Start / Privacy Policy

Data protection information

STUVA takes the protection of your data very seriously. We want you to know when we collect which data and how we use it. Your personal data is processed in accordance with the applicable data protection regulations, in particular the EU Data Protection Basic Regulation (DSGVO) and the Federal Data Protection Act (BDSG).

Further technical developments of our website as well as changes in the legal framework may necessitate adjustments to this data protection declaration. We therefore recommend that you read through this data protection declaration from time to time.

*
*
*

*

At a glance

Who's in charge?

The data processing on this website is carried out by the operator (STUVA). The contact data can be found in the imprint of this website or point I of the following detailed explanation.

How do we collect your data?

On the one hand, your data is collected by you voluntarily providing us with it. For example, this may involve data that you actively enter in a contact form. When you visit our website, further technical data is automatically collected by our IT systems.

What do we use your data for?

Some of the data is collected in order to ensure error-free and user-friendly provision of the website on your terminal device. Other data is used to analyse user behaviour and thus to improve our services. We only collect directly personal data in cases where you wish to make use of specific services from us.

What rights do you have?

You have the right to obtain information about the type, scope and purpose of the user data stored during your visit at any time. You also have the right to demand the correction, blocking or deletion of this data. You can contact us at any time if you have any further questions on the subject of data protection. In addition, you have the right to appeal to the responsible supervisory authority.

Please note the following detailed data protection declaration.

Privacy statement

Personal data (hereinafter mostly referred to as "data") is processed by us only within the scope of necessity and for the purpose of providing a functional and user-friendly Internet presence, including its contents and the services offered there.

According to Art. 4 Item 1. The processing of personal data as defined in Regulation (EU) 2016/679, i.e. the Basic Data Protection Regulation (hereinafter referred to as "DSGVO"), means any operation or series of operations carried out with or without the aid of automated procedures in connection with personal data, such as collection, recording, organisation, arrangement, storage, adaptation or alteration, reading, retrieval, use, disclosure by transmission, dissemination or any other form of provision, alignment or linkage, limitation, erasure or destruction.

With the following data protection declaration we inform you in particular about type, extent, purpose, duration and legal basis of the processing of personal data, as far as we decide either alone or together with others about the purposes and means of the processing. In addition, we will inform you below about the third-party components used by us for optimisation purposes and to increase the quality of use, insofar as third parties process data on their own responsibility.

Our data protection declaration is structured as follows:

I. Information about us as responsible persons
II. rights of users and data subjects
III. Information on data processing

I. Information about us as responsible persons

Responsible provider of this website in the sense of data protection:

Study society for tunnels and traffic installations e. V.
Mathias-Brüggen-Strasse 41
50827 Cologne, Germany
Germany (German)

Phone: +49 221 59795-0
Fax: +49 221 59795-50
email

II. Rights of users and data subjects

With regard to the data processing described in more detail below, users and data subjects have the right to

  • to information and disclosure about the stored data, to further information about the type and scope of the data (further) processing and to copies of the data (cf. also Art. 15 DSGVO);
  • to correct or complete inaccurate or incomplete data (cf. also Art. 16 DSGVO);
  • to the immediate deletion of the data concerning them (cf. also Art. 17 DSGVO) or, alternatively, if further processing is required pursuant to Art. 17 para. 3 DSGVO, to the restriction of processing pursuant to Art. 18 DSGVO;
  • to receive the data concerning them and provided by them and to transfer these data to other providers/responsibles (cf. also Art. 20 DSGVO);
  • upon complaint to the competent supervisory authority if they are of the opinion that the data relating to you are being processed by the provider in violation of data protection provisions (cf. also Art. 77 DSGVO). The competent supervisory authority for data protection issues is the data protection officer of the federal state in which our company is based.


In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider about any correction or deletion of data or the restriction of processing which takes place on the basis of Articles 16, 17 para. 1, 18 DSGVO. However, this obligation does not apply if such notification is impossible or involves disproportionate effort. Notwithstanding the foregoing, the User shall have the right to obtain information about such recipients.

Users and data subjects also have the right under Art. 21 DSGVO to object to the future processing of data concerning them, provided that the data are processed by the provider in accordance with Art. 6 para. 1 lit. f) DSGVO. In particular, an objection to data processing for the purpose of direct marketing is admissible.

 III. Information on data processing

Technical and organisational protective measures


This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

The data logged and processed when using our website are routinely deleted or blocked as soon as the purpose of storage no longer applies, there are no legal storage obligations to prevent the deletion of the data and in the following no information to the contrary is provided on individual pages.

Server data

For technical reasons, in particular to ensure a secure and stable Internet presence, data is transmitted to us or to our web space provider via your Internet browser. With these so-called server log files, the type and version of your Internet browser, the operating system, the website from which you switched to our Internet presence (referrer URL), the website(s) of our Internet presence that you visit, the date and time of the respective access and the IP address of the Internet connection from which the use of our Internet presence is made are collected.

This data is stored temporarily, but not together with other data from you.

This storage takes place on the legal basis of Art. 6 Para. 1 lit. f) DSGVO. Our legitimate interest lies in improving the stability, functionality and security of our website.

The technical data will be deleted after seven days at the latest, unless further storage is required for evidence purposes. Otherwise, the data shall be completely or partially excluded from deletion until the final clarification of an incident.

Cookies

a) Session cookies

We use so-called cookies with our Internet presence. Cookies are small text files or other storage technologies that are stored on your terminal device by the Internet browser you use. These cookies are used to process certain information from you to an individual extent, such as your browser or location data or your IP address. 

This processing makes our Internet presence more user-friendly, more effective and safer, as the processing makes it possible, for example, to reproduce our Internet presence in different languages or to offer a shopping basket function.

The legal basis for this processing is Art. 6 Para. 1 lit. b.) DSGVO, insofar as these cookies are used to process data for contract initiation or contract execution.

If the processing does not serve the contract initiation or contract execution, our legitimate interest lies in improving the functionality of our website. The legal basis in this case is Art. 6 Para. 1 lit. f) DSGVO.

These session cookies are deleted when you close your Internet browser.

b) Third party cookies

If necessary, cookies from partner companies with whom we cooperate for the purpose of advertising, analysis or the functionalities of our Internet presence may also be used with our Internet presence.

Please refer to the following information for details, in particular on the purposes and legal basis for processing such third-party cookies.

c) Possibility of disposal

You can prevent or restrict the installation of cookies by setting your Internet browser. You can also delete cookies that have already been saved at any time. However, the steps and measures required for this depend on the Internet browser you are using. If you have any questions, please use the help function or documentation of your Internet browser or contact its manufacturer or support. Our Internet pages do not generate Flash cookies on your end device.

If you prevent or restrict the generation of cookies, this may lead to the fact that not all functions of our website are fully usable.

Contact enquiries / Contact possibility

If you contact us via contact form or e-mail, the data you provide will be used to process your enquiry. In this context, we only collect data that is necessary for processing and answering your enquiry.

The legal basis for this processing is Art. 6 Para. 1 lit. b) DSGVO.

Your data will be deleted if your request has been answered conclusively and if there are no legal obligations to retain data to prevent deletion, e.g. in the case of subsequent contract processing.

Newsletter / Mailing lists (phpList)

By entering and confirming your e-mail address, you allow us to collect, store and use the personal data that we need from you in order to send you information, news and dates of our events at irregular intervals. The data will be used exclusively for this purpose and will not be passed on to third parties. You will receive a confirmation e-mail to which you must reply (double opt-in). Only then will you be included in our mailing list. This permission can be revoked at any time, e.g. by using the unsubscribe link contained in the e-mails, by sending a message using the above form or via the following link:
www2.stuva.de/lists/

Customer account / Registration function / Payment processing

a) Registration for events via ConfTool

We use the ConfTool for the organisation and handling of conferences, congresses and seminars. The provider is ConfTool GmbH, Hochrad 58, 22605 Hamburg, Germany.

If you create a customer account with us via our website or a forwarding to ConfTool, we will collect and store the data you entered during registration (e.g. your name, address or e-mail address) exclusively for pre-contractual services, for contract fulfilment or for the purpose of customer care. At the same time, we store the IP address and the date of your registration together with the time.

As part of the further registration process, your consent to this processing will be obtained and reference will be made to this data protection declaration. The data collected by us will be used exclusively for the provision and administration of the customer account and for the performance of contractually guaranteed services.

If you agree to this processing, Art. 6 Para. 1 lit. a) DSGVO is the legal basis for the processing.

If the opening of the customer account also serves pre-contractual measures or the fulfilment of the contract, the legal basis for this processing is also Art. 6 para. 1 lit. b) DSGVO.

You may revoke the consent given to us to open and maintain the customer account at any time with effect for the future in accordance with Art. 7 para. 3 DSGVO. All you have to do is inform us of your revocation.

The data collected in this respect will be deleted as soon as processing is no longer necessary. However, we must comply with tax and commercial retention periods.

You can find more information about ConfTool's data protection at: https://www.conftool.net/de/mehr_ueber_conftool/datenschutz.html.

b) Payment processing via STRIPE

If you place an order via ConfTool and select "Credit Card" as the payment method, payment will be processed by the payment service provider Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland, to whom we will send the data (name, invoice amount, currency, reference and transaction number) required for processing the order.

The legal basis for this processing is Art. 6 Para. 1 lit. b) DSGVO.

Your credit card data will be transmitted exclusively to the payment service provider. There is no intermediate storage on our systems or at the host ConfTool. Your data will only be passed on to the payment service provider Stripe Payments Europe Ltd. for the purpose of payment processing and only to the extent necessary.

You can find more information about Stripe's data protection at: stripe.com/de/privacy.

Media Plugins

a) YouTube

Our website uses plugins from the YouTube page operated by Google. The site is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

When you visit one of our pages equipped with a YouTube plug-in, a connection is established to YouTube's servers. This will tell the YouTube server which of our pages you have visited.

If you are logged into your YouTube account, you can allow YouTube to directly associate your surfing behavior with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f) DSGVO.

Further information on the handling of user data can be found in YouTube's data protection declaration at: https://www.google.de/intl/de/policies/privacy.

b) Google Web Fonts

This page uses so-called web fonts for the uniform display of fonts. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

To do this, the browser you are using must connect to Google's servers. This will enable Google to know that your IP address has been used to access our website.

The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f) DSGVO.

If your browser does not support web fonts, a standard font will be used by your computer.

Further information on Google Web Fonts can be found at developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/ .

c) Google Maps

This page uses the Google Maps map service via an API. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the features of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy retrievability of the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f) DSGVO.

You can find more information on the handling of user data in Google's data protection declaration: https://www.google.de/intl/de/policies/privacy/.

d) Google reCAPTCHA

To prevent spam mails, we use the reCAPTCHA service of Google Inc. in connection with contact forms. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This serves to differentiate whether the input is made by a natural person or whether it is misused by mechanical and automated processing. The use of Google reCAPTCHA is in the interest of the secure operation of our online services and therefore constitutes a legitimate interest within the meaning of Art. 6 Para. 1 lit. f) DSGVO.

The service includes sending the IP address and any other data required by Google for the reCAPTCHA service to Google. The provider of this page has no influence on this data transfer.

You can find more information on the handling of user data in Google's data protection declaration: https://www.google.de/intl/de/policies/privacy/.

e) LinkedIn button

We use components of the LinkedIn network on our site. LinkedIn is a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

Clicking on the LinkedIn button on our site will take you to our company profile on this platform. If you click on the button while logged in to your LinkedIn account, you can link the content of our pages to your LinkedIn profile. This enables LinkedIn to assign the visit to our pages to your LinkedIn user account.

The use of LinkedIn is in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f) DSGVO.

We have no influence on the data that LinkedIn collects through this, nor on the extent of this data collected by LinkedIn. Nor do we have any knowledge of the content of the data transmitted to LinkedIn. Details about the data collection by LinkedIn as well as about your rights and settings can be found in LinkedIn's privacy policy. You can find this information at http://www.linkedin.com/legal/privacy-policy

Data protection for applications and in the application process

The data controller collects and processes the personal data of applicants for the purpose of processing the application procedure. Processing may also be carried out electronically. This is particularly the case if an applicant submits the relevant application documents electronically, for example by e-mail or via a web form on the website, to the data controller. If the data controller concludes an employment contract with an applicant, the data transmitted shall be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude a contract of employment with the applicant, the application documents shall be deleted two months after notification of the rejection decision, unless deletion conflicts with any other legitimate interests of the controller. Other legitimate interests in this sense are, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz - AGG).

Status: 29.05.2018. Subject to change without notice.