Data Privacy Notice
We take the protection of your personal data seriously
Engineering Consulting & Solutions GmbH (ECS) appreciates that you are interested in our company and our products and services. We want you to feel safe when you visit our website where the protection of your personal data is concerned. It goes without saying that your personal are processed by us only in accordance with the provisions of European and German data privacy laws and regulations. We want you to know what kind of data we collect and what we do with it. We have implemented technical and organizational measures to ensure our own compliance with data privacy laws and regulations as well as that of any third-party supplier of goods or services.
1. General information and mandatory information
Ingolstädter Str. 47
92318 Neumarkt i.d.OPf.
phone: +49 9181 4764-10
Personal data means any information which enables you to be identified directly or indirectly, e.g. your name, address, phone number and e-mail address, and even your pattern of use of the internet or the IP-address of your computer.
When you visit our website, some data is stored and processed automatically such as the IP-address of your computer and the names of the web pages you visited, the type of browser and the operating system you use, the date and time of your visit, the search engine or other referrer URL and the name of files you downloaded.
In some cases we will ask you to provide your personal details such as your name and address, data we need in order to provide the services you require. The same applies if you ask for information materials, order any goods or ask us individual questions. We will indicate where this is necessary.
Purposes of the collection and processing of personal data
The data provided by you will be used mainly for the purposes of replying to your inquiries, of fulfilling your orders or service requests or of providing information or quotations regarding our offers. We will not sell or distribute your data to anyone else.
We will only process your personal data for the purposes mentioned above as well as further down in this document. We will not transfer the data to any third party without your consent. Whenever we collect personal data and, if required, transfer personal data to public institutions or authorities entitled to receive such data, we will always do so in accordance with the applicable laws and/or legitimate court orders. Our employees and service providers have all been committed to maintain personal data confidential and to adhere to the provisions of the applicable data privacy laws and regulations.
Children and adolescents
Persons under 18 years of age shouldn't transmit data to us without prior agreement of parents or legal guardians. We do not claim personal data from children or adolescents, nor do we collect it or transfer it to third parties.
We have implemented technical and organizational measures to protect your personal data from accidental loss, destruction or damage, manipulation or unauthorized access. All our employees and everyone else involved in the processing of personal data have been committed to adhere to the provisions of the applicable data privacy laws and regulations and to maintain personal data confidential. When personal data is collected via our website, the information is encrypted before it is transferred to us to prevent abuse. We continually review and upgrade our security measures to keep up with technological progress.
This website uses, for security reasons and to protect the transmission of your personal data, a state of the art SSL encryption technology.
Updates of this privacy notice
If you make use of external links which are offered on our website this data privacy notice is not applicable to these links. Where we provide links to other websites on our pages we assert that, at the time we included this link, infringements against established law were not noticeable. But we cannot influence the operator of the website the link leads to as to his observance of laws governing data protection and data security. Please refer to the information regarding data protection and data security provided on the respective websites.
Your Rights regarding Your Data:
Your Rights regarding information and access to personal data
You have the right to request free-of-charge access to the personal information we hold about you (Art. 15 GDPR), you can also request rectification (Art. 16 GDPR) or erasure (Art. 18 GDPR) of the personal information. Feel free to contact us anytime if you want to know which information we have stored or if you want the data to be rectified or deleted.
Additionally, you also have the right according to applicable laws to request the restriction of processing of your personal information (Art. 18 GDPR), to object to the processing of your personal data (Art. 21 GDPR), to withdraw your consent to the processing of your personal data (Art. 7 GDPR) and to data portability (Art. 20 GDPR). Finally, you are also entitled to lodge a complaint with a supervisory authority (Art. 77 GDPR). In any of these cases please contact us directly. Please send a letter to our headquarters in Neumarkt i.d.OPf. or an e-mail to email@example.com with reference to “Data protection / Right of access to personal data”.
If you have any questions regarding this data privacy notice or the processing of your personal data, please write to our headquarters in Neumarkt Opf. or send us an e-mail to firstname.lastname@example.org with reference to “Data protection / Right of access to personal data”.
Legal basis for data processing
Art. 6, Paragraph 1, Item a) of the GDPR serves as a legal basis for data processing if the user has given consent to the processing of his personal data.
If the processing of personal data is necessary for the performance of a contract to which the data subject is party, e.g. if the data is processed because it is necessary so as to deliver goods or services or the respective consideration, then the legal basis for the processing is Art. 6, Paragraph 1, Item b). This also applies for the processing of data prior to entering into a contract, such as in the event of inquiries regarding our products or services.
In case there is a legal obligation to which we have to adhere and due to which we have to process personal data, the processing is based on Art. 6, Paragraph 1, Item c GDPR.
Finally, processing of personal data can occur on the legal basis in Art. 6, Paragraph 1, Item f GDPR. This provision serves as basis for data processing that is not covered by the other provisions if the purpose is in the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.
2. Recording of data on this website
Whilst you are browsing on our website, the following personal data are collected for organizational and technical reasons automatically by the browser on your computer and transferred to our webserver, where they are stored in so-called logfiles:
- the IP-address of your computer,
- the names and URL‘s of the web pages visited and/or files downloaded,
- the type of browser and the operating system you use,
- the date and time of your visit,
- the web page you came from (referrer URL)
We only analyze this technical data in an anonymized form and only for statistical purposes, with the aim of continually optimizing our website, of making the online content more attractive as well as of ensuring a stable and secure connection and system. The data is separated from other personal data and stored in a secured system. It is not used to create references to individual persons.
If you have any questions you may use the contact form provided on our website in order to get in touch with us. You will be asked to provide a valid e-mail address and your name so that we know, who contacted us and so that we can reply to your question and possible follow up questions. You may provide further information at will, if you wish. The IP address of your computer will be stored the moment the form is transmitted.
The data is encrypted before the transmission. Please note that the transmission of data via the internet and/or the communication via e-mail may still be prone to security issues even when it is encrypted. It is not possible to protect data completely against unauthorized or unlawful processing. If you wish to send us confidential information, you can do so by sending it through the post.
We have implemented “Google reCAPTCHA” (hereafter referred to as “reCAPTCHA”) in order to protect the contact form on our website against Spambots and automated messages. reCAPTCHA is provided by Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). reCAPTCHA analyzes the behavior of the visitor and transfers information including personal data to Google. The information is transferred by using the HTTPS-protocol and the HTTP method POST, which ensures that only the CAPTCHA necessary for the validation and the anonymized IP address is transferred to Google.
The data processing in connection with reCAPTCHA is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its websites from abusive automated spying and SPAM.
3. Plugins und Tools
Third-Party Plugins and Content
We have included third-party content, such as maps provided by Google Maps or pictures from other websites, in our homepage. This always implies that the providers of this content (hereafter referred to as “third-party providers”) record the IP-address of the user. Otherwise they cannot send the content to the user’s browser. The IP-address is therefor indispensable for this content to be displayed. We aim to use only such content that is provided by such third-party providers that use the IP-address only for this purpose. But we cannot control whether the third-party providers save the IP-address for other reasons, e.g. statistical reasons. If we know this, we will inform the users.
Our website uses the map service of Google Maps to display maps and calculate routes. This service is offered by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
By using this website you consent to the collection, processing and use of automatically collected as well as voluntarily provided personal data by Google Inc., one of its representatives or third-party providers.
You can read the Google Maps terms and conditions here.
Google Web Fonts
This site uses so-called web fonts, provided by Google, for the uniform representation of fonts. When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
To do this, the browser you use must connect to Google’s servers. As a result, Google learns that our website has been accessed via your IP-address. The use of Google Web Fonts is in the interest of a consistent and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
If your browser does not support web fonts, a default font will be used by your computer.
This website uses Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.
However, in the event that IP anonymisation is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other states which are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and the internet.
This website uses Google Analytics with the extension "_anonymizeIp()". IP addresses are therefore only processed in abbreviated form in order to exclude the possibility of direct personal references. Further information on Google's data protection can be found here: https://support.google.com/analytics/answer/6004245?hl=en.
We have integrated components of the ZiftONE service on our website. ZiftONE is a service of Zift Solutions, Inc. and offers marketing automation for companies.
ZiftONE is used to store and transmit data entered into forms using cookies, to send marketing e-mails or automated messages, to create targeted campaigns and to facilitate reporting and analysis. In addition, ZiftONE allows us to analyse whether the e-mails sent have been opened, how many users have received an e-mail and whether users have unsubscribed from the newsletter after receiving an e-mail. In this case, your data will be passed on to the operator of ZiftONE, Zift Solutions, Inc, 30 Montgomery St, Suite 1210 Jersey City, NJ 07302, USA.
Social network; service provider: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.facebook.com.
Social network; service provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
Social network; Service provider: XING SE, Dammtorstraße 29-32, 20354 Hamburg, Germany, website: www.xing.com.
Social network; service provider: LinkedIn Ireland Limited Company, Wilton Place,Dublin 2,Ireland.
To send our newsletter, we use a service of CleverReach GmbH & Co KG, Mühlenstr. 43, 26180 Rastede, Germany, which process your personal data on our behalf in accordance with Art. 28, GDPR. Your data will not be forwarded to third parties.
Type and scope of processing
If you register on our website to receive our newsletter, we collect your e-mail address and other data collected on a voluntary basis and store this information together with the date of registration and your IP address. You will then receive an e-mail in which you must confirm your registration for the newsletter (double opt-in). If you do not confirm the registration, it will expire automatically and the data will not be processed for the newsletter dispatch.
Purpose and legal basis
We process your data for the purpose of sending out the newsletter on the basis of your consent in accordance with Paragraph 6 Para. 1 lit. a DSGVO. By unsubscribing from the newsletter, you can declare your revocation at any time with effect for the future in accordance with Art. 7 Paragraph 3, GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to send the newsletter without providing your data.
After registering for the newsletter, we store the data for a maximum of 7 days until the registration is confirmed. After successful confirmation, we will store your data until you revoke your consent (unsubscribe from the newsletter), and for technical reasons for a maximum of 7 days beyond that. Data that has been stored by us for other purposes remains unaffected by this.
In addition to the homepage www.ecs-gmbh.de, ECS GmbH also operates fan pages on social media platforms.
Herewith we would like to inform you about the data processing on the occasion of visiting our social media fanpages. According to the ruling of the European Court of Justice (ECJ) of 05.06.2018, it was decided that the operator of a fanpage together with the social media platform is a joint controller when processing personal data.
The legal basis for the operation of our fan pages on social media platforms - including that for the processing of personal data - is based on legitimate interest pursuant to Art. 6 Paragraph 1, tem f) of the GDPR. The purpose is timely customer communication as well as advertising and public relations.
Your IP address is collected and stored when you visit the social media platform. Usually, a cookie is set that stores your visit and other data about your session to the social media platform.
You can regularly visit the social media fan pages, regardless of whether you have a user account on the corresponding platform itself and are logged in or not. In both cases, however, your data will be processed by the social media platform.
If you are logged in on the respective social media platform, your visit will be recorded by cookies or other technical means and assigned to your user account. The social media platform is thus given the opportunity to analyze user behavior. Under certain circumstances, a user profile is generated with your interests, which can be used to display interest-based advertising within and outside the social media platform. This can even happen across devices. Furthermore, your data may be used for market research and advertising. Furthermore, your user profile and content can be recognized. For details, please refer to the following data protection declarations and information obligations of the social media platforms used.
ECS GmbH presents itself on the following social media platforms.
Hereby jointly responsible is:
ECS Engineering Consulting & Solutions GmbH
Ingolstädter Str. 47
92318 Neumarkt i.d.OPf.
phone: +49 9181 4764-10
Information about the Facebook page:
When you visit our Facebook page your data is transferred to the USA. Facebook Inc, is the American parent company of Facebook Ltd Ireland and is EU-US Privacy-Shield certified. This means that Facebook makes a commitment to adhere to and implement privacy policies at the European level. More information: Privacy Shield Facebook: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
We have no influence or insight on the compliance with these guidelines. We cannot exclude the possibility that risks and transfers of user data to third countries may take place. Facebook recognizes its primary responsibility in an agreement https://www.facebook.com/legal/terms/page_controller_addendum concluded with us on our joint responsibility for the processing of data and, in particular, guarantees that you can exercise your rights of access, etc. as described in the general section.
As the operator of the Facebook page, we have no interest in the collection and processing of individual personal data of our visitors. We do not collect any data here for market analysis or marketing purposes.
The following user data is collected by Facebook:
- Advertising (analysis tools, tracking and personalized advertising)
- Creation and evaluation of user profiles
- Market research and marketing analysis
Cookies by Facebook
Objection options (so-called opt-out) can be set here: https://www.facebook.com/settings?tab=ads.
Statistical data collection by Facebook
Facebook provides us with statistical data by means of Facebook Insights. This application can help to discover further information about demographics, location or consumer behavior of potential customers. Facebook Insights examines who you have reached with your own advertising message. The corresponding data can then be displayed either for all Facebook users or for the fans of a page as well as for a defined custom audience. The Insights then provide more detailed info on:
- Demographics: Age, gender, relationship status, etc.
- Likes: information provided by fans for other Facebook pages
- Location and language settings of users
- Phone number
- Activity of the selected users
- Proportion of women and men
- Route planner
You can strongly influence the processing of your data on Facebook in various respects when you are logged in. You can set your "Timeline", i.e. what is visible of you and your page, here: https://www.facebook.com/settings/?tab=timeline&privacy_source=timeline_gear_menu. Furthermore, you can set your advertising preferences here: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.
LinkedIn Ireland Limited Company,
LinkedIn provides statistics. These are generated and made available without our involvement. The data includes statistical data as well as interactions. You can strongly influence the processing of your data on LinkedIn in various respects when you are logged in.
You can switch off the LinkedIn advertising cookie here (opt out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Tel.: +49 40 419 131-0,
Data Protection Officer:
Mr. Felix Lasse,
Xing provides statistics. These are generated and made available without our involvement. The data includes statistical data as well as interactions.
Twitter International Company
Attn: Data Protection Officer
One Cumberland Place, Fenian Street
Dublin 2, D02 AX07 IRELAND
If you visit our channel on Twitter, your data may be transferred to the USA. Twitter is registered with Privacy Shield and is obliged to comply with EU data protection rules.
Twitter provides statistics. These are generated and made available without our involvement. The data includes statistical data as well as interactions.
You can influence the processing of your data on Twitter in various respects when you are logged in. You can set your privacy on Twitter here: https://twitter.com/personalization.
Data subject rights of the users of the social media platforms
Unfortunately, we cannot fulfill our information obligations under Art. 13 EU GDPR, as only the social media platform operator has full access to the user data. If you wish to exercise your data subject rights, please contact the social media platform operator directly. These rights include the following:
Right to information and access to personal data:
You can request information as to whether and to what extent your data is being hold or processed.
Right to rectification:
If your data is incomplete or incorrect, you can request a correction or completion at any time.
Right to erasure:
You may request the erasure of your data if it is processed unlawfully or if the processing disproportionately interferes with your legitimate interests of protection. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated retention obligations. Irrespective of the exercise of your right to deletion, your data will be deleted immediately and completely, provided that there is no legal or statutory retention obligation in this respect.
You may request the restriction of the processing of your data if
- you dispute the accuracy of the data, for a period of time that allows us to verify the accuracy of the data.
- the processing of the data is unlawful, but you refuse erasure and request restriction of data use instead,
- we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
- you have objected to the processing of the data.
Right to data portability:
You may request that the data you have provided be made available in a structured, commonly used and machine-readable format and that you be able to transfer this data to another controller without hindrance, provided that this data is processed on the basis of a consent given by you that can be revoked or for the performance of a contract between us, and this processing is carried out with the help of automated processes. If technically feasible, you may request a direct transfer of your data to another controller.
Right to object:
If your data is processed for legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. Your data will then no longer be processed unless compelling legitimate grounds for the processing can be demonstrated which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons.
Right of complaint:
If you are of the opinion that German or European data protection law has been violated in the processing of your data, please contact us so that we can clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision. If you wish to assert any of the aforementioned rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.
If you require assistance in this regard or have any other questions, please feel free to contact us by e-mail at email@example.com. If you no longer wish to have the data processing described here in the future, please cancel the connection of your user profile to our social media platforms by using the functions "I no longer like this page" and/or "Unfollow".
- User details: first name, last name, telephone (optional), e-mail address, department (optional), organization (optional).
- Meeting metadata: Topic, description (optional), attendee IP address, device, hardware information, location, language settings, operating system.
- For recordings (optional): MP4 file of all video, audio, and presentation recordings, M4A
Dial-in by phone:
When dialing in by phone, information about the incoming and outgoing phone number, country name, start and end time are processed. If necessary, further connection data such as the IP address may be stored in the case of Voice-over-IP (VOIP) use.
Processing of text data:
If you use a chat, question or survey function in the webinar, this content data will be processed for the purposes of communication within the webinar. In addition, the chat history is stored in a text file that reflects the name, first name (or a pseudonym) and the text of the chat message. This data is only processed for the purpose of following up on the content of the webinar and is only passed on within ECS in anonymized form.
Processing of audio and video data :
We have the possibility to record our webinars. The recording happens only after consent by the participant. If you contribute verbally and/or use the video function to enable visual transmission of your image, this personal data will be processed for the purpose of communication within the webinar. If you activate the microphone or camera of your terminal device yourself, the above-mentioned data processing may take place.
Recipients of the data and third country transfer (EU foreign countries):
We have concluded a contract with the provider LogMeIn Ireland Limited, The Reflector 10 Hanover Quay, Dublin 2, D02R573, Ireland (hereinafter "LogMeIn") for commissioned processing in accordance with Art. 28 GDPR. The software provider LogMeIn Inc. is based in the USA in a so-called third country. Guarantees within the meaning of Art. 44 et seq. GDPR are the use of the so-called EU standard contractual clauses. The adequate level of protection is guaranteed by the use of these EU standard contractual clauses in the context of the order processing contract.
Furthermore, other participants of the webinar might see and hear you and your contributions and are in this respect recipients of your data. Personal data will not be disclosed to third parties outside the scope described here without explicit consent.
LogMeIn Inc. as provider of GoToWebinar has activated Google Analytics on its corporate website. We have neither influence nor access to this data processing carried out by LogMeIn Inc. Nevertheless, we would like to draw your attention to this data processing: You can read details about the use of Google Analytics by LogMeIn Inc. here (https://www.logmeininc.com/de/legal/privacy/us#analytics). You can also set your browser not to accept cookies before clicking on the registration or participation link.
Duration of processing, deletion of data:
All data relating to the webinar will be deleted no later than six months after the webinar. Data on your device will remain until your browser data is deleted. You will be notified of the storage duration of recorded online webinars prior to the start of recording. If you withdraw your consent, we will delete the data recorded about you.
Possibility of objection and removal:
You can object to the processing of your data at any time by leaving the online webinar. Please inform us of your objection to the storage of your data in reports by sending a message to the contact details provided. Any consent to the recording of online webinars can be revoked at any time. You can also reach us for this purpose using the contact details provided. The revocation of consent does not affect the lawfulness of the processing that took place until the revocation.
As visitor of our website you can reach our external data protection officer for questions about data privacy at:
Datenschutz Pöllinger GmbH
Dresdner Str. 38
92318 Neumarkt i.d.OPf.