Data protection declaration
The TÜV Rheinland Group welcomes you to our career blog and is pleased about your interest in our blog articles. Data protection and data security for our customers and users have, from time immemorial, been of great significance to our Group. The protection of your personal data is therefore very important and a special concern of ours.
General guidelines and mandatory information
1 Information about the collection of personal data
In the following sections we shall inform you about the collection and further processing of personal data when you visit our website. Personal data refers to all data which relates to you personally or with which you can be identified personally, e.g. name, address, e-mail address, or user behaviour.
The Controller, according to Article 4(7) of the EU General Data Protection Regulation (GDPR), is
TÜV Rheinland AG
Am Grauen Stein
51105 Cologne, Germany
Tel.: +49 (0) 221 / 806 – 0
Fax: +49 (0) 221 / 806 – 114
E-mail: genau.richtig(at)de.tuv.com (see our legal notice).
You can reach our legally designated data protection specialist at:
• a. genau.richtig(at)de.tuv.com with the subject line “Data protection specialist”
• b. or through our postal address with the tag “Data protection specialist”.
When you contact us by e-mail or via a contact form, we shall store the personal data you submit to us (your e-mail address, your name and your telephone number, if necessary) for purposes of responding to your questions. We shall delete the data connected with this event as soon as its storage is no longer required, or we shall restrict the processing of this data if there are any legal obligations necessitating its storage.
If we engage contracted service providers for individual functions of our service provision, or if we want to use your data for advertising purposes, we shall hereafter inform you in detail about the respective procedures. At the same time, we shall also tell you the fixed criteria for the storage duration.
Insofar as your inquiry necessitates the transmission of personal data to particular recipients, the data will also be shared with third parties. This will always take place within the framework of legal regulations.
This website uses SSL and/or TLS encryption for security reasons and to protect the transmission of confidential contents, e.g. submitted contents of a form. If the encryption is activated, the data transmitted to us cannot be read by third parties. You can recognise an encrypted connection by the fact that the address bar of your browser changes from “http://” to “https://” and by the lock symbol in the browser bar.
The use of the contact details published in connection with the obligatory legal notice for sending not explicitly solicited advertising and information material is hereby excluded. The operators of the websites reserve the right to take express legal steps in the event of unsolicited circulation of advertising information, for example through spam e-mails.
2 Your rights
You can assert the following rights against us regarding your personal data:
• a. Right to information,
• b. Right to rectification or erasure of personal data,
• c. Right to restriction of processing,
• d. Right of objection to the processing,
• e. Right to data portability.
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
3 Collection of personal data when you visit our website
If you are simply visiting our website for information purposes, and not to register or send us any information at all, we shall still collect the following personal data which will be transmitted to our server by your browser.
• a. IP address
• b. Date and time of your inquiry
• c. Time zone difference to Greenwich Mean Time (GMT)
• d. Contents of the request (precise page)
• e. Access status / HTTP status code
• f. The respective amount of data transmitted
• g. Website originating the request
• h. Browser
• i. Operating system and its interface
• j. Language and version of the browser software
The legal basis for the processing of your data is Article 6(1)(f) of the GDPR, which allows the processing of technically requisite data that ensures a stable and secure operation of the website.
In addition to the data mentioned earlier, cookies are stored on your computer when you visit our website. Cookies are small text files which are stored on your hard disk and associated with the browser you use; through these cookies, information is transmitted to the institution which has placed the cookie on your computer (here, our organisation). Cookies cannot run any programmes on or transmit viruses to your computer. They serve to make our web content more user-friendly and more effective as a whole.
• a. This website uses the following types of cookies, whose scope and functionality is described here below:
I. Transient cookies (refer to b)
II. Persistent cookies (refer to c)
• b. Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. This type of cookie stores what is known as a “session ID” with which different requests from your browser can be assigned to the common session. Through this, your computer can be recognised the next time you visit our website. Session cookies are deleted when you log out or when you close the browser.
• c. Persistent cookies are deleted after a pre-determined time, which can vary from one cookie to the next. You can delete cookies at any time through the security settings of the browser.
• d. You can configure your browser settings according to your wishes and reject the placement of third-party cookies, for instance, or of all cookies. We would like to point out that in this case you may not be able to use all the functions on this website to the fullest extent.
4 Registration on this website
You can register on our website to be able to use other functions on the website. We use the data submitted only for purposes of using the respective product or service for which you have registered. The mandatory information required during registration must be submitted in full. Otherwise, we will reject the registration.
We shall use the e-mail address submitted during registration to inform you about important changes, for example to the scope of the offer, or technically significant changes.
The data submitted during registration is processed on the basis of either a contract (Article 6(1)(b) of the GDPR or your consent (Article 6(1)(a) of the GDPR). You can revoke your consent at any time. You can do this by sending us an informal message by e-mail. The legality of the data processing already carried out shall remain unaffected by the revocation.
Data collected during the registration is stored by us for as long as you are a registered member on our website; thereafter it will be deleted. Legal retention periods shall remain unaffected.
4.1 Registration with Facebook Connect
Instead of direct registration on our website, you can also register with Facebook Connect. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
If you decide to register using Facebook Connect and then click on the button “Login with Facebook”- / “Connect with Facebook”, you will be automatically forwarded to the Facebook platform. You can sign in there with your user details. Through this process, your Facebook profile will be linked to our website and/or services. This connection will enable us to gain access to your data which is stored on Facebook. This includes mainly:
• a. Your Facebook name
• b. Your Facebook profile and cover photo
• c. Facebook cover photo
• d. Your e-mail address stored on Facebook
• e. Facebook ID
• f. Facebook friends lists
• g. Facebook Likes
• h. Date of birth
• i. Gender
• j. Country
• k. Language
This data is used for the setting up, provision and personalisation of your account.
You can find more details in the Facebook terms and conditions and the Facebook data protection regulations. These can be accessed at: https://de-de.facebook.com/about/privacy/ and https://www.facebook.com .
5 Other functions and services of our website
Apart from the purely informative use of our website, we also offer various services which you can use if interested. To do this, you generally have to give us more personal data, which we shall use to provide the respective service and for which the previously outlined principles of data processing apply.
We shall partly engage external service providers to process your data. These have been carefully selected and commissioned by us; they are bound by our instructions and are regularly monitored by us.
Furthermore, we can share your personal data with third parties if we have arranged to participate in promotions, competitions, conclusion of contracts or other similar services in collaboration with our partners. You can get more information about this by providing your personal details or in the subsequent description of the service offered.
Provided that our service providers or partners have their headquarters in a country outside the European Economic Area (EEA), we shall inform you about the consequences of this state of affairs in the description of the service offered.
Using the blog features
In our blog, where we publish various articles on topics related to our activities, you can make public comments. Your comment will be published with your username. We recommend that you use a pseudonym instead of your clear name. User name and e-mail address are required, all other information is voluntary. When you leave a comment, we continue to store your IP address, which we delete after one week. The storage is necessary for us to be able to defend ourselves against liability claims in cases of possible publication of illegal content. We need your e-mail address in order to contact you if a third party should object to your comment as unlawful. The legal basis is Art. 6 paragraph 1 sentence 1 lit. b and f DS-GMO. Comments will not be reviewed before publication. We reserve the right to delete comments if they are objected to as unlawful by third parties.
6 Objection to or revocation of the processing of your data
If you have consented to the processing of your data, you can always revoke this consent at any time. After you have expressed such a revocation to us, it will influence the permissibility of processing your personal data.
Provided that we are basing the processing of your personal data on the need to balance interests, you can raise an objection to this processing of your data. This is the case if the processing is not required in particular to fulfil a contract with you, a fact which we endeavour to outline in the subsequent description of the respective functions. When exercising such a right of objection, we request that you outline the reasons why we should not process your personal data in the manner we have described. If you present to us your reasons, we shall check the circumstances and either stop and/or adjust the processing of the data, or present compelling counterarguments for continuing with the data processing.
You can of course object to the processing of your personal data for purposes of advertising and data analysis at any time. You can inform us of your objection to the use of your data for advertising through the following contact address: By e-mail to genau.richtig[at]de.tuv.com or by post to TÜV Rheinland AG, Am Grauen Stein, 51105 Köln, Germany.
Newsletter, analysis tools and advertising
With your consent, you can subscribe to our newsletter, through which we can keep you informed about our latest interesting offers. The goods and services advertised are mentioned in the declaration of consent.
We use what is known as the “double opt-in procedure” for subscription to our newsletter. This means that after registration, we shall send you a message to the e-mail address you indicated, in which we shall request you to confirm that you wish to receive the newsletter. If you don’t confirm the registration, we shall block the information you submitted and it will then be deleted automatically. In addition, we shall also store the IP address you used and the time of registration and confirmation. The purpose of this procedure is to verify your registration and to enable us to clarify any possible misuse of your personal data, if necessary.
The only mandatory piece of information for the sending of our newsletter is your e-mail address. The provision of further, separately marked data is voluntary and is used to enable us to address you personally. After your confirmation, we shall store your e-mail address to send you the newsletter. The legal basis for this is Art. 6(1)(1)(a) of the GDPR.
You can revoke your consent for the newsletter any time and also unsubscribe from the same. You can perform the revocation by clicking on the link provided in each newsletter e-mail, or by sending a message to the contact address given in our legal notice.
We would like to let you know that we evaluate your user behaviour when we send you the newsletter. To do this evaluation, the e-mails sent contain “web beacons” or “tracking pixels”, which are one-pixel files stored on our website. To do this evaluation, we shall link the data specified in Part 1, Section 3 of this policy and the web beacons with your e-mail address and an individual ID. The links contained in the newsletter also contain this ID.
You can object to this tracking any time by unsubscribing from the newsletter. It is possible to unsubscribe through a link in each newsletter. The information you submitted will be stored for as long as you are subscribed to the newsletter. After you have unsubscribed, we shall keep your data for
purely statistical reasons.
2 Analysis tools and advertising
Use of Matoma (formerly Piwik)
This website uses the web analysis service Piwik to analyse and regularly improve the use of our website. We can improve our offer and make it more interesting for you as a user. The legal basis for the use of Piwik is Art. 6 paragraph 1 sentence 1 letter F DS-GMO.
Cookies (more details in § 3) are stored on your computer for this evaluation. The person responsible stores the information collected in this way exclusively on his server in Germany. You can set the evaluation by deleting existing cookies and preventing the storage of cookies. If you prevent the storage of cookies, we point out that you may not be able to use this website in its entirety. The prevention of the storage of cookies is possible through the setting in your browser. To prevent Piwik from being used, uncheck the following box to activate the opt-out plug-in: [Piwik iFrame].
This website uses Piwik with the extension “AnonymizeIP”. This shortens the processing of IP addresses and prevents direct personal contact. The IP address transmitted by your browser using Piwik will not be merged with other data collected by us.
The Piwik program is an open source project. You can obtain information on data protection from the third-party provider at http://piwik.org/privacy/policy.
Social media and other plug-ins
Social media plug-ins
We currently use the following social media plug-ins on our website:
We use the so-called two-click solution. This means that when you visit our site, no personal data is initially passed on to the providers of the plug-ins. You can recognize the provider of the plug-in by the marking on the box above its initial letter or the logo. We offer you the possibility to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online offer. In addition, the data referred to in Part 1, Section 3 of this Declaration will be transmitted. In the case of Facebook and Xing, the IP address is anonymized immediately after collection, according to the respective provider in Germany. By activating the plug-in, personal data is transferred from you to the respective plug-in provider and stored there (for US providers in the USA). Since the plug-in provider collects data mainly via cookies, we recommend that you delete all cookies before clicking on the grayed-out box using your browser’s security settings.
We have no influence on the data collected and data processing processes, nor are we aware of the full extent of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.
The plug-in provider stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation takes place in particular (also for not logged in users) for the representation of demand-fair advertisement and in order to inform other users of the social network about your activities on our website. You have a right of objection to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Through the plug-ins we offer you the possibility to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 paragraph 1 sentence 1 lit. f DS-GMO.
The data is transferred regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected with us will be directly assigned to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, especially before activating the button, as this way you can avoid being assigned to your profile with the plug-in provider.
For more information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the data protection declarations of these providers as notified below. They will also provide you with further information about your rights in this regard and setting options to protect your privacy.
Addresses of the respective plug-in providers and URL with their data protection information:
a.) Google Inc, 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=en. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
b.) Facebook Inc, 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
c.) Twitter, Inc. 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
d.) Pinterest Inc, 808 Brannan Street, San Francisco, CA 94103-490, USA (“Pinterest”) https://policy.pinterest.com/de/privacy-policy Further information on data collection
e.) Xing AG, Gänsemarkt 43, 20354 Hamburg, Germany; http://www.xing.com/privacy.
f.) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. LinkedIn has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Integration of YouTube videos
We have integrated YouTube videos into our online offering, which are stored on http://www.YouTube.com and can be played directly from our website. These are all integrated in the “extended data protection mode”, i.e. no data about you as a user will be transmitted to YouTube if you do not play the videos. Only when you play the videos will the data referred to in paragraph 2 be transmitted. We have no influence on this data transmission.
By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data referred to in Part 1, Section 3 of this Declaration will be transmitted. This is independent of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your information will be directly associated with your account. If you do not wish to be associated with your profile on YouTube, you must log out before activating the button. YouTube stores your data as user profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such evaluation takes place in particular (even for unlogged-in users) to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.