Data privacy
Web analytics
Once you have given your consent for us to do so, we install a web analytics tool to track and analyse user behaviour on our website in order to improve and optimize the website in line with our objectives (e.g. increase the number of pages viewed).
We use cookies for this purpose.
You can find more details here (Appendix - "Details - Webanalytics").
We use cookies for this purpose.
You can find more details here (Appendix - "Details - Webanalytics").
Standard periods for deletion of data
There are a range of different retention periods and obligations required by law. Once these retention periods have expired, the data in question is routinely erased. Where the data is not legally required, it is deleted or anonymized as soon as it is no longer necessary for the purposes outlined in this privacy policy.
You can find out more information about how long your personal data will be stored for in the descriptions of each processing activity (e.g. the section above, "Using our TÜV SÜD store and portal", or the section below, "TÜV SÜD store & portal customer accounts").
You can find out more information about how long your personal data will be stored for in the descriptions of each processing activity (e.g. the section above, "Using our TÜV SÜD store and portal", or the section below, "TÜV SÜD store & portal customer accounts").
Additional data applications
Continued processing or usage of your personal data is only permitted if a law sanctions it or if you have given your consent for your data to be processed or used. If your data is going to be processed for purposes other than those for which the data was originally stored, we will inform you as well as providing information as to why it is being processed.
Changes to this policy
We may need to update this privacy policy as technology and/or the legal or regulatory framework changes. The current version of this privacy policy is available at all times on this page.
Information about specialist terminology
The specialist terms used in this privacy policy have a specific meaning as laid out in the GDPR.
You can access the full list of terminology in Article 4 of the GDPR using the following link: http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679
You can find out more information about the most important GDPR terms used in this privacy policy below:
- "Personal data" means any information relating to an identifiable or identified natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
- "Data subject" means the identified or identifiable natural person to whom the personal data corresponds
- "Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
- "Profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements
- "Controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law
- "Data processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller
- "Recipient" means a natural or legal person, public authority, agency or another body, to which the personal data is disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular enquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of the data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing
- "Third party" means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, is authorized to process personal data
- "International organization" means an organization and its subordinate bodies governed by public international law, or any other body which is set up by, or on the basis of, an agreement between two or more countries
- "Third country" means a country that is not a member state of the European Union ("EU") or the European Economic Area ("EEA")
- "Special categories of personal data" means data that allows a natural person's race, ethnicity, political beliefs, religious or philosophical convictions to be divulged, as well as their membership to trade unions, any genetic or biometric data that permits him or her to be identified, or data pertaining to their health, sex life or sexual orientation.
