IMS-Gear Logo

Privacy Statement

Privacy Statement

IMS Gear SE & Co. KGaA takes your legitimate data protection concerns very seriously and observes the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG-new), the Telecommunications Digital Services Data Protection Act (TDDDG) and, if applicable, the regulations of others applicable data protection regulations.

IMS Gear SE & Co. KGaA handles the data transmitted by you with care and conscientiousness. Insofar as data of whatever kind are collected, processed, or used, this is always performed within the framework of legal regulations or by your explicit consent.

The protection of the private sphere is of decisive importance for the future of Internet-based business models and for the development of an Internet-based economy. With this declaration, IMS Gear SE & Co. KGaA underlines its commitment to the protection of the private sphere. Below you will find out how IMS Gear SE & Co. KGaA deals with personal data on this website.

Other privacy regulations may apply to individual businesses of IMS Gear SE & Co. KGaA. We therefore ask you to carefully read the privacy statements of all websites that you visit.

Responsible Person acc. art. 4, sect. 7 General Data Protection Regulation (DSGVO) is:

IMS Gear SE & Co. KGaA

registered in the trade register of the district court Freiburg under HRB 714815
Heinrich-Hertz-Straße 16
78166 Donaueschingen (Germany)


E-Mail: info(at)imsgear.com

Tel. +49 (0)771 8507-0
Fax +49 (0)771 8507-444

You can reach the Data Protection Officer of IMS Gear SE & Co. KGaA under:

Thomas Fletschinger
Heinrich-Hertz-Straße 16

78166 Donaueschingen
dsb@imsgear.com

Global Privacy Standards

Our handling of personal data has been aligned with the global principles and standards with respect to a transparent use of personal data, the compliance with and granting of options, access regulations, rules concerning data integrity, data security, data transfer, and the monitoring of lawful processing. In particular, IMS Gear SE & Co. KGaA complies with the General Data Protection Regulation (DSGVO).

Data Collection During Visits to our Website

If you use our website for information purposes, i.e. if you do not register or otherwise transmit information, we only collect data that your browser transfers to our server (so-called “server logfiles”). When you call up our website, we collect the following data that we need for technical reasons to show you the website: Our visited website 

  • Date and time of access
  • Source/reference from where you got to the website
  • Browser used
  • Operating system used
  • IP address used (if applicable: in anonymous form)
  • Type of device
  • Information from UTM parameters

 The processing is performed acc. art. 6 sect. 1 lit. f DSGVO based on our justified interest in the improvement of stability and functionality of our website. A transfer or other use of data does not take place. However, we reserve the right to retroactively check the logfiles in case of concrete indications of illegal usage.
 

Consent

By using this website, you consent to the electronic saving and use of your data as described below. Changes of this privacy statement are always announced on this site so that you will always be informed which data IMS Gear SE & Co. KGaA saves and how they are used.

Where required by applicable data protection rights, you are also explicitly asked for your consent to the further processing of the personal data that have been collected on this website or that you have provided.

 General Notes on the Legal Foundations of Data Processing on This Website

Insofar as you have given your consent to the data processing, we process your personal data based on art. 6 sect. 1 lit. a DSGVO resp. art. 9 sect. 2 lit. a DSGVO, insofar as particular data categories acc. art. 9 sect. 9 DSGVO are processed. Insofar as you have given your consent to the storage of cookies or the access to information in your end device (e.g. via device fingerprinting), the data processing is additionally carried out on the basis of § 25 sect. 1 TTDSG. The consent can be revoked at any time. If your data are necessary to fulfil a contract or to carry out pre-contractual measures, we process your data based on art. 6 sect. 1 lit. b DSGVO. Furthermore, if your data are required to fulfil a legal obligation, we process them based on art. 6 sect. 1 lit. c DSGVO. The data processing can also be performed based on our justified interest acc. art. 6 sect. 1 lit. f DSGVO. The following sections of the privacy statement inform about the legal foundations that are relevant in individual cases.

Collection and Processing of Personal Data

IMS Gear SE & Co. KGaA desires to better understand your wishes and interests and to offer you optimum service. Therefore, IMS Gear SE & Co. KGaA collects and uses personal information in the way described below and in accordance with applicable data protection law.

When you visit our website, we collect your IP address and set cookies and other Internet technologies (subsequently called “automated tools” and “integrated weblinks”) by means of which general information about the visitors of our website and their interests can be gained. Below we explain which technologies are used and what type of information can be collected in this way.

Furthermore, we collect and process data you provide voluntarily, e.g. when you register for events, subscribe to newsletters, take part in online surveys, join discussion groups or forums, or make purchases.

Which Data are Collected and Why?

Consent with Cookiebot / Usercentrics

Our website uses Cookiebot's consent technology to obtain your consent to store certain cookies on your device or to use certain technologies and to document this in accordance with data protection regulations. 

This technology is provided by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter referred to as ‘Cookiebot’).

Cookiebot is a trademark of Usercentrics A/S. In September 2021, the Danish company Cybot (parent company of Cookiebot) merged with the Munich-based consent management provider Usercentrics.

When you visit our website, a connection is established to Cookiebot's servers in order to obtain your consent and other declarations regarding the use of cookies. Cookiebot then stores a cookie in your browser in order to be able to assign the consents you have given or their revocation to you. The data collected in this way is stored until you request us to delete it, delete the Cookiebot cookie yourself or the purpose for data storage no longer applies. Mandatory legal retention obligations remain unaffected.

Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

E-mail addresses

When contacting us by email or via a contact form (in the job exchange), we will retain the data you provide to us (your email address, possibly your name and your phone number) to respond to your request. The data collected in this context will be erased by us as soon as there is no need to retain them anymore, or we will restrict the processing provided a legal retention period applies.

We will not share your e-mail address with third parties. You may decide any time to no longer receive e-mails sent by IMS Gear SE & Co. KGaA.

 

Contracting external service providers

We work with service providers who process certain data on our behalf. This is only done in compliance with the applicable data protection law. In particular, we have concluded agreements with our service providers regarding data processing on our behalf; these agreements comply with the requirements of Article 28 of the GDPR.

 

Sharing of data, transfer to a third country

Your personal data will not be transferred to third parties other than for the following purposes: We only transfer your data to third parties if:

a) You have given your explicit consent in accordance with Art. 6(1)(1)(a) of the GDPR, § 26(2) of the German Federal Data Protection Act (Bundesdatenschutzgesetz);

b) The transfer is necessary pursuant to Art. 6(1)(1)(f) of the GDPR for the assertion, exercise or defense of legal claims and there is no reason to believe that you have an overriding legitimate interest in the non-transfer of your data;

c) In case the transfer is necessary for compliance with a legal obligation pursuant to Art. 6(1)(1)(c) of the GDPR; and

d) The same is permitted by law and is necessary pursuant to Art. 6(1)(1)(b) of the GDPR, § 26(1) of the of the German Federal Data Protection Act for concluding a contractual relationship with you or for pre-contractual measures at your instigation.

No transfer to a third country or an international organization is intended, and there will neither be any automatic decision-making, unless otherwise provided for hereinafter in this Privacy Policy.

If required, information of IMS Gear SE & Co. KGaA is also shared with business partners, service providers, third parties, or subcontractors. This may be required to render a requested service or transaction, such as order fulfilment, to provide customer service or to inform you about products and services.

Your personal data will not be shared for marketing purposes, sold or made available to third parties in any other way without your prior consent.

IMS Gear SE & Co. KGaA may be obliged to disclose your data and associated information upon court or administrative order. We also reserve the right to use your data to assert or defend against legal claims.

In case of acquisition or merger with another company, a disclosure or transfer of personal data to potential or actual purchasers may be required. In such a case, IMS Gear SE & Co. KGaA will strive to maintain the highest possible level of data protection.

In accordance with applicable law, IMS Gear SE & Co. KGaA reserves the right to store and disclose personal and other data to detect and combat illegal activities and attempted fraud or a violation of our conditions of use.

 

Analytics tools

The tracking measures listed in the following and used by us will be taken on the basis of Art. 6(1)(1)(f) of the GDPR. Tracking measures are used to ensure a need-based design and the continuous improvement of our website. On the other hand, we use the tracking measures to statistically analyze the use of our website and to optimize our services for you These interests shall be regarded as legitimate within the meaning of the aforementioned provision. The respective data processing purposes and data categories shall be taken from the tracking tools which are specified in the following.

 

Privacy Policy for the Use of Google Analytics

This website uses Google Analytics, a web analysis service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google (Universal) Analytics uses so-called “cookies”, i.e. text files that are saved on your end device and allow to analyze your use of the website. The information on your use of this website generated by the cookie (including the shortened IP address) is usually transferred to a server of Google and saved there; this may also involve a transfer to the servers of Google LLC. in the USA.

This website uses Google Analytics exclusively with the extension "_anonymizeIp()” that ensures the anonymization of the IP address by shortening and excludes the possibility of direct personal identification. By the extension your IP address is shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is transferred to a server of Google LLC. in the USA and shortened there.

On our account, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide us with further services in connection with the website and internet usage. In doing so, the IP address transmitted by your browser within the framework of Google Analytics will not be merged with other data from Google.

Beyond that, by means of a special function, the so-called “demographic features”, Google Analytics allows to create statistics with information on age, sex and interests of the site visitors based on an evaluation of interest-related advertisement and by using third-party information. This allows the definition and differentiation of user circles of the website for the purpose of a target group-optimized alignment of marketing measures. However, the data sets recorded by means of the “demographic features” cannot be allocated to an individual person.

Please look here for details on the processings triggered by Google Analytics and on Google’s handling of data and websites:

https://policies.google.com/technologies/partner-sites

All processings described above, in particular the setting of Google Analytics cookies for the extraction of information on the end device used, will only be performed if you have given us your explicit consent acc. art. 6 para. 1 lit. a DSGVO (General Data Protection Regulation). Without your consent, Google Analytics will not be used while you visit the site.

You can revoke your consent at any time with effect for the future. In order to revoke your consent, please deactivate this service in the “cookie consent tool” provided on this website.  For the use of Google Analytics, we have closed an order processing agreement with Google by which Google is obliged to protect the data of our site visitors and to refrain from passing them on to third parties.

For the transfer of data from the EU to the USA, Google refers to the so-called standard data protection clauses of the European Commission designed to ensure compliance with the European privacy level in the USA.

As an alternative to the browser plugin or within browsers on mobile devices, please click on the following link to set an opt-out cookie that will prevent the capture by Google Analytics within this website in the future (this opt-out cookie only functions in this browser and only for this domain; if you delete your cookies in this browser, you have to click on this link again): 

 

You will find further information on Google (Universal) here:

https://policies.google.com/privacy?hl=de&gl=de

 

Privacy policy applicable to the use and application of Mouseflow

This website uses Mouseflow, an analytics tool by Mouseflow, ApS (Flaesketorvet 68, 1711 Copenhagen V, Denmark), to track user activity, page content, click, touch, movement, scrolling, and (in some cases) keystrokes. This serves the purpose of optimizing our website with regard to customer needs. If you are located in Europe, your IP address, click activity and personal information will never be stored or shared with third parties. We process and store all data for our own website in Europe.

Processing is necessary for the fulfillment of a legal obligation (Art. 7(1) DSGVO) to which we are subject (Art. 6(1) p. 1(c) DSGVO).

If you want to opt out of being recorded by Mouseflow, you can do so here:

https://mouseflow.de/opt-out/ 

 

Privacy policy applicable to the use and application of A1 Webstats

The controller has integrated components by A1 Webstats on this website. The A1 Webstats components automatically recognize and qualify companies visiting a website. The A1 Webstats component enables the operator of a website who uses the component to generate leads, i.e. to qualify potential new customers.

The operating company of A1 Webstats is:

A1WebStats Ltd, Canterbury Innovation Centre, University Road
Canterbury, Kent, CT2 7FG, United Kingdom

We use an A1 Webstats tracking pixel. A tracking pixel is a miniature graphic that is embedded in a web page to enable log file recording and log file analysis to subsequently perform a statistical analysis.

A1 Webstats also sets a cookie on the information technology system of the data subject. What cookies are is explained above. Setting the cookie enables us to analyze the use of our website.

The data obtained is used to create pseudonymized usage profiles. The pseudonymized usage profiles are used for the purpose of analyzing visitor behavior and enable us to improve our online offer. The data collected via the A1 Webstats component will not be used to identify the data subject without obtaining the data subject's separate and explicit consent first. Such data will not be merged with personal data or with other data containing the same pseudonym.

Each time one of the individual pages of this website is opened, the Internet browser on the information technology system of the data subject is automatically prompted by the A1 WebStats component to transmit data for the purpose of online analysis.

 

The cookie enables the storage of personal information, for example, the time of access, the location from which an access originated and the frequency of visits to our website. This personal data, including the IP address of the Internet connection used by the data subject, is transmitted to the server of A1WebStats Ltd every time our websites are accessed. This personal data is stored by A1 Webstats, but is not passed on to third parties.

The data subject can prevent the setting of cookies by our website at any time by means of appropriate settings in the web browser used, as described above, thus permanently objecting to the setting of cookies. Such a setting in the web browser used would also prevent A1 Webstats from setting a cookie on the information technology system of the data subject. In addition, a cookie already set by A1 Webstats can be deleted at any time via a web browser or other software programs.

Processing is necessary for the fulfillment of a legal obligation (Art. 7(1) DSGVO) to which we are subject (Art. 6(1) p. 1(c) DSGVO).

Further information and the applicable privacy policy can be found at www.a1webstats.com/privacy-policy/.

 

Privacy Policy for the use of YouTube plug-ins

Our website uses plug-ins from the YouTube site operated by Google. The operator of this site is: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.

When accessing one of our pages that contain a YouTube plug-in, a connection to the servers of YouTube is established. This communicates to the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

We use YouTube to present our online offers in a visually appealing manner. This constitutes a legitimate interest as defined in Art. 6 Para. 1 lit. f of GDPR.

If you do not want to participate in the tracking process, you may generally disable automatic cookies in your browser settings. You can also block only specific cookies for conversion tracking by modifying your browser settings accordingly so that cookies of the “googleadservices.com” domain are not allowed.

For more information on the handling of user data, please refer to the YouTube privacy policy.

 

Address and link to the data protection statement of YouTube:

Google/YouTube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland  Privacy Policy:  https://policies.google.com/privacy,
Opt-Out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

 

Privacy Policy for the Use of HubSpot

General Information About HubSpot

HubSpot is primarily used for customer relationship management and as a service software (managing customer inquiries received through various channels), ticketing system, feedback, satisfaction, and other surveys.

Contacting Us

When you contact us (via contact form or email), the information you provide will be processed for handling and responding to your inquiry in accordance with Art. 6(1)(b) GDPR.

User information may be stored in our Customer Relationship Management system and Marketing Automation Platform (“CRM & Marketing System”) or a comparable request management system.

We use the CRM, registration, and marketing automation system “HubSpot,” provided by HubSpot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA), with offices in Ireland (One Dockland Central, Dublin 1, Ireland) and Germany (Am Postbahnhof 17, 10243 Berlin), based on our legitimate interests (efficient and swift handling of user inquiries and applications, as well as optimization of our online offering). For this purpose, we have concluded a contract with HubSpot based on the so‑called Standard Contractual Clauses, under which HubSpot is obligated to process user data only in accordance with our instructions and to comply with the EU data protection level.

You can find more information about HubSpot’s Data Processing Agreement and Privacy Policy here:

legal.hubspot.com/de/dpa

legal.hubspot.com/de/privacy-policy

Our registration service allows visitors to our website to learn more about our company, download content, and provide their contact information along with other demographic details. This information is stored on the servers of our software partner  HubSpot. We may use this data to contact visitors and to determine which of our company’s services are of interest to them. All information collected by us is subject to this privacy policy. We use all collected information exclusively to optimize our marketing efforts.

We delete inquiries once they are no longer required. We review the necessity every two years. Inquiries from customers with an existing customer account are stored permanently, and we refer to the information regarding account deletion. If legal retention requirements apply, deletion occurs after the respective periods have expired (end of commercial retention period: 6 years; tax retention period: 10 years).

Registration via Our Forms

Double Opt-In Procedure: Registration via our forms generally follows a double opt‑in procedure. This means that after registering, you will receive an email asking you to confirm your registration. This confirmation is necessary to ensure that no one can register using someone else’s email address.

The registration for the forms is logged to verify the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to the data stored with the email service provider are also logged.

Privacy Policy for the Use of the HubSpot Consent System

This website stores cookies on your computer. These cookies are used to collect information about your interaction with our website and allow us to remember you. We use this information to enhance your website experience and to create analytics and metrics about our visitors on this website and other media pages.

For more information, please refer to the cookie settings below.

Disclaimer

If you decline, your information will not be collected during your visit to this website. A single cookie will be placed in your browser to remember that you do not wish to be tracked.

 

Social Media

On our website, we use links to the social networks Facebook and Instagram. The social networks on our website are just embedded as links to the respective services. No data are transmitted to the services unless you click on the respective graphics. Upon clicking on the embedded graphics you will be forwarded to the page of the respective provider. User information will only then be transmitted to the respective provider.

Addresses of the respective providers and URLs with privacy notices:

a) Facebook

On our website, we use social plugins (“plugins”) of the social network facebook.com which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA (“Facebook”).

If you open our website with the plugin, it will establish a direct connection to the servers of Facebook via your browser. Hereby, the information that you have called up the page will be transferred to Facebook. If you are logged in with your Facebook account, the visit of our website can be directly attributed to your profile by clicking on the plugin. Even if you do not have a profile it cannot be excluded that your IP-address will be saved by Facebook. Please see the privacy notices of Facebook at www.facebook.com/about/privacy/ for the purpose and scope as well as the further processing and utilization of the data by Facebook and your respective rights and configuration options to protect your privacy.

If you are a member of Facebook and do not want Facebook to collect data about you via our online offer and connect them to your membership data saved by Facebook, you have to log out from Facebook before visiting our website and delete respective Facebook cookies. It is also possible to block Facebook social plugins with add-ons for the browser, e.g. by the “Facebook blocker”.

b) Instagram

On our website, plugins of the social network Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) are integrated. You can recognize the Instagram plugin from the “Instagram button” on our website. If you click on the Instagram button while being logged into the Instagram account, you can link the contents of our websites on your Instagram profile. Hereby, Instagram can allocate the visit to our sites to your user account. We would like to point out that as providers of our website we have no knowledge of the content of the data transmitted and their use by Instagram. Please find further information on the privacy policy of Instagram at instagram.com/about/legal/privacy/

Privacy Policy for LinkedIn

Privacy Policy for the LinkedIn Insight Tag

Within our online offering, we use the marketing functions (the so‑called “LinkedIn Insight Tag”) of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

Whenever one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn’s servers is established. LinkedIn is informed that you have visited our website with your IP address. With the help of the LinkedIn Insight Tag, we can analyze the effectiveness of our campaigns on LinkedIn or define target audiences based on how users interact with our online offering.

If you are registered with LinkedIn, LinkedIn can associate your interactions with our online offering with your user account. Even if you click the LinkedIn “Recommend” button while logged into your LinkedIn account, LinkedIn can associate your visit to our website with you and your user account.

Since personal data is transferred to the USA, additional protection mechanisms are required to ensure the level of data protection under the GDPR. To guarantee this, we have concluded Standard Contractual Clauses with the provider in accordance with Art. 46(2)(c) GDPR. These clauses obligate the data recipient in the USA to process the data in accordance with the European level of protection. In cases where this cannot be fully ensured through contractual extensions, we seek additional agreements and assurances from the recipient in the USA.

Privacy Policy: www.linkedin.com/legal/privacy-policy
Opt‑Out: www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Our benchmark also includes references to the Cookie Policy and data transfers to the USA. Here are the corresponding URLs:
LinkedIn Cookie Policy: www.linkedin.com/legal/cookie-policy
Data transfers to the USA under EU Standard Contractual Clauses:
www.linkedin.com/help/linkedin/answer/62533

Data Retention

IMS Gear SE & Co. KGaA retains personal data only for as long as necessary to fulfill the purpose for which it was collected or as required by law.

Links to other websites

Our website may contain links to third-party websites. IMS Gear SE & Co. KGaA is not responsible for data protection provisions, the content of websites or the content of third-party websites which do not belong to IMS Gear SE & Co. KGaA or affiliated companies.

Data storage

IMS Gear SE & Co. KGaA only stores personal data as long as required for the purpose for which they were collected, or as long as required by law.

 

Data protection in the application procedure

(1) We process applicant data only for the purpose and in connection with the application procedure in line with legal requirements. Applicant data is processed to fulfill our (pre)contractual obligations in the context of the application procedure in the sense of Article 6(1)(b) of the GDPR if data processing becomes necessary for us, e.g. in the context of legal proceedings (in Germany, § 26 of the German Federal Data Protection Act (BDSG) applies in addition).

(2) To start the application procedure, applicants must provide us with their data. Required applicant data includes personal data, postal and other contact addresses and the documents required for the application, such as cover letter, curriculum vitae and certificates/diplomas. In addition, applicants may voluntarily provide us with additional information.

(3) By sending their application to IMS Gear SE & Co. KGaA, the applicants agree to the processing of their data for the purpose of the application procedure in the way and extent described in this Privacy Policy.

(4) Insofar as special categories of personal data in the sense of Article 9(1) of the GDPR are voluntarily provided during the application procedure, their processing is additionally carried out pursuant to Article 9(2)(b) of the GDPR (e.g. health data, such as severe disability, or ethnic origin). Insofar as special categories of personal data in the sense of Article 9(1) of the GDPR are requested from applicants during the application procedure, their processing is additionally carried out pursuant to Article 9(2)(a) of the GDPR (e.g. health data) if this information is required to fulfill the job requirements.

(5) Applicants can send us their applications by post, by e-mail or upload them to our job exchange. Please note that e-mails are generally sent unencrypted, and the applicants themselves must ensure that they are encrypted. Therefore, we cannot assume any liability for the application during transmission from the moment it is sent until it is received on our server. If the applicant is concerned about data security when application documents are sent by e-mail, we recommend sending the application documents by post.

(6) The data provided by applicants may be further processed by us for the purposes of the employment relationship in case the application is successful. Otherwise, if an application for a job is not successful, the applicant’s data will be deleted. The applicants' data is also deleted if an application is withdrawn, which the applicants are entitled to do at any time.

(7) Data will be deleted after the end of the application procedure, which lasts six months, subject to a justified revocation by the applicants, so that we can answer any follow-up questions regarding the application and meet our obligations to provide evidence under the German Equal Treatment Act (AGG).


In case you have consented to further storage of your personal data, we will add your data to our candidate pool. In this case, the data will be deleted after two years.
Should your application for a job be successful, data from the application procedure system will be transferred to our human resources system and deleted 10 years after the employment relationship ends.

When registering for the IMS Gear SE & Co. KGaA job exchange in the respective form, the following details provided by you will be collected and stored: surname, given name, e-mail address, category, professional field and the country where you are looking to work. Furthermore, your consent to the storing of the data to the extent you have agreed to the same in the form for the job search. 

We will use the data only to contact you if we have a vacancy that meets your expectations or if we would like to offer you an adequate position. Such data will not be used for any other purposes. You can deregister from the Job exchange at any time. In order to do so, please send an email to jobs(at)imsgear.com.

As soon as you have deregistered as explained above, your data will be deleted unless a statutory retention period applies or any storing is required in order to assert or ward off any claims. If you are then still interested, we would like to ask you to register again using the contact form.

Invoices for any reimbursement of travel expenses will be archived according to tax regulations.

 

Data protection information for the use of Microsoft 365

We would like to inform you below about the processing of personal data in connection with the use of Microsoft 365 products.

  1. Purpose of processing

IMS Gear SE & Co. KGaA uses the Microsoft 365 application package as a work tool. Microsoft 365 comprises various applications (e.g. Microsoft Teams, Microsoft Office, Microsoft SharePoint, Microsoft Forms, MS OneDrive), all of which are operated in the cloud.

We also use the Microsoft 365 tool to communicate with you and to conduct telephone conferences, online meetings, video conferences and surveys, as well as queries with our clients, cooperation partners, service providers, suppliers, customers and participants.

  1. Information about Microsoft 365 software

We use Microsoft 365 software from Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399 USA (hereinafter ‘Microsoft’). This is operated as a cloud application. In some cases, a user account must be created in order to use the individual components. If this user account was not created by us and made available to you, Microsoft is the responsible body or the body that provided you with the access data.

In addition, Microsoft reserves the right to process user data for its own business purposes. In this context, Microsoft is an independent body. We have only limited influence over the use of your usage data by Microsoft. We take all possible measures to minimise the transfer of your usage data to Microsoft as far as possible, but we cannot completely prevent this.

Details and contact information, in particular regarding your rights vis-à-vis Microsoft, can be found at the following links if you have any questions about this topic:

General: https://privacy.microsoft.com/de-de/privacystatement

We have concluded data protection agreements with Microsoft to guarantee a minimum level of data protection. To this end, we have agreed that the processing of personal data by Microsoft will generally take place on servers in the EU.

For some services, however, data is still transferred to the USA, which is considered by the EU to be an unsafe third country in terms of data protection. In order to establish an adequate level of data protection in third countries comparable to that within the European Union, standard contractual clauses have also been concluded with Microsoft.

Please note that we have only limited influence on the processing of your usage data by Microsoft. To the extent that Microsoft processes personal data in connection with Microsoft's legitimate business operations, Microsoft is an independent data controller for this use and, as such, is responsible for complying with all applicable laws and obligations of a data controller.

3. Data processing for the technical delivery of services:

Certain information is automatically processed as soon as you access one of the Microsoft 365 applications:

  • IP address, technical information for the delivery of a correct web page
  • Data required for authentication, licence use, logging and misuse detection
  • Date and time of access, type of access

For the investigation and prosecution of legal violations:

If necessary to investigate illegal or abusive use of Microsoft 365 services or for legal prosecution, personal data will be forwarded to law enforcement agencies or other authorities, as well as to injured third parties or legal advisors, if applicable. However, this will only happen if there are indications of illegal or abusive behaviour. Disclosure may also take place if this serves to enforce terms of use or other legal claims. We are also legally obliged to provide information to certain public authorities upon request. These include law enforcement agencies, authorities that prosecute administrative offences punishable by fines, and tax authorities.

The processing of this information serves our legitimate interest in the effective provision and protection of the services used, as well as for legal prosecution. The legal basis is Art. 6(1)(f) GDPR.

 

Data protection information when using Microsoft 365 Teams

We use the Microsoft 365 Teams tool as an exchange platform for a variety of communication processes, including

  • to conduct training measures/online seminars
  • for virtual one-on-one meetings
  • for group meetings

In some cases, participation is possible without login details, while in others you must log in with your access data to participate in such meetings.

The following data is collected, which can usually also be displayed to the other participants:

  • Your user name (access data for Microsoft 365 applications)
  • At least your self-entered display name
  • A dial-in number that you use when dialling into a meeting by telephone

Possible additional identification features:

Information about yourself that you have stored as a user within Microsoft 365, in particular the following master data:

  • Surname, first name, contact details such as telephone number, email address, fax number, if these have been entered by you or the organisation from which you received the access data.
  • Other voluntary data (such as a profile picture you have stored)
  • Communication content (text, audio, video)
  • If audio or video content is recorded, you will be notified separately.

To enable video display and audio playback, data from your device's microphone and any video camera on your device will be processed for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time via the video conference application.

Further technical usage data is collected in the process:

  • Data within the scope of multi-factor authentication that you have stored yourself in your Microsoft account (e.g. optionally your (private) mobile phone number)
  • Information about the data/files/documents that were accessed
  • All activities related to use, such as creating, changing or deleting a document, setting up a team (and channels in Teams), taking notes in the notebook, starting a chat, replying in a chat

Insofar as the meetings take place within the framework of a contractual relationship between us, data processing is based on Art. 6 (1) (b) GDPR. If no contractual relationship exists, the legal basis is Art. 6 (1) (f) GDPR. In this case, our interest lies in the effective implementation of online meetings.

4. Recipients / disclosure of data

Personal data processed in connection with the use of Microsoft 365 products will not be disclosed to third parties, except in the cases described in section 5, unless it is specifically intended for disclosure.

5. Data processing outside the European Union

At least some of your data will also be transferred and processed outside the EU or the EEA, namely in the USA and other third countries.

The possible adequate level of protection is ensured by the conclusion of standard data protection clauses in accordance with Art. 46(2)(c) or (d) GDPR.

6. Deletion of data

We delete personal data as a matter of principle when there is no need for further storage. A need may exist in particular if the data is still required to fulfil contractual services, to comply with retention obligations or to enforce or defend legal claims. In the case of statutory retention obligations, deletion will only be considered after the respective retention obligation has expired. If you are registered as a user with Microsoft 365, reports on your usage data (login data and IP addresses, other metadata, telephone dial-in data, etc.) may be stored by the provider for up to 90 days.

If we store your data in data backups, these are overwritten regularly and in accordance with operational requirements.

https://docs.microsoft.com/de-de/microsoftteams/teams-privacy

 

Data protection information for the use of Microsoft Forms in customer surveys

We use ‘Microsoft Forms’ for our contact forms, for internal and external surveys and queries, e.g. to evaluate campaigns, register for events, etc.

Microsoft Forms is a tool within Microsoft 365, which we use, and a service provided by the third-party provider Microsoft Ireland Operations Limited.

Personal data is processed when using Microsoft Forms. This data protection notice provides information exclusively about the processing of your personal data by us. Information about the processing of personal data by Microsoft can be found at the following link:

https://privacy.microsoft.com/de-de/privacystatement

The data of users from the European Union is processed in data centres within the European Economic Area (EEA). However, it may be necessary for the provision of the service and within the scope of support that data is processed at the headquarters of Microsoft Inc. in the USA. Conclusion of a contract for order processing: In order to fully comply with the strict legal data protection requirements, we have concluded an order processing agreement with Microsoft within the framework of the ‘Online Service Terms’ (OST). In this respect, Microsoft is merely a data processor. Insofar as the Microsoft website www.Office.com or ‘Microsoft Forms’ processes personal data or uses cookies, Microsoft is responsible for data processing. Cookies from Microsoft are used on the survey page to provide the Microsoft Forms service.

In addition, the EU standard contractual clauses have been contractually agreed for data transfers to third countries. The EU standard contractual clauses guarantee an adequate level of data protection in the EU. We would like to point out that, according to the case law of the European Court of Justice, the USA is currently not a safe third country within the meaning of EU data protection law. Due to surveillance laws in the USA, US service providers may be obliged to disclose personal data to security authorities without the data subjects being able to appeal against this. It cannot therefore be ruled out that US authorities, such as intelligence services, will process, evaluate and permanently store your data stored on US service providers' servers for surveillance purposes. We have no influence on these processing activities.

Microsoft has therefore taken additional technical and organisational measures to protect personal data. In particular, personal data is only transmitted in encrypted form via Forms. In addition, Microsoft has contractually undertaken to defend against disclosure requests from US authorities in court as far as possible. Therefore, it can generally be assumed that Microsoft provides an adequate level of protection when processing personal data.

The use of our contact forms and participation in our surveys is voluntary. If consent is given by participating in the survey, the legal basis is Art. 6 (1) sentence 1 lit. a GDPR (consent of the data subject). Consent that has been given can be revoked at any time with effect for the future. There are no disadvantages to revoking or not giving consent.

If the use of contact forms and surveys is necessary for the initiation and/or fulfilment of contracts, the processing of personal data is carried out in accordance with Art. 6 (1) sentence 1 lit. b GDPR.

If no contractual relationship exists, the use of the contact form may be based on our legitimate economic interest in providing you with efficient, economical and recipient-friendly services

or, in the case of surveys, on our legitimate interest in the effective planning and implementation of projects and processes, etc. in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

The form owners have access to Microsoft Forms and can create and distribute surveys, forms and questionnaires directly, either alone or with other owners. They are also the sole recipients of the responses.

These are graphically processed in Microsoft Forms and are available to the form owners.

When using ‘Microsoft Forms’, various types of data are processed. The scope of the data depends on the questions asked and answered, as well as any additional files that may be uploaded.

Basically, this involves the following personal data:

  • Surname, first name
  • Email address
  • Profile picture (optional, if stored in Microsoft 365)
  • Preferred language
  • Status (optional, if stored in Microsoft 365)
  • Date and time the questionnaire was opened
  • Date and time the response was sent

If you participate in an anonymous survey, your response will not contain any contact information and cannot be traced back to you.

The service provider of Microsoft Forms necessarily obtains knowledge of this data as a processor in the course of providing its services.

 

Data subject rights

You have the right

a) to request access to personal data which are processed by us, pursuant to Art. 15 of the GDPR. You can, in particular, request information about the purposes of the processing, the category of personal data, the categories of recipients your personal data was or is disclosed to, the projected storage period, the existence of a right to rectification, erasure, restriction of processing or to object, the existence of a right to lodge a complaint, about the origin of your data to the extent they have not been collected by us, and about the existence of any automatic decision-making, and meaningful information on their details, if any;

b) to have incorrect personal data stored by us rectified or incomplete personal data stored by us completed without undue delay, pursuant to Art. 16 of the GDPR;

c) to have the personal data stored by us to be erased where the processing is not required to exercise the right to freedom of expression and information, to comply with a legal obligation for reasons of public interest or for the establishment, exercise or defense of legal claims, pursuant to Art. 17 of the GDPR;

d) to have the processing of your personal data restricted, pursuant to Art. 18 of the GDPR, where you contest the accuracy of the data, the processing is unlawful, but you oppose their erasure and we do not need the data anymore, but you need them for the establishment, exercise or defense of legal claims or you have objected the processing pursuant to Art. 21 of the GDPR;

e) to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format and to have this data transmitted to another controller, pursuant to Art. 20 of the GDPR;

f) to withdraw the consent you have once given at any time, pursuant to Art. 7(3) of the GDPR. This would mean that we are no longer allowed to carry out the data processing which is based on such consent; and

g) to lodge a complaint with a supervisory authority, pursuant to Art. 77 of the GDPR. Usually, you can contact the supervisory authority of your habitual residence, place of work or the headquarters of our company for this purpose.

 

The competent supervisory authority for data protection of IMS Gear SE & Co. KGaA is:

Baden-Württemberg Aufsichtsbehörde
Der Landesbeauftragte für den Datenschutz Baden-Württemberg		 
Lautenschlagerstraße 20
70173 Stuttgart | Germany		  
Phone 0711 615541 - 0  
Fax: 0711 615541 - 15  
E-mail: poststelle(at)lfd.bwl.de  
http://www.baden-wuerttemberg.datenschutz.de  
    

To exercise the afore-mentioned rights and if you have any question regarding privacy, please contact the controller or send an e-mail to dsb(at)imsgear.com.

 

Right to object

If your personal data are processed on the basis of legitimate interests pursuant to Article 6(1)(1)(f) of the GDPR, you have the right pursuant to Article 21 of the GDPR to object to the processing of your personal data when there are reasons for this arising out of your particular situation or when the objection concerns direct marketing. In the latter case, you have a general right to object, which is fulfilled by us without a particular situation having to be stated. If you want to exercise your right to withdraw or your right to object, please just send an email to dsb(at)imsgear.com.

 

Data security

a) Within the visit to our website, we use the common SSL (Secure Sockets Layer) method in conjunction with the highest level of encryption supported by your browser. Usually, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether a single page of our website is transmitted in encrypted form is indicated by the closed display of the key or the lock symbol in the lower status bar of your browser.

b) Besides, we employ suitable technical and organizational safety measures to protect your data against any accidental or deliberate manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our safety measures are continuously improved in line with progressing technological development.

 

Privacy Policy for Synera GmbH

If you send us an inquiry via the e‑mail address haerterei@imsgear.com, the content of your inquiry will be processed for further handling. We use an application provided by Synera GmbH to automatically extract the relevant information from your message.

Which data is processed?

  • Company name (customer name)
  • Name of the person submitting the inquiry
  • Contact details (e.g. e‑mail address, telephone number)
  • Content of the inquiry (text of the message)

The entire inquiry is transmitted as part of a prompt to a language model (LLM) in order to extract the relevant data from the text document.

Purpose of processing
The processing is carried out to enable faster and more efficient creation of quotations. The legal basis is Article 6(1)(f) GDPR (legitimate interest). Our legitimate interest lies in optimising our quotation processes.

Storage period
The extracted data is stored only for as long as necessary to process your inquiry and prepare the quotation. It will then be deleted unless statutory retention obligations apply.

Recipients of the data
The processing is carried out using the Synera application. The data is stored and processed in our own Microsoft Cloud tenant. The data is not transferred to third parties outside the IMS Gear Group.

Your rights
You have the rights set out in Articles 15 et seq. GDPR (access, rectification, erasure, restriction of processing, objection, data portability). Further information can be found in the general notes of this privacy policy.

 

Changes to this Privacy Policy

This Privacy Policy will be updated, if needed, to meet current requirements, e.g. a change to the relevant data protection regulations.

 

Version: 2026-02-26