We attach great importance to protecting personal data. Therefore, STEAG GmbH processes your data in accordance with the provisions of the European Data Protection Regulation (GDPR) and the other applicable statutory provisions on the protection of personal data and data security.
The following information applies to our Internet presence (hereinafter referred to as “Website”) and provides you with an overview of what personal data we collect from you through our Website and for what purposes and in what way we use such data. In addition, we provide you with information about the rights you have in relation to your personal data.
1. CONTROLLER UNDER DATA PROTECTION LAW
2. CONTACT DETAILS OF OUR DATA PROTECTION OFFICER
Group Data Protection Officer
Rüttenscheider Str. 1–3
3. PURPOSES AND LEGAL BASES OF PROCESSING
You can use virtually the whole of the Internet service of STEAG without us requiring personal data from you. Only a small number of services which you can find on our web pages require the provision of personal data in order for you to be able to use them.
3.2 Legal basis
The legal basis is our legitimate interest in publishing our own information about our company, in making our Website content attractive and usable, and in identifying and rectifying possible technical issues (Art. 6 para 1 first sentence lit. f) GDPR).
When contacting us via a contact form, you consent to the data you provide (e.g. your e-mail address, name, telephone number) being stored by us in order to answer your questions. Your data will be deleted after processing your request (Art. 6 para 1 first sentence lit. a) GDPR).
4.1 Logging in and using the Website
When you visit the STEAG Website, technical access data is automatically recorded and evaluated by the Internet server (web server) of STEAG. However, this data cannot be allocated to a specific person; rather, the individual user remains anonymous. Data recorded includes:
- IP address
- Date and time of enquiry
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (concrete page)
- Access status/HTTP status code
- Amount of data transferred
- Website from which the request originates
- Operating system and its user interface
- Language and version of the browser software
5. RECIPIENTS OF YOUR DATA / TRANSFER TO THIRD COUNTRIES
The processing of data will be carried out generally within a member state of the European Union (EU) or within a member state of the European Economic Area (EEA). Transfer of personal data to a third country or access to such data from a third country shall only take place if the special requirements of Art. 44 ff. GDPR are satisfied (e.g., by agreement of Standard Contractual Clauses or if the recipient acts on a legal basis adopted by the European Commission pursuant to Art. 45 (1) GDPR (so-called “adequacy decision”)). For more details, please refer to the individual service providers mentioned in section 4 hereinabove.
6. YOUR RIGHTS
You have a right of access, i.e. you may request that we disclose to you all your personal information that we have collected and hold for a certain period of time (Art. 15 GDPR). Furthermore, you may also request rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR) or restriction of processing (Art. 18 GDPR) and have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG).
If we process your personal data on the basis of your consent, you may withdraw this consent at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent prior to your withdrawal of consent, but prevents future processing.
Notices of withdrawal of consent and other requests can be addressed to our Group Data Protection Officer.
Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time. You can inform us of your objection to advertising using the following contact details: email@example.com
We take your inquiries and concerns very seriously and always endeavor to address them.
Furthermore, you have the right to lodge a complaint with a data protection supervisory authority pursuant to Article 77 GDPR in conjunction with Section 19 BDSG. In North Rhine-Westphalia, the competent data protection supervisory authority is: Landesbeauftragte für Datenschutz und Informationsfreiheit (State Commissioner for Data Protection and Freedom of Information), North Rhine-Westphalia Kavalleriestr. 2 – 4, 40213 Düsseldorf, Germany.
Last updated: June 2021
Last updated: June 2021