Data Privacy Protection
ASM Assembly Systems Commitment to Data Privacy Protection
For legal reasons, the data protection responsibilities related to The Hermes Standard website must be well defined. Respective assignments are carried out by the company of the speaker of The Hermes Standard initiative. This does not imply any further leading role of the respective company other than related to the tasks and responsibilities of the speaker.
Since protecting the security and privacy of your personal data is important to us, we conduct our business in compliance with applicable laws on data privacy protection and data security. The policy outlines below will help you understand that data we may collect, how we use and safeguard this data and with whom we may share it.
In most cases you can visit the Web pages of ASM Assembly Systems without having to provide any personal data.
Personal data
Through our Web sites, we will not automatically collect any personal data about you (names, addresses, telephone numbers or e-mail addresses).
We will receive such data only if you give it to us voluntarily (for example, by registering or responding to a survey).
Right to information
ASM Assembly Systems will let you know upon request whether and what personal data about you is stored on our systems. If, despite all our efforts to ensure that the data is current and correct, it turns out that the data contains errors, we will correct it upon your request.
Purpose of use
ASM Assembly Systems will collect, process and use the personal data provided online by you only for the purpose disclosed to you, unless the collection, processing or use
- is for an additional purpose that is directly related to the original purpose for which the personal data was collected,
- is necessary to prepare, negotiate and fulfill a contract with you,
- is required by law, government regulations or a court order,
- is necessary to establish or preserve a legal claim or defense,
- is necessary to prevent abuse or other illegal activities, such as willful attacks on the information technology systems of ASM Assembly Systems.
Communication- or usage-related data
When you access our Web sites via telecommunication services, communication-related data (such as our Internet Protocol address) and/or other usage-related information (such as the usage start and duration and the telecommuniation services used by you) will be automatically generated and could conceivably make it possible to draw conclusions about personal information. To the extent that there is a compelling necessity, the collection, processing and use of your communications or utilization data will occur and will be performed in accordance with the applicable legal framework governing data privacy protection.
Non-personal data collected automatically
When you access our Web sites, we may automatically (i.e., not by registration) collect non-personal data (such as the type of Internet browser and operating system used, domain name of the Web site from which you came, number of visits, average time spent on the site, pages viewed, etc.). We may use this data to monitor the attractiveness of our Web sites and improve their performance and/or content.
When you view one of our Web sites, we may store some data on your computer in the form of a “cookie” to automatically recognize your PC next time you visit. Cookies can help us in many ways. For example, they may allow us to tailor a Web site to better match your interests or to store your password in order to save you from having to re-enter it each time you visit. If you do not wish us to be able to recognize your computer, please configure your Internet browser to erase all cookies from your computer’s hard drive, block all cookies or to issue a warning before a cookie is stored.
Security
ASM Assembly Systems uses technical and organizational security measures to protect your personal data against accidental or unlawful destruction, loss or alteration, as well as against unauthorized disclosure or access.
Links to other Web sites
The Web sites of ASM Assembly Systems contain links to other Web sites. ASM Assembly Systems is not responsible for the privacy protection policies or other contents of these Web sites.
Data Protection Officer
If you have questions regarding the handling or processing of your personal data, you may contact our Data Protection Officer, who also handles information requests, petitions and complaints:
Data Protection Officer
Markus Pacholik
ASM Assembly Systems GmbH & Co. KG
Rupert-Mayer-Str. 44
81379 Munich, Germany
E-mail: Datenschutz@asmpt.com
Public Index of Procedures
The Federal Data Protection Act (BDSG) specifies in §4g that the Data Protection Officer must make the following information available in a suitable manner as per §4e:
1. Name and address of the responsible entity:
ASM Assembly Systems GmbH & Co. KG
Rupert-Mayer-Str. 44
81379 Munich, Germany
2. Executive management:
Günter Schindler
Mike Möhlheinrich
3. Head of IT operations:
Bernd Schultz
4. Purpose of data collection, processing and/or use:
The business purpose of ASM AS is the sale and distribution of products developed in-house, as well as the operation of all related ancillary activities.
Ancillary purposes include related or supporting functions such as personnel management, agency management, supplier management and service provider management.
5. Description of the affected groups of persons and related data and data categories:
To meet the purposes listed in Sec. 4 we collect, process and use the following personal data and/or data categories:
- Customers (address data including telephone, fax and e-mail data; credit information and bank information)
- Prospects/non-customers (address data; areas of interest; proposal data)
- Job applicants (mostly application data; career and educational history data; qualifications; police records, if applicable)
- Employees, apprentices, trainees, retirees, former employees
- Contract, master and accounting data (information about private and business addresses; activities; payroll; names and age of family members where relevant for benefits; tax withholding data; bank account data; assets entrusted to the employee)
- Data regarding personnel management and control; timekeeping data; access control data
- Appointment management data
- Communication data as well as data for processing and controlling transactions and technical systems
- Emergency contact data as specified by the employees
- Sales representatives/agents/brokers/agencies (address data; business and contract data; contact information)
- Suppliers/service providers (address data; contact data; bank account data; appointment data; accounting and service data)
- Contact persons for the above group
6. Recipients or categories of recipients to whom the data may be conveyed:
- Public authorities who receive data due to legal regulations (social security insurance carriers, financial; revenue authorities; regulatory agencies)
- Internal departments which participate in the respective business processes (essentially HR, Accounting, Procurement, Marketing, General Administration, Sales and IT)
- External contractors (services providers) as per §11 BDSG.
- Additional external entities such as financial institutions (payroll; companies the affected party has approved in writing or where the transmission of data is justified for legitimate reasons)
7. Data retention and deletion:
The legislative bodies have specified many specific data retention periods and deletion requirements. When these retention periods expire, the respective data will be routinely deleted unless it is required for contract performance purposes. For example, business transaction of financial data for a completed year will be deleted after another ten years, unless longer retention periods are required or necessary for legitimate reasons.
Shorter retention periods apply to special areas (for example: HR administration, rejected applications, written reprimands, etc.). To the extent that the data is unaffected by these, it will be deleted if the purposes listed in Sec. 5 do not apply.
8. Planned data transmissions to third countries:
We transmit data to third countries only in connection with contract performance, necessary communications and other exceptions expressly listed in the BDSG.
If we transmit data to third countries, we do so only after a careful inspection and assessment by the Data Protection Officer of ASM AS.
ASM Assembly Systems GmbH & Co. KG
Data Protection Officer
Status: 20 June 2012