As an European organization, ENGDC complies with the requirements of the General Data Protection Regulation (GDPR).

(1) The protection of your personal data is a high priority for us and is taken into account by us. The following data protection information provides you with an overview of how we process your personal data. Personal data means any information relating to an identified or identifiable natural person.

(2) In the following, we will inform you about the type, scope and purpose of the collection of personal data and how we handle this data. In addition, you will learn what rights you have with regard to the processing of your personal data.

You can reach our data protection officer at E-mail: info@engdc.org

(3) When you contact us by e-mail or via a contact form, the data you provide (such as your e-mail address, name and telephone number) will be stored by us in order to answer your questions. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations. The legal basis for the processing of data transmitted in the course of an e-mail is Art. 6 (1) lit. f GDPR.

If the e-mail contact is aimed at concluding a contract, the additional legal basis for processing the data is Art. 6 (1) lit. b GDPR.

(4) If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. In doing so, we will also state the defined criteria for the storage period.

(1) With regard to the personal data concerning you, you have the following rights towards us:

Right to information according to Art. 15 GDPR,

Right to correction or deletion according to Art. 16 and Art. 17 GDPR,

Right to restriction of processing according to Art. 18 GDPR,

Right to object to processing according to Art. 21 GDPR,

Right to data portability according to Art. 20 GDPR.

(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

(1) In the case of mere informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR):

IP address

Date and time of the request

Time zone difference to Greenwich Mean Time (GMT)

Content of the request (specific page)

Access status/HTTP status code

Amount of data transferred in each case

Website from which the request comes

Browser

Operating system and its interface

Language and version of the browser software

The log files are deleted after one month. Storage beyond this period does not take place. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

In addition to the previously mentioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website as a whole more user-friendly and effective.

Our website uses the following types of cookies, the scope and functionality of which are explained below:

Session cookies

Session cookies are automatically deleted when you close the browser. They store a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.

Permanent cookies

Permanent cookies are deleted automatically after a specified period of time, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

We use cookies to identify you for subsequent visits if you have an account with us. Otherwise, you would have to log in again for each visit.

In the context of the use of certain listed tools, your personal data will be transferred in compliance with the requirements of Art. 44 et seq. GDPR, your personal data will also be transferred to a third country. Please note that there is no adequacy decision between the EU and the USA.

Despite these contractual and technical measures, it may happen that the level of data protection in the third country does not correspond to that in the European Union. Above all, there is a risk, especially in the case of a data transfer to the USA, that your personal data could possibly be processed by authorities for control and monitoring purposes, even without sufficient legal remedies, without us as the data exporter or you as the data subject being aware of this.

We offer you the opportunity to apply for a job with us. In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with the principles of the GDPR and all other legal provisions and that your data will be treated as strictly confidential.

If you apply to us, we require some information about you for this purpose. The following application data will be collected and processed:

Salutation

Last name, first name

E-mail address

Address

Telephone/mobile number

Dates of birth

Upload attachments for application documents (e.g. cover letter, resume, references)

As part of the selection process, incoming applications are viewed, queries are made if necessary, using the above-mentioned information, invitations to interviews are sent and further personal data is collected in interviews as part of the selection process in order to make a decision.

The legal basis for the processing of this data is Article 88 (1) GDPR. The purpose of collecting and processing your data is the handling of the application procedure.

The transmitted data will be deleted after the application process has ended. If no employment relationship is established following the application process, the application documents will be deleted six months after notification of the rejection decision. If your application is followed by the conclusion of an employment contract, your data will be stored and used in compliance with the relevant legal regulations.

Your personal data as part of the application process will be transferred to our service provider as part of order processing:

(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. For this purpose, you usually have to provide further personal data, which we use to provide the respective service and for which the aforementioned data processing principles apply.

(2) In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored.

(3) Furthermore, we may pass on your personal data to third parties if contracts or similar services are offered by us together with partners. You will receive more detailed information on this when you provide your personal data or in the description of the offer below.

(4) If our service providers or partners are located in a country outside the European Economic Area (EEA), we will inform you about the consequences of this circumstance in the description of the offer.

(1) If you have given your consent to the processing of your data, you may revoke it. Such revocation affects the permissibility of the processing of your personal data after you have expressed it to us.

(2) Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if the processing is not necessary, in particular, for the performance of a contract with you, which is shown by us in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will review the situation and either discontinue or adjust the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.

(3) Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time.

In our blog, where we publish various posts on topics related to our activities, you can make public comments. Your comment will be published with your specified username with the post. We recommend using a pseudonym instead of your real name. You are required to provide your username and e-mail address; all other information is voluntary. If you post a comment, we will continue to store your IP address, which we will delete after one week. The storage is necessary for us to be able to defend ourselves against liability claims in cases of possible publication of illegal content. We need your e-mail address to contact you if a third party objects to your comment as unlawful.

Legal bases are Art. 6 para. 1 p. 1 lit. a and lit. f GDPR. The comments are not checked before publication. We reserve the right to delete comments if they are objected to by third parties as unlawful.

When writing your comment, you can tick our e-mail service. This will inform you when other users leave a comment on the post. For this service we use the so-called double opt-in procedure, i.e. you will receive an e-mail in which you must confirm that you are the owner of this e-mail address and wish to receive the notifications. You can unsubscribe from unsubscribe from the notifications at any time by clicking on the link contained in the e-mail. Your personal data, including email address, your times of registration for the service and your IP address will be stored by us until you unsubscribe from the notice service.

(1) If you order as a user in our webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need for the processing of your order. Mandatory data required for the processing of contracts are marked separately, other data are voluntary. We pass on the data you provide to our order processor for invoice processing in order to process your order. The legal basis for this is Art. 6 para. 1 p. 1 lit. b GDPR.

We may also process the data you provide to inform you about other products from our portfolio or to send you emails with technical information.

We are obliged by commercial and tax law to store your address, payment and order data for a period of ten years. However, we restrict processing after two years, i.e. your data is only used to comply with legal obligations.

To prevent unauthorized access by third parties to your personal data, the ordering process is encrypted using SSL or equivalent TLS technology.

(2) We also operate the Navigator product database, in which manufacturers can post their products and services in order to inform planners, builders or other interested parties about them. We only mediate the contact between buyer and seller/contractor and client. The actual business takes place outside our sphere of influence.

If your registration is made via the registration form of the website and your confirmation in this regard is not made within 24 hours, your registration will be automatically deleted from our database.

For the duration of the user contract, we store the aforementioned personal data. Manufacturers can terminate the user contract with a notice period of 6 months to the end of the respective calendar year (Section 6.1 of the GTC of the user contract with manufacturers). Due to commercial and tax law requirements, we are obliged to store the address and contract data of the manufacturers for a period of 10 years. However, we restrict processing after 2 years, which means that the manufacturers' data is only used to comply with legal obligations.

We do not pass on your personal data to third parties. Unless, in exceptional cases, we are given permission to do so.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b and lit. f GDPR.

To prevent unauthorized access to your personal data by third parties, the connection is encrypted using SSL or equivalent TLS technology.