevant legal bases In accordance with Article 13 GDPR, we will inform you of the legal basis of our data processing. If the legal basis is not mentioned in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6 para. 1 lit. and Art. 7 GDPR, the legal basis for the processing for the fulfillment of our services and implementation of contractual measures as well as answering inquiries is Art. 6 para. 1 lit. b GDPR, the legal basis for the processing to fulfill our legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for the processing to safeguard our legitimate interests is Art. 6 para. 1 lit. f GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.

Security measures In accordance with Article 32 GDPR, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different probability of occurrence and severity of the risk to the rights and freedoms of natural persons. The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access, input, disclosure, ensuring availability and its separation. Furthermore, we have set up procedures that ensure the exercise of data subject rights, deletion of data and response to data endangerment. Furthermore, we take into account the protection of personal data already during the development or selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and data protection-friendly default settings (Art. 25 GDPR).

Cooperation with processors and third parties If, in the context of our processing, we disclose data to other persons and companies (processors or third parties), transmit them to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g., if a transmission of the data to third parties, such as payment service providers, is necessary for the fulfilment of the contract in accordance with Art. 6 para. 1 lit. b GDPR), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g., when using agents, web hosts, etc.). If we commission third parties with the processing of data on the basis of a so- called "order processing contract", this is done on the basis of Art. 28 GDPR. We process your personal data only for the purposes stated in this privacy policy. Your personal data will not be transmitted to third parties for purposes other than those mentioned. We will only share your personal information with third parties if: • you have given your express consent to this, • the processing is necessary for the execution of a contract with you, • the processing is necessary to comply with a legal obligation, • the processing is necessary to safeguard legitimate interests and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data.

Transfers to third countries If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of the use of third-party services or disclosure or transfer of data to third parties, this will only take place if it is done to fulfil our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the special requirements of Art. 44 et seq. GDPR are met. This means that the processing takes place e.g., on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU (e.B. for the USA through the "Privacy Shield") or observance of officially recognized special contractual obligations (so-called "standard contractual clauses").

Rights of data subjects You have the right to request confirmation as to whether the data in question is being processed and to obtain information about this data as well as further information and a copy of the data in accordance with Article 15 GDPR. You have accordingly. Art. 16 GDPR, the right to request the completion of the data concerning you or the correction of the incorrect data concerning you. In accordance with Article 17 GDPR, you have the right to demand that the data in question be deleted immediately or, alternatively, to demand a restriction of the processing of the data in accordance with Article 18 GDPR. You have the right to request that the data concerning you that you have provided to us be received in accordance with Article 20 GDPR and to request their transmission to other controllers. In accordance with Article 77 GDPR, you also have the right to lodge a complaint with the competent supervisory authority. Right of withdrawal You have the right to revoke your consent in accordance with Article 7 (3) GDPR with effect for the future. Right to object You can object to the future processing of your data in accordance with Article 21 GDPR at any time. The objection can be made in particular against the processing for direct marketing purposes. Your other rights You can exercise the following rights at any time using the contact details provided by our data protection officer: • Information about your data stored by us and their processing, • Correction of inaccurate personal data, • Deletion of your data stored by us, • Restriction of data processing, if we are not yet allowed to delete your data due to legal obligations, • Objection to the processing of your data by us and • Data portability, provided that you have consented to data processing or have concluded a contract with us. • f you have given us your consent, you can revoke it at any time with effect for the future. You can contact the supervisory authority responsible for you at any time with a complaint. Your competent supervisory authority depends on the federal state of your place of residence, your work, or the alleged violation. A list of supervisory authorities (for the non-public sector) with addresses can be found at: BfDI - Homepage (bund.de)

Deletion of data The data processed by us will be deleted or restricted in their processing in accordance with Articles 17 and 18 GDPR. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because it is necessary for other and legally permissible purposes, their processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for e.g., to data that must be stored for commercial or tax reasons. According to legal requirements in Germany, the storage takes place in particular for 10 years in accordance with §§ 147 (1) AO, 257 (1) no. 1 and (4), (4) HGB (books, records, management reports, accounting documents, trading books, documents relevant for taxation, etc.) and 6 years in accordance with § 257 (1) no. 2 and 3, (4) HGB (commercial letters).

Cookies and right to object to direct marketing "Cookies" are small files that are stored on users' computers. Different information can be stored within the cookies. A cookie is primarily used to store the information about a user (or the device on which the cookie is stored) during or after his visit within an online offer. Temporary cookies, or "session cookies" or "transient cookies", are cookies that are deleted after a user leaves an online offer and closes his browser. In such a cookie, for example the contents of a shopping cart in an online shop or a login status can be stored. "Permanent" or "persistent" refers to cookies that remain stored even after closing the browser. For example, the login status can be saved if the users visit it after several days. Likewise, such a cookie can store the interests of users, which are used for reach measurement or marketing purposes. "Third-party cookies" are cookies that are offered by providers other than the controller who operates the online offer (otherwise, if it is only their cookies, one speaks of "first-party cookies"). We only use temporary cookies for language selection on our website. No further data (cookies set/stored) are collected, stored, or evaluated. If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies may lead to functional restrictions of this online offer (e.g., that you have to set the new languages on each page). A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the US site http://www.aboutads.info/choices/ or the EU site h t t p : / / w w w . y o u r o n l i n e c h o i c e s . c o m / . Furthermore, the storage of cookies can be achieved by switching them off in the settings of the browser. Please note that not all functions of this online offer may then be able to be used. You can prevent the storage of cookies by setting your browser software; accordingly, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: Google Analytics Opt-out Browser Add-on Download Page

Use of Google Maps This website uses Google Maps API to visually display geographic information. When using Google Maps, Google also collects, processes, and uses data about the use of the map functions by visitors. Further information about data processing by Google can be found in Google’s privacy policy . There you can also change your personal data protection settings in the data protection center. Detailed instructions on how to manage your own data in connection with Google products can be found here .

Integration of third- party services and content On the basis of our legitimate interests (i.e., interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR), we use content or service offers from third-party providers within our online offer in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content"). This always presupposes that the third- party providers of this content perceive the IP address of the users, since without the IP address they could not send the content to their browser. The IP address is therefore required for the presentation of this content. We endeavor to use only such content whose respective providers use the IP address only for the delivery of the content. Third parties may also use so- called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user's device and contain, among other things, technical information about the browser and operating system, referring websites, visit time and other information on the use of our online offer, as well as be combined with such information from other sources.

Contact When contacting us (e.g., e-mail or telephone), the user's details are processed to process the contact request and its processing in accordance with Art. 6 para. 1 lit. b) GDPR. The information provided by users can be stored in a customer relationship management system ("CRM system") or comparable request organization. We delete the requests if they are no longer necessary. We review the necessity every two years; Furthermore, the statutory archiving obligations apply.

Handling of contact data If you contact the website operator through the contact options offered, your details will be stored so that they can be used to process and answer your request. Without your consent, this data will not be passed on to third parties.

Up-to-datedness and changes to this data protection declaration This privacy policy is currently valid and has the status June 2020. Due to the further development of our website and offers on it or due to changed legal or official requirements, it may be necessary to change this data protection declaration. End of privacy policy