I. Name and address of the controller
In accordance with the General Data Protection Regulation (GDPR) and other data protection regulations, the controller is:
ENGINEERING CENTER STEYR GMBH & CO KG
Steyrer Strasse 32, 4300 St. Valentin, Austria
Tel.: +43 7435 501 0
You can contact us via the above company address, via email at datenschutz.valentin.mpt[at]magna.com and via the contact form on our website engineering.mpt.magna.com.
II. Data processing on the Roots 48 Event Portal
This page provides information about the data protection provisions applicable on the Roots 48 Event Portal (“Platform”). The Platform is operated on our behalf by our service provider, Roots 48 GmbH, Hans-Pfitzner-Strasse 31, 47057 Duisburg, Germany (“Roots 48 GmbH” or “Processor”).
1. Scope of processing of personal data
In principle, we only process our users’ personal data to the extent that this is necessary for the provision of a functioning Platform as well as our content and services.
Users can access the Event Portal to do the following, once they have logged in to their profile:
· Run events, meetings and projects in the digital space
· Integrate a chat feature using an audio function to facilitate contact between event visitors
· Integrate video conferencing tools for presentations, webinars, workshops and meetings
· Provide a virtual welcome area, a networking space, a workshop area and an auditorium
· Provide a digital contact form
· Provide a chatbot
When you register and participate in events, we process the following personal data from you:
· Email address
· First name
· Last name
· Company affiliation
· Fields of interest
· Live audio and video data if used by you (these data will not be recorded for participants)video data if used by you (these data will not be recorded for participants)
· Personal device data:
o IP address
o MAC address
o Device ID
o Device type
Please note that all event participants can view the above data while they are participating in the event, with the exception of personal device data.
A contact form is also available on our Platform, which can be used to contact us electronically. If a user takes advantage of this option, the data entered in the input screen will be transmitted to us and stored.
When you use the contact form, we process your name, your email address and your enquiry. Your request will be sent to our mailbox at email@example.com but will not be stored on the Platform itself.
In the course of the presentations provided at the event audio and video of the lecturer and the chairman will be recorded and uploaded to our homepage after the event. No recording of participants takes place.
2. Legal basis for the processing of personal data
We process your personal data on the basis of your consent in accordance with the event registration pursuant to Article 6(1) (a) GDPR and the agreement concluded on binding participation in the event pursuant to Article 6(1) (b) GDPR.
3. Data erasure and storage period
Your user data will only be stored for as long as is necessary to use the Platform, at the latest until the event has ended. After the event has ended, your data will be erased from the Platform.
Recorded audio and video material of lecturers and the chairman will be erased from our homepage after withdrawal, at the latest 5 years after the event has ended.
4. Automated decision-making in individual cases, including profiling
No profiling takes place.
III. Further data processing – provision of the Platform and creation of log files
1. Description and scope of data processing
Each time you access our Platform, our system automatically collects data and information from the system of the accessing computer.
The following data are collected:
· Information about the browser type and version used
· The user’s operating system
· The user’s IP address
· Date and time of access
· Referrer URL
· Hostname of the accessing computer
These data are stored in our system log files and are retained after the end of the event. These data are not stored together with other personal data of the user.
The geographical location of the website’s server is in Germany.
2. Purpose of data processing
It is necessary for the system to temporarily store the IP address in order to enable delivery of the Platform to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
The data are stored in log files in order to ensure the functionality of the Platform. In addition, we use the data to optimize the Platform and to ensure the security of our information technology systems. The data are not evaluated for marketing purposes in this context.
3. Legal basis for data processing
The legal basis for the temporary storage of the data and the log files is Article 6(1) (f) GDPR.
4. Opportunity to object and to obtain removal of data
Collection of data for the provision of the Platform and storage of the data in log files is necessary for operation of the Platform. Consequently, there is no opportunity for users to object.
1. Description and scope of data processing
Our Platform only uses technically necessary cookies, which are required for the functionality of our services on this Platform. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. If a user accesses a Platform, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the Platform is accessed again.
The following data are stored and transmitted in the cookies:
· Login information
· Use of Platform functions
Technical precautions are taken in order to pseudonymize the user data collected in this way. Once user data have been pseudonymized, it is no longer possible to assign the data to the user accessing the Platform. The data are not stored together with other personal data of the users.
2. Purpose of data processing
3. Storage duration, opportunity to object and to obtain removal of data
V. Plugins used
We use plugins for various purposes. The plugins used on our Platform are listed below:
Use of inflow (chatbot)
Via our processor, we use functionalities of the communication/chat plugin inflow provided by LiveRate GmbH, Metzstrasse 12, 81667, Munich, Bavaria, Germany (“LiveRate”). Inflow is a live chat and messaging plugin which allows you to communicate with us. LiveRate stores technically necessary cookies on your end device.
When using the plugin, LiveRate processes the following personal data in particular:
- Webchat: your first name, last name and email address may be stored, if you have entered them, as well as your IP address
- All sent and received messages are automatically stored, and they are deleted after the event has ended.
In principle, the legal basis for processing the users’ personal data is each user’s consent pursuant to Article 6(1) (a) GDPR, which is actively granted by using the chatbot for the first time.
Use of Matomo
We use the open-source tracking tool Matomo (https://matomo.org/) to analyse our users’ surfing behaviour. By evaluating the data obtained, we are able to compile information on the use of the individual components of our online services. This helps us to constantly improve our online services and their user-friendliness.
Matomo places a cookie on your computer. The software is configured so that the IP addresses are not stored in full; instead, 2 bytes of the IP address are masked for anonymization (e.g.: 192.168.xxx.xxx). This means it is no longer possible to assign the shortened IP address to the computer accessing the software.
Use of zoom
Via our processor, we use subcontracted functionalities of the Zoom video and web conferencing service provided by Zoom Video Communications Inc, 55 Almaden Boulevard, Suite 600, San Jose, CA 95113, USA (“Zoom”). Zoom webinars are a special feature that allows us to host and broadcast presentations to up to 500 participants, with no registration or login required for users. Zoom stores technically necessary cookies on your end device.
Depending on the data you provide when using Zoom and how you use Zoom, the following personal data will be processed by Zoom:
· Email address
· IP address
· MAC address
· Device ID (UDID)
· Device type
· Type and version of the operating system and the client version
· Information you upload, provide or create while using Zoom
When you use Zoom, data are transmitted to Zoom servers in the USA and processed there. In order to guarantee appropriate protection of the transfer and processing of personal data outside the EU, the transfer of data to and processing of data by Zoom is carried out on the basis of appropriate guarantees pursuant to Article 46 et seq. GDPR in the form of standard data protection clauses pursuant to Article 46(2) (c) GDPR agreed by our processor.
For the legal basis and storage period, see section II on data processing.
VI. Rights of the data subject
In principle, you have the rights of access, rectification, erasure, restriction, data portability, withdrawal and objection.
Data protection laws give you the right to withdraw your declaration of consent at any time. Withdrawal of your consent shall not affect the lawfulness of the processing carried out on the basis of your consent prior to withdrawal. After withdrawing your consent, we will immediately erase your personal data on this Platform.
If you believe that the processing of your data infringes data protection laws, or that your data protection rights have been infringed in any other way, please contact us so that we can clarify any issues.
You can contact us using the contact details mentioned at the top of this page.
In addition, you have the right to lodge a complaint with the Austrian data protection authority (https://www.dsb.gv.at/).
We are of course always on hand if you require information about data protection on our website engineering.mpt.magna.com.