Data Protection Statement
AMG Mining GmbH appreciates your interest in our company and our products and services.
In the following Data Protection Statement, we would like to inform you of which personal data we collect, process and, if applicable, transfer, as well as the scope and purpose thereof, when you visit our website. This also applies to the services and offers accessible via the website.
Where this website contains links to the external sites of other providers, you leave our website when you follow these links. The providers of these linked sites, not AMG Mining GmbH, are solely responsible for compliance with legal data protection provisions on them.
Data protection principles of AMG Mining GmbH
The protection of your privacy and the security of all commercial data are very important to us and we take them into consideration in our business processes. Data protection and information security are part of our company policy.
We place great importance on protecting your personal data and only process it in compliance with the laws and regulations of the Federal Republic of Germany and superordinate European legislation, including the EU General Data Protection Regulation (GDPR). Your personal data is processed within the scope described below for the purposes explained. This means that we only use your personal data if this is explicitly permitted by data protection laws or you have already given us explicit consent.
Definition of terms
The EU General Data Protection Regulation uses specific terms, which are defined in Article 4, e.g. personal data, processing, pseudonymisation, controllers, processors, recipients, third parties and consent.
Name and contact details of the controller
This website is operated jointly by AMG Mining GmbH, GK Kropfmühl GmbH, Graphit Kropfmühl Besucherbergwerk gGmbH and RW Silicium GmbH (joint controllers within the meaning of Art. 26 DSGVO).
GK Kropfmühl GmbH assumes all obligations of the basic data protection ordinance and other national data protection laws of the member states as well as other data protection regulations. This applies in particular to the exercise of the data subject's rights and the obligation to provide information in accordance with Articles 13 and 14. Without prejudice to this, you may assert your rights as data subject against any of the data controllers.
Name and address of the data protection officer
The controller’s data protection officer is:
Dr. Eddie Kohfeldt
Tel.: 08586 609-0
General information on the processing of personal data
Scope of the processing
In principle, we only process our users’ personal data when it is necessary to do so in order to provide a functioning website and for the content and services we offer. Personal data is only processed on the basis of currently applicable legal foundations.
Purposes of the processing
The purposes of the processing of personal data lie in conducting the business of the AMG Mining GmbH & German AMG group companies and all associated secondary business.
Legal basis for the processing
- The legal basis for processing personal data that is necessary for the performance of a contract to which the data subject is party is Article 6 (1)(b) GDPR. This also applies for processing operations that are necessary for the implementation of pre-contractual measures.
- If the processing is necessary for the protection of the legitimate interests of our company or a third party and such interests are not overridden by the interests or fundamental rights and freedoms of the data subject, Article 6 (1)(f) GDPR forms the legal basis for the processing.
- When we obtain consent for processing operations for personal data from the data subject, Article 6 (1)(a) GDPR forms the legal basis.
- When the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Article 6 (1)(c) GDPR forms the legal basis.
- In the event that the processing of personal data is necessary in order to protect the vital interests of the data subject or of another natural person, Article 6 (1)(d) GDPR forms the legal basis.
Statutory or contractual duties to provide personal data
There may be statutory or contractual requirements for you to provide personal data under certain circumstances, or it may be necessary to do so in order to enter into a contract.
In particular, you may be obliged to provide personal data to us when entering into contracts. Failure to provide the personal data could mean it is not possible to enter into the contract with you.
Transfer of personal data
We only share your personal data with third parties when
- it is necessary for the performance of an existing contract with you.
- it is necessary for the protection of our legitimate interests or those of a third party, unless such interests are overridden by your (the data subject’s) interests or fundamental rights and freedoms requiring the protection of personal data.
- we are legally required to do so.
- it is necessary for the enforcement of our claims and rights.
- we receive requests from official institutions (e.g. supervisory authorities or law enforcement authorities, when transfer is necessary for the prevention of threats to public security and order and the prosecution of criminal offences).
However, in the case of such transfer, the personal data may only be used for the purpose concerned.
Involvement of external service providers
Like most other companies, we are not specialists in everything. We therefore use service providers to support us in some areas of our business activity, e.g.
- IT service providers to maintain our infrastructure
- IT developers to develop our applications
- computer centres to securely run our services
- agencies and printers to send out email information or printed information
We have entered into the legally required contracts on processing that specifically state what the service provider may do with which data. In particular, transfer to third parties is also excluded here. In these contracts, service providers are placed under obligation to comply with the applicable data protection provisions.
Data erasure and storage period
Personal data will be erased or made unavailable as soon as the purpose of storage ceases to apply. Storage can also be carried out if this is provided for by the European or national legislator in Union regulations, laws or other rules to which the controller is subject. Data will also be blocked or erased if a storage period prescribed by the aforementioned standards lapses, unless continued storage of the data is necessary.
Operation of the website and creation of log files
In principle, you can visit our website without registering or logging in. When you visit our website, data is collected by the web server for the transfer of data (information on the system of the computer used) and sometimes stored in log files on the web server. This data is so-called “usage data”.
In principle, cookies are not bad; they actually enable user interaction and other useful things when visiting websites. Cookies do not damage your computer or contain viruses.
On our website there is a email address that can be used to contact us electronically. If you choose this option, data will be transferred to us and stored.
Using our online shop
On our website we run an online shop . When purchasing goods in our online shop, you have the option of either to buy as a visitor or registering with us using an online account.
Use of third-party providers’ add-ons
Currently we do not use any third-party extensions (social media, analytics tools, marketing tools, etc.).
The links to social media on our site are not integrated via so-called plugins. The integrated graphics with the provider's logo only contain an HTTP link to our pages at the respective provider. When you visit our website, no direct connection is established with the servers of the providers.
When you make an application online
You have the option to make an application via our website. We solely process the personal data that you send us during an online application to carry out the application process.
Your rights as a data subject
If your personal data is processed, you are a data subject in accordance with GDPR and you have the following rights against the controller:
Right of information
You can request confirmation from us on whether and which personal data concerning you will be processed by us .
Right to rectification
You have a right to rectification and/or completion if the processed personal data concerning you is incorrect or incomplete.
Right to erasure (“Right to be forgotten”)
You can request the personal data concerning you to be erased immediately and the controller is obliged to erase this data immediately where certain grounds apply.
Right to restriction of processing
Under certain circumstances, you can request restriction of processing of personal data concerning you (e.g. by making it unavailable for use or temporarily removing it from the website, if it is published there).
Right to information
If you have enforced the right to rectification, erasure or restriction of processing, the controller is obliged to inform all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing.
Right to data portability
You have the right to receive personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format.
Right to object
You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you that is performed in accordance with Article 6 (1)(e) or (f) GDPR.
Right to withdraw the legal data protection declaration of consent
You have the right to withdraw your legal data protection declaration of consent at any time. The withdrawal of consent will not affect the lawfulness of processing carried out based on the consent prior to withdrawal.
Automated decision-making including profiling
You have the right not to be subject to a decision based solely on automated processing - including profiling - which produces legal effects concerning you or similar significantly affects you.
Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority.
Changes to the data protection declaration
We reserve the right to adapt this data protection declaration when new services are introduced or changed so that it always complies with current legal requirements. When you return to our website, the current version will apply.
Kropfmühl, 11th September 2018