thyssenkrupp AG welcomes your interest for BeyondConventions (“Initiative”). BeyondConvention basically is a platform that we jointly set up with below parties. Corporates present concrete challenges from their businesses and invite startups to pitch their solutions on these challenges. Startups with the most promising solutions will be invited to present them at the event from from 12th – 13th February 2019 at thyssenkrupp AG Headquarter in Essen, Germany. This Initiative is a collaboration between
– Innogy SE (“Innogy”)
– Schacht One GmbH (“Schacht One”)
– Open Grid Europe GmbH (“Open grid Europe”)
– Siemens AG (“Siemens”)
– ALDI International Services GmbH & Co. oHG („Aldi Süd“)
– EMSCHERGENOSSENSCHAFT, Körperschaft des öffentlichen Rechts („Emschergenossenschaft“)
1. Who is responsible for the processing of personal data and whom you can approach?
Controller of the processing of personal data is:
thyssenkrupp Allee 1
Telephone: +49 201 844 0
You can reach our data protection officer under the following contact information:
The Data Protection Officer
thyssenkrupp Allee 1
Telephone: +49 201 844 0
2. What we process
We process personal data provided by you or through cookies and automatically allocated access data. For further information, see section II. – “Processing of personal data”.
3. For what purpose and on what legal basis do we process personal data?
In order to make your participation to Beyond Conventions possible, we needs to process certain data from you. We need to know who you are, in which challenge you want to participate. We process your personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and applicable national law for various purposes. For further information, see section II. – “Processing of personal data”.
4. Who receives your personal data?
Service providers employed by us (processors, see Art. 4 No. 8 GDPR) may receive and process personal data on our behalf. We use the following categories of processors:
We also may share personal data with other group companies where necessary for specific purposes, i.e. organization of the Beyond Conventions event such as preparation and organisation of the meeting that will take place in Essen and selection of the possible candidates.
Lastly, we share personal data with the following third party controllers where necessary for the specific purposes that your information is collected (see Art. 4 No. 7 GDPR):
5. For how long do we process personal data?
We process data only as long as it is necessary in relation to the initial specified, explicit and legitimate purpose (currently it is expected that we will need the personal data for two months after Beyond Conventions has taken place). Additionally, we are subject to various statutory filing and documentation obligations arising from the Handelsgesetzbuch (HGB) or Abgabenordnung (AO). The deadlines for storage and documentation can be up to ten years.
In light of possible legal claims, the processing period is also determined by statutory time limitations, which can be up to thirty years.
6. Are you obligated to provide personal data?
There is no legal or contractual obligation to provide us with personal data. We only ask you to provide us with the data necessary for our services (providing you with the website, answering any inquiries made by you (via contact form or email) and the participating in Beyond Conventions. Without this personal data, we cannot offer you our services or only offer those services very limitedly.
7. Transfer of personal data to a Third Country?
A transfer shall take place only in compliance with the data protection regulations, in particular the assurance of an adequate level of data protection. We have implemented appropriate safeguards, i.e. standard contractual clauses according to Art. 46 (2) lit. c GDPR, ensuring the safety of your personal data. For further information regarding this or a copy of said safeguards you can contact us under the contact information given in section I. 1. – Who is responsible for the processing of personal data and whom you can approach.
8. Links to third-party websites
The website may contain links to third-party websites, including social media sites. Any access to and use of such linked websites is not governed by this policy. These third party websites are governed by the privacy policies of those third party websites. We are not responsible for the processing of personal data on such third party websites.
9. Your Rights
You have the right of access (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), the right to erasure (Art. 17 GDPR), the right to restriction of processing (Art. 18 GDPR) and the right to data portability (Art. 20 GDPR).
When personal data is processed based on your consent, you have the right to withdraw your consent according to Art. 7 (3) GDPR. Please keep in mind that your withdrawal only affects future processing based on those rights, you can contact us under the contact information given in section I. 1. – “Who is re-sponsible for the processing of personal data and whom you can approach.
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44
1. Automated collection of access data/ server logfiles
While visiting our websites, the following access data is stored during every retrieval in server logfiles:
The processing of personal data is based on Art. 6 (1) lit. f GDPR. Purpose and our legitimate interest are ad-ministration and improved functionality of our website as well as preventing security issues.
Cookies can be used for different purposes:
You can set your browser so that you are informed about the setting of cookies and individually decide on their acceptance or decline cookies in specific cases or in general. You can delete already set cookies. Declining cookies may limit the functionality of our website.
Processing of personal data through the use of functional, first party cookies is based on Art. 6 (1) lit. f GDPR. Purpose and our legitimate interest are improved functionality of our website. Usage of third party cookies will be described in detail below.
3. Google Analytics
In case the anonymization of IP-addresses is active on a website, the user’s IP-address will be truncated inside the European Union or the European Economic Area. Only in exceptional cases the user’s full IP-address will be transmitted to a server of Google in the US and truncated there. IP-anonymization is active on our web-sites.
On behalf of us, Google will process this data in order to analyze your use of our websites, to generate reports on website activity and to render further services regarding the use of our websites. The IP-address transmitted by your browser will not be associated with other data in possession of Google.
You can prevent the storage of cookies by modifying your browser setting to decline cookies. Furthermore, you can prevent the collection and following procession of data by Google through this cookie by downloading a browser-plugin through the following link: https://tools.google.com/dlpage/gaoptout/.
An opt-out-cookie will be stored on your device. This will prevent further allocation of data through the Google Analytics cookie on our websites.
Preventing storage of cookies may prevent you from taking full advantage of our websites.
We also use Google Analytics to analyze data from AdWords and the Double-Click Cookie for statistical purposes. If you do not want to do this, you can disable it through the Ads Preferences Manager (http://www.google.com/settings/ads/onweb/?hl=e)
You can find further information about terms and conditions as well as data protection on https://www.google.com/policies/privacy/.
The processing of personal data through Google Analytics is based on Article 6 (1) lit. f GDPR. Purpose and our legitimate interest are analysis of the use of our websites as well as improved functionality.
This website may use Hotjar, a web analytics tool by Hotjar Limited, a private limited liability company regis-tered under the Laws of Malta with company number C 65490, having its registered address situated at Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta. Interactions of randomly select-ed, individual visitors of the website are recorded anonymously. Thus, a log of e.g. Mouse movements and clicks with the aim to show improvement possibilities of the respective internet site. In addition, information about the operating system, browsers, incoming and outgoing links, geographical origin, as well as the resolu-tion and type of the device are evaluated for statistical purposes. This information is not personal and will not be disclosed by Hotjar to third parties. If you do not want a recording, you can disable it on all websites using Hotjar by setting the DoNotTrack header in your browser. Information can be found on the following page: http://overheat.de/opt-out.html.
The legal basis is Art. 6 (1) lit. a GDPR. The purpose of the processing lies in the analysis and optimization of our website.
5. Google Tag Manager
We use the Google Tag Manager by Google, Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA ("Google"), which does not collect any personal data. This tool causes other tags to be created, which in turn collect data under certain circumstances. Google Tag Manager does not access this data. If deactivation was carried out on the domain or cookie level, it remains in place for all tracking tags which were implemented with Google Tag Manager.
You can find Google’s use policy regarding Google Tag Manager here: https://www.google.de/tagmanager/use-policy.html
6. Google reCAPTCHA
Google has submitted to the EU-US Privacy Shield, which you can read here https://policies.google.com/privacy/frameworks?hl=en.
The processing of personal data through Google reCAPTCHA is based on Article 6 (1) lit. f GDPR. Purpose and our legitimate interest are to protect our online forms from improper automated use, spying and spam.
7. Social Media Plugins
We use Plugins of social networks, so called “Social Plugins“.
Without any action by you as User the Social Plugins are deactivated and therefore no data is trans-ferred. If you wish to share for example a content, you have to click the respective button first. Only with the click of the respective button a connection to the respective social network will be set up and data transferred thereto. The provider of the Plugin will get the information that you have accessed the corresponding website of our online service. In addition, automatically collected Access Data are transmitted.
The providers of Plugins process the data collected about you via the Plugins, create usage profiles and use them for purposes of advertising, market research and / or tailor-made design of their website. Such processing is carried out in particular for the presentation of needs-based advertisement and to inform other users of the social network about your activities on our website. You have a right to object to the formation of these user profiles, whereby you must contact the respective provider of the Plugin.
The data collection by the respective provider of the Plugin is carried out regardless of whether you have an account with the provider and are logged while using the Plugin. If you are logged into your Social Media account, your collected data will be assigned directly to your existing account with the provider of the Plugin. For example, if you link the page, the Plugin provider also stores this information in your user account and shares it with your contacts publicly. We recommend that you log out regularly after using a social network, but especially before activating the Plugin.
The use of social media plugins is based on Art. 6 (1) lit. a GDPR. The purpose of the processing is improved functionality of our website and enabling our visitors to share our content on social media.
In detail, these are the following social networks:
Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025, USA or Facebook Ireland Ltd., 4 Grand Ca-nal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook“).
Facebook is certified according to the EU-US agreement “privacy shield”, https://www.privacyshield.gov/welcome. The “privacy shield” is an agreement between the European Union (EU) and the USA to ensure compliance with European data protection standards in the USA.
LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA or LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn”).
LinkedIn is certified according to the EU-US agreement “privacy shield”, https://www.privacyshield.gov/welcome.
Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA (“Twitter“).
Twitter is certified according to the EU-US agreement “privacy shield”, https://www.privacyshield.gov/welcome.
We have included YouTube-Videos by Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA in our website, which are directly playable from our website. Without any action by you the YouTube plugin is deactivated and therefore no data is transferred. Only if you click on the video a connection to YouTube will be set up and data transferred thereto. Google Inc. will get the information that you have accessed the corresponding website of our online service. In addition, automatically collected access data is transmitted.
Google Inc. processes the data collected about you via the plugins, creates usage profiles and uses them for purposes of advertising and/ or market research. Such processing is carried out in particular for the presentation of needs-based advertisement and to inform other users of the social network about your activities on our web-site. You have a right to object to the formation of these user profiles, whereby you must contact Google Inc.
This happens regardless of whether YouTube provides a user account that you are logged in to, or if there is no user account. When you're logged in to YouTube, your data will be assigned directly to your account. If you do not wish to associate with your profile on YouTube, you must log out before activating the video.
Google Inc. is certified according to the EU-US agreement “privacy shield”, https://www.privacyshield.gov/welcome. The “privacy shield” is an agreement between the European Union (EU) and the USA to ensure compliance with European data protection standards in the USA.
Through the embedded videos, we offer you the opportunity to play YouTube videos directly on our site, so that we can improve the usability of our website and make it more interesting for you as a user. The legal basis for the use of the plugin is Art. 6 (1) lit. f GDPR.
9. Contact forms/ email contact
When contacting us (e.g. via the provided email address), we process the email address and any personal data disclosed via the contact form the message itself (e.g. your name).
When you use a contact form, we additionally process personal data you provide in the contact form: name, address, telephone number and email.
The processing is based on Art. 6 (1) lit. f GDPR. Purpose and our legitimate interest is answering your enquiry and, if applicable, follow-up questions"
10. Changes to this statement
Last changed: 07.11.2018