Data protection
How we protect your data
The TÜV NORD GROUP takes the protection of your personal data seriously and complies with the statutory provisions of the General Data Protection Regulation ("GDPR") and the Federal Data Protection Act ("BDSG") when processing personal data. In accordance with the GDPR, the following text will provide you with information about when and for what purposes your personal data is processed when you visit our website. This Privacy Policy applies to all processing of personal data carried out by us on our website, in mobile applications and as part of our external online presence, such as our social media profiles - "online offer". It does not extend to any websites the links to which are provided here or websites of other providers.
Last updated: 17.10.2022
Document date: 01.10.2022
Revision 1.9
Our Privacy Policy is based on the terms used by European legislators and regulators in the General Data Protection Regulation (GDPR). Our Privacy Policy is intended to be easy to read and understand by the general public and by our customers and business partners alike. In order to ensure this, we wish to start by explaining some of the terminology used.
For reasons of better readability, the same terminology is used for personal names and personal nouns in our following statements as in the GDPR. Corresponding terms apply to all genders in the interests of equal treatment. The abbreviated language form is for editorial reasons only and does not imply any judgment.
The controller for the purposes of the GDPR, other data protection laws applicable in Member States of the European Union and other provisions related to data protection are:
Companies of the TÜV NORD GROUP, represented by TÜV NORD AG
Am TÜV 1
Hanover
Germany
Tel.: +49 511 998-0
Email: privacy@tuev-nord.de
Website: www.tuev-nord.de
The data protection officer of the controller is
Mr Berthold Weghaus
TÜV NORD AG
Am TÜV 1
45307 Essen
Germany
Phone: 0201 / 825 2165
Email: privacy@tuev-nord.de
If, for example, you would like to receive information about your personal data stored in our IT systems or delete your personal data, please use our online form to safeguard your rights as a data subject.
One of the ways in which your data is collected is when you communicate it to us. This is, for example, the data that you enter in a contact form. Other data is automatically collected by our IT systems when you visit our website. This is mainly technical data (e.g. Internet browser, operating system or date and time of your visit to our website). This data is collected automatically the moment you visit our website.
Some of the data is collected in order to ensure that the website is provided to you without errors. Other data may be used to analyse your user behaviour.
In principle, we only process personal data of visitors and users of our website insofar as this is necessary for the provision of a functional website as well as our content and services. As a rule, the personal data of our users is processed only with the consent of the user. An exception applies in those cases in which prior consent cannot be obtained for practical reasons and where data processing is permitted by law.
The processing of personal data with the consent of the data subject is based on Article 6 (1) (a) of the GDPR.
The processing of personal data that is necessary for the performance of a contract to which the data subject is a party is based on Article 6 (1) (b) of the GDPR. This also applies to processing operations that are required to carry out pre-contractual measures.
The processing of personal data that is necessary to fulfil a legal obligation imposed on our company is based on Article 6 (1) (c) of the GDPR.
In the event that vital interests of the data subject or another natural person require the processing of personal data, such processing is based on Article 6 (1) (d) of the GDPR.
The legal basis for processing that is necessary for the purposes of the legitimate interests pursued by our company or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, is Article 6 (1) (f) of the GDPR.
We erase or block the personal data of the data subject as soon as the purpose of storage no longer applies. Data may also be stored if this is provided for by the European or national legislator in Union regulations, laws or other provisions applicable to our company. Data will also be blocked or erased upon expiry of a storage period prescribed by the standards mentioned, unless further storage of the data is required in order to conclude or perform a contract.
Every time our website is accessed, our server system automatically collects data and information from the computer system of the calling computer, which includes the following:
This data is not merged with other data sources. We collect such technical information in so-called log files in order to ensure that our website is displayed correctly, to assist us in determining the causes of any technical problems, and for the purposes of the technical optimisation of our website and the security of our computer systems and networks. In respect of such purposes, our legitimate interest in data processing is also laid down in Article 6 (1) (f) of the GDPR. The data is erased as soon as it is no longer required to achieve the purpose for which it was collected. In most cases, this technical information is erased or made illegible by no later than seven days. The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. The user therefore has no option to object to such processing.
6.1 Analysis tools and tools from third-party providers
When you visit our website, your surfing behaviour may be statistically evaluated. This is primarily done using cookies and so-called analysis programmes. Your surfing behaviour is generally analysed anonymously; the surfing behaviour cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools.
6.2 What are cookies & co?
6.2.1 Cookies
Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognise your browser on your next visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted. Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested are stored on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the storage of cookies for the technically error-free and optimised provision of our services. If other cookies (e.g. cookies to analyse your surfing behaviour) are stored, these are treated separately in our cookie settings.
6.2.2 Web beacons/gifs, pixels, page tags, script
Emails and mobile applications may contain small, transparent image files or lines of code to record how you interact with them. This information is used to help website and app publishers better analyse and improve their services.
6.2.3 Cookies for analysis purposes
When accessing our website, the user is informed about the use of cookies for analysis purposes and his consent to the processing of the personal data used in this context is obtained. In this context, reference is also made to this privacy policy.
The purpose of using analytics cookies is to improve the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus constantly optimise our offer.
The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a GDPR if the user has given his or her consent.
6.2.4 Duration of storage, objection and removal options
Cookies are stored on the user's computer and transmitted by it to our website. You have and retain full control over the use of cookies and can delete cookies in your browser or via the cookie settings in the bottom left-hand corner of our website, completely deactivate the storage of cookies or selectively accept certain cookies. Please use the help functions of your browser to find out how you can change these settings. This may limit the functionality of our websites. By giving consent to the use of cookies on the basis of a notice ("cookie banner") provided by us on the website, the user consents to the use of cookies. You can customise your cookie settings at any time by clicking on the icon (bottom left of the website).
6.3 Categories of cookies used by TÜV NORD
So that you can define your desired data protection settings for visiting our website as individually as possible, we give you the option of setting your preferences via the cookie settings with regard to the categories "Technically necessary", "Statistics", "Convenience and personalisation".
6.3.1 "Technically necessary" category
These cookies are necessary for the technical operation of the website and for the management of our commercial business objectives. Some functions of our websites cannot be offered without the use of these cookies.
We use technically necessary cookies on the basis of legitimate interests (Art. 6 para. 1 lit. f GDPR). Our legitimate interest lies in ensuring the functioning of our websites and their optimal usability. Logging serves, among other things, to fulfil Section 13 (2) TMG and cannot be revoked. This type of cookie is used exclusively by TÜV NORD as the operator of the website and all information stored in the cookies is only sent to this website.
6.3.2 "Statistics" category
To further improve our offer and our website, we collect anonymised data for statistics and analyses. With the help of these cookies, we can, for example, determine the number of visitors and the effect of certain pages on our website and optimise our content. Analysis cookies and tags enable us to generate overall statistics, e.g. on the number of visits, which areas of the websites are viewed most frequently and information on locations and the average length of time spent on the websites. This enables us to improve the quality of our websites and content.
Functional cookies enable this website to store information provided, such as the user name or language selection, and to offer the user improved and personalised functions based on this. These cookies only collect and store anonymised information.
6.3.3 "Convenience and personalisation" category
We use these cookies to make it easier for you to use the website. For example, you can conveniently return to our website when you visit it again.
Cookies in this category are also used to show you personalised content that matches your interests. This enables us to present you with offers.
We only use functionality cookies, analysis cookies and advertising cookies on the basis of your consent (Art. 6 para. 1 a GDPR).
Some of the cookies we use are automatically deleted after you close your browser (session cookies), while others remain permanently on your end device and enable us to recognise your browser (persistent cookies). Persistent cookies).
Such marketing / third party / consent-based cookies originate from external advertising companies, among others, and are used to collect information about the websites visited by the user, e.g. to create target group-oriented advertising for the user. This data is therefore made available to third parties.
6.3.4 Overview of our basic cookie settings and deletion periods
You can find our cookie settings here: https://www.tuev-nord-group.com/de/kategorien/cookie-einstellungen/
6.4 Analysis tools and integration of third-party web services
6.4.1 Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc ("Google"). Google Analytics uses cookies, which are text files placed on your computer, to help the website analyse how users use the site. Three cookies are used:
All data collected via the cookies is used exclusively for statistical purposes. We need the data to determine which data traffic takes place on the website and where it comes from, and to determine whether the website is working smoothly in all areas and how we can make it more usable for you. No user profiles are created or conclusions drawn about the identity of a user. All user and event data stored in Google Analytics is deleted after 26 months at the latest.
The information generated by the relevant cookies about your use of our website is generally transmitted to a Google server in the USA and stored there. However, your IP address will be shortened and anonymised by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on our behalf to analyse your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The data will not be passed on. No data from other sources is associated with the data collected.
We use the Google Tag Manager for integration on our website. Further information can be found in our privacy policy under Google Tag Manager.
Data processing with Google Analytics on our website is carried out on the basis of Art. 6 para. 1 lit. a GDPR. Your consent is voluntary and you can revoke it at any time with effect for the future by changing your current settings in our cookie banner.
You can also prevent the storage of cookies by selecting the appropriate settings in your
browser software. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link(https://tools.google.com/dlpage/gaoptout?hl=de).
Please note that you must make the setting for each device and each different browser individually.
This website also uses the "gat._anonymizeIp();" function, which ensures that IP addresses are anonymised when data is collected.
Google Analytics is operated by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
6.4.2 Google Ads
We use Google Ads, an advertising system from Google Inc ("Google"), to advertise our website. As part of this, we use the "Conversion Tracking" function on our website. We also use Google Analytics to analyse data from Google Ads for statistical purposes. If you have reached our website via a Google advert, a cookie will be stored on your computer. Conversion cookies lose their validity after a maximum of 30 days and are not used to identify you personally. If you visit certain pages of our website and the cookie has not yet expired, we and Google can recognise that you as a user have clicked on one of our ads placed on Google and have been redirected to our site.
The information obtained with the help of conversion cookies is used by Google to compile visit statistics for our website. These statistics tell us the total number of users who clicked on our advert and which pages of our website were subsequently accessed by the respective user. However, we or other Google Ads advertisers do not receive any information that can be used to personally identify users.
We use the Google Tag Manager for the integration on our website. Further information can be found in our privacy policy under Google Tag Manager.
Data processing with Google Ads on our website is carried out on the basis of Art. 6 para. 1 lit. a GDPR. Your consent is voluntary and you can revoke it at any time with effect for the future by changing your current Google Analytics settings in our cookie banner.
You can also prevent the installation of conversion cookies by adjusting your browser settings accordingly, for example by using a browser setting that generally deactivates the automatic setting of cookies or specifically blocks only cookies from the domain "googleadservices.com".
The relevant Google privacy policy can be found at the following link https://services.google.com/sitestats/de.html
Google Ads is operated by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
6.4.3 Google Remarketing
We use the so-called remarketing function of Google Ads and Google Analytics, web analysis services of Google Inc. ("Google"), to advertise our website and the products available on it.
By using the remarketing function, a cookie is set in your browser as soon as you visit our website. If you then later call up the Google search or a website registered in the Google advertising network, Google can use this cookie to recognise that you have visited a specific page on our website, that you have placed a specific product in the shopping basket and that you have purchased it.
In Google Ads, we can then add the visitor to our website to a so-called remarketing list, a list of users who have visited certain pages on our website. These remarketing lists can be used to retrieve statistics and define target groups to whom selected adverts can be presented in the Google search network and the Google display network.
By using the remarketing function, we want to ensure that our adverts presented on the Google search network and the Google display network are only shown to people who have indicated to us by visiting the website that they are potentially interested in an advertised product and therefore do not feel annoyed or disturbed by the adverts. We can also use the services used to prevent an advert for a product from being shown to people who have already purchased the product. Furthermore, for statistical and market research purposes, we can also check whether a user was redirected to our website after clicking on an advert and analyse whether the advert was of interest to them.
We cannot draw any conclusions about the identity of the visitor from the data collected for the remarketing function via Google Ads. Google processes the data pseudonymously. This means that the user's name or email address are not processed, but only the relevant visit data stored in the cookie. This does not apply if a user has expressly allowed Google to process the data without pseudonymisation. This has no effect on data processing on our site as the website operator.
Data processing with Google Remarketing on our website is carried out on the basis of Art. 6 para. 1 lit. a GDPR. Your consent is voluntary and you can revoke it at any time with effect for the future by changing your current Google Analytics settings in our cookie banner.
If you do not want your visit to our website to be recorded via the Google cookie and do not want your data to be used to display adverts in Google search and on websites that are connected to the Google advertising network, you can also object as follows:
You can make a corresponding setting in your browser that generally deactivates the automatic setting of cookies or specifically blocks only cookies from the domain "googleadservices.com".
You can install the plug-in provided by Google for this purpose in your browser at the following link: https://www.google.com/settings/ads/plugin.
If you wish to specifically object to interest-based advertising by Google marketing services, you can use the setting and opt-out options provided by Google: https://adssettings.google.com/authenticated
The relevant Google privacy policy can be found at the following link https://services.google.com/sitestats/de.html
Google Ads and Google Analytics are operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
6.4.4 Google Adwords Conversion Tracking
This website also uses Google Conversion Tracking. Google Adwords places a cookie on your computer if you have reached our website via a Google advert. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer's website and the cookie has not yet expired, Google and the customer can recognise that the user clicked on the ad and was redirected to this page.
Each Adwords customer receives a different cookie. Cookies can therefore not be tracked via the websites of Adwords customers. The information collected using the conversion cookie is used to generate conversion statistics for Adwords customers who have opted for conversion tracking.
Adwords customers learn the total number of users who clicked on their advert and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in the tracking process, you can also refuse the setting of a cookie required for this - for example, by using a browser setting that generally deactivates the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the domain"www.googleadservices.com". Google's privacy policy on conversion tracking can be found in the Google Privacy Policy.
These services are specifically developed for mobile devices (such as smartphones). In some cases, content is reloaded from other sources (primarily to keep the data up to date, e.g. the list of our test centres or map material from map providers). Functions are always executed on the end device. If we call up functions on TÜV NORD servers (e.g. to find the nearest test centres on tuev-nord.de for reasons of performance for a given location), we discard this data there after transferring the results. We only process personal data if this is necessary for the purpose of the app or if you have given us your explicit consent. Data is not passed on to third parties. We reserve the right to statistically analyse anonymised data records.
Geodata is used for localisation services (e.g. your location at the time you call up the "...find nearest test centre" function). We do not merge this geodata with your personal data, but only use it for the purpose of localisation within the scope of the app or sub-function of an app that you have called up. After localisation, we discard this geodata. Depending on your end device, you can also generally switch off the localisation option (see the information provided by the manufacturer of your end device). However, the localisation function of the app cannot then be used.
Data is also stored on your device; personal data is always stored in encrypted form, although some data is also stored in unencrypted form (e.g. settings for specific on/off switches in our apps). If your end device is lost, misuse by third parties cannot be ruled out. We therefore recommend using the device-specific measures against misuse (user lock, etc.). Please refer to the information provided by the manufacturer of your device. You should also use the options to remove personal data from your device if you pass it on, e.g. if you sell it.
6.4.5 Microsoft Advertising
We use Microsoft Advertising, an advertising system from Microsoft Corporation ("Microsoft"), to advertise our website. As part of this, a cookie is set for visitors who come to our website via an advert in the Bing search engine.
This cookie stores data that provides information about the use of our website - including the time spent on the site, the pages accessed and whether a purchase was made. The data is pseudonymised and can be read by both Microsoft and us for statistical purposes. No personal data is processed and it is not possible to draw conclusions about the identity of the visitor.
The information collected is transferred to Microsoft servers in the USA. The storage period is a maximum of 180 days.
Data processing with Microsoft Advertising on our website is carried out on the basis of Art. 6 para. 1 lit. a GDPR. Your consent is voluntary and you can revoke it at any time with effect for the future by changing your current settings in our cookie banner.
You can also make a corresponding setting in your browser that generally deactivates the automatic setting of cookies or specifically blocks only cookies from the domain "microsoft.com".
Microsoft may be able to track your usage behaviour across several of your electronic devices through so-called cross-device tracking and is therefore able to display personalised advertising on websites and in apps. You can object to the processing of your data for this purpose by clicking on the following link: https://account.microsoft.com/privacy/ad-settings/signedout?
You can find more information about Microsoft Advertising's analytics services at https://help.bingads.microsoft.com. Further information on data protection at Microsoft can be found in Microsoft's privacy policy at: https://privacy.microsoft.com/de-de/privacystatement
6.5 Consent Manager
We have integrated the consent management tool "consentmanager"(www.consentmanager.net) from Jaohawi AB (Håltgelvågen 1b, 72348 Västerås, Sweden, info@consentmanager.net) on our website in order to obtain consent for data processing or the use of cookies or comparable functions. With the help of "consentmanager", you have the option of giving or refusing your consent for certain functionalities of our website, e.g. for the purpose of integrating external elements, integrating streaming content, statistical analysis, measuring reach and personalised advertising. You can use "consentmanager" to give or refuse your consent for all functions or give your consent for individual purposes or individual functions. You can also change the settings you have made at a later date. The purpose of integrating "consentmanager" is to allow the users of our website to decide on the aforementioned matters and to offer the possibility of changing settings already made during the further use of our website. In the course of using "consentmanager", personal data and information about the end devices used, such as the IP address, are processed.
The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. ci.V.m. Art. 6 para. 3 sentence 1 lit. a GDPR in conjunction with Art. 7 para. 1 GDPR. Art. 7 para. 1 GDPR and alternatively lit. f GDPR). By processing the data, we help our customers (the controller according to the GDPR) to fulfil their legal obligations (e.g. obligation to provide evidence). Our legitimate interests in the processing lie in the storage of user settings and preferences in relation to the use of cookies and other functionalities. "Consentmanager" stores your data for as long as your user settings are active. After two years after the user settings have been made, your consent will be requested again. The user settings made will then be saved again for this period.
You can object to the processing. You have the right to object on grounds relating to your particular situation. To object, please send an email to info@consentmanager.net.
6.6 Cloudflare
We use Cloudflare from Finna Cloudflare, Inc (101 Townsend St., San Francisco, CA 94107, USA) on this website to make our website faster and more secure. Cloudflare uses cookies and processes user data. Cloudflare, Inc. is an American company that provides a content delivery network and various security services. These services are located between the user and our hosting provider and act as a reverse proxy for websites. We will try to explain exactly what this means below.
Of course, we want to offer you the best possible service with our website. Cloudflare offers us both web optimisation and security services, such as DDoS protection and WebFirewall. This also includes a reverse proxy and the content distribution network (CDN). Cloudflare blocks threats and limits abusive bots and crawlers that waste our bandwidth and server resources. By storing our website on local data centres and blocking spam software, Cloudflare enables us to reduce our bandwidth usage by approximately 60%. Delivering content via a data centre near you and some web optimisation performed there reduces the average load time of a website by about half. According to Cloudflare, the "I'm Under Attack Mode" setting can further mitigate attacks by displaying a Javascript calculation task that must be solved before a user can access a web page. Overall, this makes our website significantly more powerful and less susceptible to spam or other attacks.
Cloudflare generally only forwards data that is controlled by website operators. The content is therefore not determined by Cloudflare, but always by the website operator itself. Cloudflare may also collect certain information about the use of our website and process data that is sent by us or for which Cloudflare has received corresponding instructions. In most cases, Cloudflare receives data such as contact information, IP addresses, security fingerprints, DNS log data and performance data for websites derived from browser activity. Log data helps Cloudflare to recognise new threats, for example. This enables Cloudflare to ensure a high level of security protection for our website. Cloudflare processes this data as part of its services in compliance with the applicable laws. This naturally also includes the GDPR.
Cloudflare also uses a cookie for security reasons. The cookie L cfduid) is used to identify individual users behind a shared IP address and to apply security settings for each individual user. This cookie is very useful, for example, if you use our website from a location where there are a number of infected computers. However, if your computer is trustworthy, we can recognise this from the cookie. This allows you to surf our website unhindered despite infected PCs in the neighbourhood. This cookie is absolutely necessary for the Cloudflare security functions and cannot be deactivated.
Cloudflare only keeps data logs for as long as necessary and in most cases this data is deleted within 24 hours. Cloudflare also does not store any personal data, such as your IP address. However, there is information that Cloudflare stores indefinitely as part of its permanent logs in order to improve the overall performance of Cloudflare Resolver and to identify any security risks.
Cloudflare states in their privacy policy that they are not responsible for the content they receive. For example, if you ask Cloudflare to update or delete your content, Cloudflare will always refer you to us as the website operator. You can also completely prevent the entire collection and processing of your data by Cloudflare by deactivating the execution of script code in your browser or by integrating a script blocker in your browser.
You can find more information on data protection at Cloudflare at https://www.cloudflare.com/de-de/privacypolicy/
6.7 Google Tag Manager
We use Google Tag Manager on our website, a service provided by Google LLC ("Google") to connect external web services to a website.
We use Google Tag Manager to connect our website to the services Google Analytics, Google Ads, LinkedIn Insight Tag and Twitter Website Tag, among others, provided you have given your consent to the respective services on our site. The Google Tag Manager is only used to implement the services on our website. No personal data is collected, stored or processed in the process. Please refer to our cookie banner for details and setting options for your currently defined consents.
Further information can be found in Google's usage guidelines for Google Tag Manager: https://www.google.com/intl/de/tagmanager/use-policy.html
The legal basis for any processing of data by the Google Tag Manager on our website is based on Art. 6 para. 1 lit. f GDPR.
The Google Tag Manager is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
6.8 Google reCAPTCHA
For selected web forms on our website, we use the Google reCAPTCHA service, a captcha service provided by Google Inc ("Google"), to protect our website from spam and misuse. The service is used to distinguish whether a form entry is made by a human or abusively by machine processing.
To determine this, Google stores a cookie in your browser when you use the reCAPTCHA service and collects the following data
Your IP address collected for the reCAPTCHA service is transmitted to Google. However, it will first be shortened and anonymised by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website to analyse your use of this service. The IP address transmitted by your browser as part of reCAPTCHA will not be merged with other Google data. The data will not be passed on. No data from other sources will be associated with the data collected.
Your entries are processed by Google to improve pattern recognition for the reCAPTCHA tool. Google also reads the cookies from other Google services such as Gmail, Search and Analytics. All of this data is sent to Google in encrypted form. Google's subsequent analysis decides how the captcha is displayed on the page - in the form of a checkbox or by entering text.
No personal data is read or saved from the input fields of the respective form. Further information on Google's data protection policy can be found at: https://www.google.com/policies/privacy/
Data processing with Google reCAPTCHA on our website is carried out on the basis of Art. 6 para. 1 lit. a GDPR. Your consent is voluntary and you can revoke it at any time with effect for the future by changing your current settings in our cookie banner.
Google reCAPTCHA is operated by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
6.9 Integration of plug-ins and tools
6.9.1 YouTube
Our website uses plug-ins from the Google-operated YouTube site. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
When you visit one of our pages equipped with a YouTube plug-in, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.
YouTube can also store various cookies on your end device. With the help of these cookies, YouTube can obtain information about visitors to our website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent attempted fraud. The cookies remain on your end device until you delete them.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Further information on the handling of user data can be found in YouTube's privacy policy at: www.google.de/intl/de/policies/privacy
6.9.2 Google Web Fonts
This site uses so-called web fonts provided by Google for the standardised display of fonts. When you access a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google's servers. This informs Google that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
If your browser does not support web fonts, a standard font will be used by your computer.
Further information on Google Web Fonts can be found at developers.google.com/fonts/faq (https://developers.google.com/fonts/faq) and in Google's privacy policy: www.google.com/policies/privacy/
6.9.3 Vimeo
This website uses plug-ins from the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our pages equipped with a Vimeo plug-in, a connection to the Vimeo servers is established. The Vimeo server is informed which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged in to Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the USA.
If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Vimeo account.
The use of Vimeo is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
Further information on the handling of user data can be found in Vimeo's privacy policy at: https://vimeo.com/privacy.
6.9.4 Google Maps
This website uses Google Maps to display maps and create directions. Google Maps is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
By using this website, you consent to the collection, processing and use of the automatically collected data and the data entered by you by Google, one of its representatives or third-party providers.
The terms of use for Google Maps can be found under Terms of Use for Google Maps.
Full details can be found in the data protection centre of google.de: Transparency and choices and privacy policy.
6.9.5 Podigee podcast hosting
We use the podcast hosting service Podigee from the provider Podigee UG, Am Walde 2, 56249 Herschbach, Germany. The podcasts are loaded by Podigee or transmitted via Podigee. The use is based on our legitimate interests, i.e. interest in the secure and efficient provision, analysis and optimisation of our podcast offer in accordance with Art. 6 para. 1 lit. f GDPR. Podigee processes IP addresses and device information in order to enable podcast downloads/playbacks and to determine statistical data, such as call-up figures. This data is anonymised or pseudonymised before being stored in Podigee's database, unless it is required for the provision of the podcasts. Further information and objection options can be found in Podigee's privacy policy: https://www.podigee.com/de/about/privacy/.
6.9.6 Edudip next
We offer you the opportunity to register for our webinars via a landing page / on our website. The webinars themselves take place on the edudip next platform (hereinafter referred to as the webinar service provider) (details can be found in edudip's privacy policy at www.edudip.com/datenschutz). Edudip next is operated by the company edudip GmbH, Jülicher Straße 306, 52070 Aachen, Germany.
We have concluded an order processing contract with the webinar service provider in which we oblige them to protect our customers' data and not to pass it on to third parties. The integration of the webinar service provider serves the technically flawless realisation of the webinar with professional tools. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
When you register for a free webinar, you must enter general information (company name, postcode, etc.) as well as personal data such as your email address and name. Once you have successfully registered, you will receive automated e-mails from the webinar service provider including your personal access link. Please also note their privacy policy (www.edudip.com/datenschutz). You can unsubscribe from the webinar at any time. At the end of the webinar, all your data will also be stored for a specific purpose and deleted in due time.
6.9.7 Webinars with GoToWebinar
Our company uses the GoToWebinar software solution from LogMeIn, Inc. 333 Summer Street, Boston, MA 02210 USA to conduct webinars over the Internet. LogMeIn, Inc. is the data controller for the provision of this service and the associated data processing. You can find LogMeIn's privacy policy here: https://www.logmeininc.com/de/legal/privacy. In order to conduct the webinar, we transmit your registration or customer data to LogMeIn, Inc. The processing of your data is based on your consent (Art. 6 para. 1 lit. a GDPR). An encrypted connection is established between you and the organiser of the webinar in order to conduct the webinar. The webinars are recorded as required in order to make them available on our website for later retrieval. Questions asked by the participants during the seminar and the corresponding answers are also recorded and played back when the webinar is called up later. Statistical data is collected during and after the webinar. If you participate in a webinar, in addition to your registration data, we receive information about the duration of participation, interest in the webinar, questions asked or answers given for the purpose of further customer support or to enhance the user experience.
6.9.8 Targetbox
Our website uses plugins from the targetbox.de website operated by Beschützerbox GmbH. The operator of the site is Beschützerbox GmbH, Kreuzbergstr. 37, 10965 Berlin.
When you visit one of our pages equipped with a Targetbox plugin, a connection to the Targetbox servers is established.
Targetbox is used in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Further information on the handling of user data can be found in Targetbox's privacy policy at: https://targetbox.de/datenschutzerklarung/
6.10 Issuu
Our website uses plug-ins from the digital publishing platform Issuu. The provider is Issuu Inc, 131 Lytton Ave, Palo Alto, CA 94301 USA
When you visit one of our pages equipped with an Issuu plug-in, a connection to the Issuu servers is established. The Issuu server is informed which of our pages you have visited. Issuu also obtains your IP address. This also applies if you are not logged in to Issuu or do not have an account with Issuu. The information collected by Issuu is transmitted to the Issuu server in the USA.
If you are logged into your Issuu account, you enable Issuu to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Issuu account.
Further information on the handling of user data can be found in Issuu's privacy policy at: https://issuu.com/legal/privacb.
6.11 Watchado
This website uses the functions of a Whatchado plug-in. This is used to embed videos on the websites. Whatchado is operated by whatchado GmbH, Möllwaldplatz 4/39, 1040 Vienna, Austria. If a page with such a plug-in is accessed, a connection to the Whatchado servers is established. If users are logged into their Whatchado account, Whatchado is able to assign the surfing behaviour directly to the user's personal profile.
6.11.1 HubSpot
We use HubSpot, a software from HubSpot Inc, USA, for our online marketing activities, for example for the distribution of newsletters. This software is used in the area of inbound marketing and supports us in statistical analyses and evaluations of the behaviour of registered users so that we can better coordinate our marketing strategy and optimise the content provided to you.
For more information, please refer to the HubSpot Inc. terms of use and privacy policy at http://www.hubspot.com/terms-of-service and http://www.hubspot.com/privacy-policy. If you do not want the information about your visit to be used for the purposes described, you can also contact us. All information collected by us is subject to this privacy policy.
6.11.2 Chat solution
This website uses the live chat software from Userlike. Userlike uses cookies to save the content of the chat while you are waiting on the site and to connect you to the same operator if possible. The data collected is not used to personally identify the website visitor; it is only merged with personal data of the owner of the pseudonym if personal data is voluntarily provided for the live chat when using the tool. You can find Userlike's privacy policy here: https: //www.userlike.com/de/privacy_policy
6.11.3 QUANTCAST
We use the Quantcast service on our website. Quantcast enables interest-based advertising. Quantcast is a service provided by Quantcast International Limited in Ireland. Cookies are set that forward data to Quantcast. If you wish to object to interest-based advertising by Quantcast, you can use the opt-out option provided by Quantcast: https://www.quantcast.com/de/opt-out/
As the opt-out function is also cookie-based, your browser must be set to accept third-party cookies. If you use multiple devices or browsers, you must opt out on each one individually. If you delete cookies, you must log out again.
You can find Quantcast's data protection information here: https://www.quantcast.de/datenschutz
6.12 Social networks
Social media cookies make it possible to establish a connection to your social networks and to share content from our website within your networks.
Our website uses buttons for the following social networks
The buttons are labelled with the logo of the respective social network. However, these are not the usual social plug-ins, but buttons with stored links. You must activate the buttons separately by clicking on them. As long as these buttons are not clicked, no data is transferred to the social networks. Only when you click on the buttons and thereby declare your consent to communication with the servers of the social network do the buttons become active and the connection is established.
After clicking, the button corresponds to a so-called share plug-in. The social network is provided with information about the page you have visited, which you can share with your contacts in your social network. If you want to "share" the information, you must be logged in. If you are not logged in, you will land on the login page of the social network you clicked on and you will no longer be on the pages of tuev-nord.de. If you are logged in, the information that you would like to recommend the respective article will be transmitted.
By activating the button, the social network also receives the information that and when you have accessed the corresponding page of our website, as well as, for example, your IP address, details of the browser used and the language settings. If you click on the button, your click will be transmitted to the social network and used in accordance with its data usage guidelines. The purpose and scope of the data collection and the further processing and use of the data by the respective social network as well as your rights in this regard and setting options to protect your privacy can be found in the information:
for Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, US
6.12.1 Legal basis
Our social media presences are intended to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).
6.12.2 Controller and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can assert your rights (information, rectification, erasure, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. Facebook).
Please note that, despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely determined by the company policy of the respective provider.
6.12.3 Storage duration
The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for its storage no longer applies, you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your
your device until you delete them. Mandatory statutory provisions - in particular retention periods - remain unaffected.
We have no influence on the storage period of your data that is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly.
6.12.4 Social networks in detail
We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the data collected is also transferred to the USA and other third countries.
You can customise your advertising settings yourself in your user account. To do this, click on the following link and log in: www.facebook.com/settings.
Details can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/.
We use the short message service Twitter. The provider is Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
You can adjust your Twitter data protection settings yourself in your user account. To do this, click on the following link and log in: twitter.com/personalisation.
Details can be found in Twitter's privacy policy: https://twitter.com/de/privacy.
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
If you wish to deactivate LinkedIn advertising cookies, please use the following link: www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Details on how they handle your personal data can be found in LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.
Functions of the Instagram service are integrated on this website. These functions are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA.
If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to this website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram.
The data is stored and analysed on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in maximising our visibility on social media. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
Further information on this can be found in Instagram's privacy policy: https://instagram.com/about/legal/privacy/.
You can contact us in various ways on our website: using our contact form, subscribing to a newsletter, requesting an offer, requesting product information, etc. If you use this option, the data entered in the input mask will be transmitted to us and stored.
In addition to the specific input mask data, the IP address and the date and time of the request are collected and stored. By sending the data, you are deemed to give your consent for its processing.
Alternatively, you can contact us by email. The user's personal data transmitted by email will then be stored.
In this context, the data will not be passed on to third parties, unless this is necessary to process the query. In any case, the data will only be used to process the conversation.
The processing of personal data, where the user has given their consent, is based on Article 6 (1) (a) of the GDPR. The processing of personal data transmitted in the course of sending an email is based on Article 6 (1) (f) of the GDPR. If the objective of contacting us by email is to conclude a contract, the additional legal basis for processing is Article 6 (1) (b) of the GDPR.
The sole purpose of the processing of the personal data from the input mask is to handle your request. If you contact us by email, we also have a necessary legitimate interest in processing the data.
The other personal data processed as part of the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
If you have subscribed to a newsletter, requested product information or an offer, we reserve the right to store the data for two years in order to measure the profitability of our sales and marketing. Otherwise, we will erase the data as soon as it is no longer required to achieve the purpose for which it was collected. In respect of the personal data from the input mask of the contact form and that sent by email, the erasure takes place when the respective conversation with the user has ended. The conversation is considered to have ended when it can be inferred from the circumstances that the matter in question has been fully resolved.
The additional personal data collected as part of the sending process is erased after a period of seven days at the latest.
The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. For this purpose, a corresponding link is contained in each newsletter. The conversation can then no longer be continued. If this is the case, all personal data stored in the course of contacting us will be erased.
8.1 Description and scope of data processing
We collect and use the contact person, telephone number and postal address in addition to the business partner or potential business partner in order to provide support, advice and advertising for corporate customers. We receive the information from various sources, either through an enquiry (website, email or telephone), but also via events, trade fairs, business cards that our sales staff receive, etc.
The data is not passed on to third parties in this context. The data is used exclusively for the stated purposes.
8.2 Legal basis for data processing
The legal basis for the processing of the data is our legitimate interest in data processing. If the contact is aimed at the conclusion of a contract, the additional legal basis for the processing is the business initiation relationship or contractual relationship.
8.3 Purpose of data processing
We use this contact data exclusively for our own purposes and to customise our own sales activities.
8.4 Duration of storage
However, if our sales department has had no contact with the company contact within 15 months, the sales department will decide whether the contact person of the company contact will be deleted. If the contact is a pre-contractual relationship (offer, enquiry), the transmitted data will also be stored in our Customer Relationship Management (CRM) system.
8.5 Right of objection and cancellation
The company contact has the option to object to the processing of their personal data at any time. In this case, all personal data of the contact person that has been stored for the business partner will be deleted.
If you send us enquiries using the contact form, your details from the enquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.
The processing of this data is based on Article 6 (1) (b) of the GDPR, insofar as your request is related to the performance of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Article 6 (1) (f) of the GDPR) or on your consent (Article 6 (1) (a) GDPR) if your consent has been requested.
The data you enter in the contact form will remain stored by us until you ask us to erase it, revoke your consent to storage or the purpose of data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions, in particular retention periods, remain unaffected.
Enquiry by email, phone or fax
If you contact us by email, telephone or fax, your enquiry, including all personal data resulting from it (name, enquiry), will be stored and processed by us for the purpose of handling your request. We do not pass on this data without your consent.
The processing of this data is based on Article 6 (1) (b) of the GDPR, insofar as your request is related to the performance of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Article 6 (1) (f) of the GDPR) or on your consent (Article 6 (1) (a) GDPR) if your consent has been requested.
The data you send to us using the contact form will remain stored by us until you ask us to erase it, revoke your consent to storage or the purpose of data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions, in particular statutory retention periods, remain unaffected.
For the comment function on this website, in addition to your comment itself, information on the time the comment was written, your email address and the username you have chosen (unless you post anonymously) will be stored.
Storage of the IP address
The comment function stores the IP addresses of the users who post comments. Since we do not check comments on this website before they are published, we require this data in order to take action against the author in the event of legal violations such as abuse or propaganda.
For the purpose of managing user accounts and optimising and automating sales processes, some of our European subsidiaries use Sales Cloud, a cloud-based application from Salesforce.com. Inc, The Landmark @ One Market, Suite 300, San Francisco, CA 94105 (hereinafter: "Salesforce"). In this context, your user master data is processed, for example, to enable logging in with your Accord login (username and password) and to manage your communication settings. In addition, Salesforce uses pixel tags and cookies (see Section 4) to implement tracking measures and collect statistical information (e.g. the type, frequency and intensity of the use of the website) as well as the history of the web pages, offers and products accessed. In addition to a general statistical analysis, the information collected is stored in your Salesforce user account in order to optimise our sales processes based on your actual or perceived interests
You can prevent tracking by Salesforce by clicking on this link. An opt-out cookie is placed, thus preventing the future collection of your data when you visit this website. The opt-out cookie is only valid in the specific browser, only for our website and is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again.
Further information on data protection in connection with Salesforce can be found in the Salesforce Privacy Policy.
Salesforce is used in accordance with Article 6 (1) (f) of the GDPR due to our legitimate economic interest in optimising our sales activities and managing user accounts. These interests are to be regarded as legitimate within the meaning of the aforementioned regulation.
Users can find further information in the Salesforce Privacy Policy available at: https://www.salesforce.com/de/company/privacy/.
Some of our web pages are optimised for mobile devices using AMP. These download a JavaScript file from the server cdn.ampproject.org. This file is integrated by a server call, usually a Google server in the USA. As a result, your IP address may be stored and analysed by Google. You can find more information in Google's privacy policy, which you can access here: https://policies.google.com/privacy?hl=de
You can apply online via the TÜV NORD online application portal. Your online application will be forwarded directly to our HR Department via an encrypted connection and will, of course, be treated confidentially. Applications are only to be sent in via the application portal. Should you nevertheless apply to us by email, we wish to expressly point out that sending unencrypted emails or email attachments is not secure.
Your details will be used to process your application and to make a decision about establishing an employment relationship. This is based on Section 26 (1) in conjunction with Section (8) sentence 2 of the Federal Data Protection Act. Furthermore, your personal data may be processed insofar as this is necessary for the purpose of defence against legal claims asserted against us and arising from the application process. This is based on Article 6 (1) (f) of the GDPR. We have a legitimate interest in the stated purposes.
Insofar as an employment relationship is established between you and us, we may process the personal data previously received from you for the purposes of the employment relationship in accordance with Section 26 (1) of the Federal Data Protection Act, if this is necessary for the implementation or termination of the employment relationship or for the exercise of or compliance with the rights and obligations of the employee representatives arising from a law, a collective agreement or an employer/works council agreement.
Your application data will not be processed beyond the scope of the use described above.
Once the application process has been completed, your personal data will be erased after 6 months at the latest, provided that its erasure is not precluded by any other legitimate interests on our part or unless you have consented to longer storage. Other legitimate interest in this respect is, for example, the burden of proof in proceedings under the General Equal Treatment Act (AGG).
Protecting the information you give us or that we receive about you is a priority for us. We take appropriate security measures to protect your data from loss, misuse and unauthorised access, alteration, disclosure or destruction. TÜV NORD AG has taken measures to ensure the ongoing confidentiality, integrity, availability and resilience of systems and services that process personal data and will restore the availability and access to information in a timely manner in the event of a physical or technical incident.
If your personal data is processed, you are a data subject within the meaning of the GDPR and, after successful identification, you may exercise the following rights against us:
Insofar as parts of the website are also offered in languages other than German, this is exclusively a service aimed at employees, customers and interested parties of the TÜV NORD GROUP who do not speak German.
This data protection notice only covers the processing of the website. Other websites are not covered by this data protection notice and provide their own specific data protection notices.
If you are not satisfied with the data protection measures described here or if you have any questions regarding the collection, processing and/or use of your personal data, please contact us. We will answer your questions as quickly as possible and endeavour to implement your suggestions. Please address your data protection issues to privacy@tuev-nord.de.
This Privacy Policy will be updated with future effect in the event of new legal requirements or significant changes to the functionality of our website. We therefore recommend that you read our Privacy Policy at regular intervals. In the event that we make any material changes, we will clearly indicate it in this section.