Information on data protection -
For customers and interested parties

The protection of your personal rights in the processing of personal data is an important concern for the companies of the MAN Energy Solutions Group (hereinafter "MAN ES"). With the following information we would like to give you an overview of the processing of your personal data by us and your data protection rights.  

Which data is processed in detail and how it is used depends largely on your individual interests and the contractual services agreed upon. Therefore, not all parts of this information will apply to you.

 

Who is responsible for data processing and who can I contact?

Responsible is

MAN Energy Solutions SE
represented by the Executive Board

Stadtbachstrasse 1
86153 Augsburg, Germany

Phone: +49 821 322-0
Fax: +49 821 322-4240

If another MAN Energy Solutions Group company alone or jointly with others decides on the purposes and means of processing personal data, this company shall (also) be responsible.

 

If you have any questions about this information, you can also contact our data protection officer:

 

Data Protection Officer
MAN Energy Solutions SE
Human Resources

Stadtbachstrasse 1
86153 Augsburg, Germany

E-mail: dataprotection@man-es.com

 

What sources and data do we use?

We process personal data, which we receive from you as a customer or prospective customer within the scope of our business relationship. In addition, we process - to the extent necessary for the provision of our services - personal data which we permissibly obtain from publicly accessible sources (e.g. commercial register, press, Internet) or which is transmitted to us by other companies of the MAN Group or by other third parties (e.g. a credit reference agency).

Relevant personal data may include

  • Identification data (e.g. contact, contracting party and work organization data, pictures, signature),
  • Legitimation and authentication data, where required by law or regulation (e.g. to combat money laundering, terrorist financing),
  • Data on the use of IT systems (e.g. IP addresses, log files, log data, access / account data for web services and apps),
  • Usage data with guarantee, warranty, product liability and data for safe plant operation as well as position data (if person-related)

and other data comparable with those categories. As a rule, your personal data will be collected directly from you within the framework of the existing or incipient contractual relationship.

 

For what purposes and on what legal basis will your data be processed?

We process personal data in accordance with the provisions of the European Data Protection Ordinance (GDPR) and the legal provisions of the country in which the office responsible for data processing is located,

  1. to fulfil pre-contractual and contractual obligations and to initiate contracts (Art. 6 para. 1 lit. b GDPR):
    • Offer preparation (e.g. product offers, service offers, financing offers or rental offers),
    • Order processing (e.g. completion of order forms, payment transactions, payment options, delivery and delivery conditions, compliance with legal obligations, invoicing, bookkeeping and auditing, internal cost and performance accounting, controlling as well as the implementation of receivables management / dunning),
    • Delivery of the product (e.g. plant handover and commissioning)
    • Training of the product.

  2. as part of the balancing of interests (Art. 6 para. 1 lit. f GDPR). If necessary, we process your data beyond the actual fulfilment of the contract to protect the legitimate interests of us or third parties (e.g. customer care and improvement of the customer relationship and the products, contract-related advertising, prevention of fraud and payment defaults):
    • Market analysis and identification of new customers (e.g. preparation of market analyses, trade fair presence, Internet presence, customer events, competitions and other promotional activities),
    • Reporting (e.g. for data quality, control and planning purposes), reporting and planning of sales figures,
    • Optimisation of production processes and system quality by collection of system data (e.g. Plausibility check and determination of key figures for consumption and wear reduction, collection of service and maintenance data as well as error codes for error diagnosis and error prevention, evaluation of engine data for compliance with warranty obligations, product liability, analysis of plant data for quality improvement of plant functions, product and service optimization),
    • After Sales Marketing (e.g. product and service training, provision of applications, EDP programs and apps),
    • Planning and execution of service orders (e.g. through online appointments).

  3. on the basis of your consent (Art. 6 para. 1 lit. a GDPR):
    Marketing communication (e.g. dispatch of magazines, newsletters, product brochures, provision of apps).

  4. for the fulfilment of legal obligations (Art. 6 para. 1 lit. c GDPR):
    • compliance with storage obligations, ensuring compliance requirements through audit actions (e.g. sanctions list audit, money laundering),
    • operation of an internal control system (ICS) and other monitoring systems to ensure the correctness of business processes.

Further details on the data processing purposes can be found in the individual contract documents and terms and conditions.

Right of objection

If we process your data for the purpose of direct marketing, you may object to this processing. Your personal data will then no longer be used for these purposes.

If we process your data to safeguard legitimate interests, you may object to this processing if your particular situation gives rise to reasons that speak against data processing.

The objection can be made without form and should be addressed to the above address.

 

Mandatory disclosures pursuant to Art. 13 para. 2 lit. e) GDPR

You must provide the controller with the personal data required for the execution of the contractual relationship. Without this provision, MAN ES shall not be able to fulfil its statutory obligations and enter into the contractual relationship.

 

To which recipients or categories of recipients do we pass on your data within the scope of this processing activity?

In certain cases, your personal data may also be passed on to other parties:

  • If the disclosure of your personal data is necessary for the execution or initiation of the contractual relationship, such as in the financing of the contractual object, in joint order processing with project-related partners (such as component manufacturers) or for training purposes.
  • We also pass on your personal data to service providers commissioned by us within the scope of order processing (e.g. organisation of trade fair events, conducting customer satisfaction surveys, sending e-mail newsletters, hosting and operating CRM systems).
  • Your master data and contact details are passed on in a central database (this database can also be accessed by other Volkswagen Group companies) to ensure a uniform and up-to-date database and for credit checks.
  • If you have given your consent, we may also pass on your master and contact data as well as the offer and order data to the relevant PrimeServ service units for customer support purposes, such as the preparation of plant-specific service offers or regional on-site support, and to the corresponding companies of the Volkswagen Group for the preparation of financing offers.
  • When we are required to disclose your personal data to comply with national laws, e.g. transfer to tax authorities, courts, auditors.

 

How do we transfer data outside Europe?

Data protection agreements have been concluded with all data-receiving companies of the MAN and Volkswagen Group in order to ensure a high level of data protection.

If we transfer personal data to affiliated companies or service providers outside the European Economic Area (EEA), the transfer will only take place if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if other appropriate and sufficient data protection guarantees (e.g. EU standard contract clauses or certification according to the EU/US Privacy Shield) are in place.

 

How long do we store your data?

In principle, we delete your personal data as soon as they are no longer required for the above-mentioned purposes. Your personal data will be stored as long as we are legally obliged to do so, or as long as statutory limitation periods apply. This regularly results from legal obligations to provide evidence and to retain records, which are regulated by the German Civil Code (BGB), the German Commercial Code (HGB) or the German Tax Code (AO). In addition, storage shall take place if further legal or contractual storage obligations exist, e.g. in connection with product liability.

 

What data protection rights do you have?

In addition to the right of information about the data concerning you and correction of your data, you also have the right to deletion and a right of objection against the processing or the right to restrict the processing of your data, insofar as there are no statutory provisions to the contrary. You also have the right to data transfer.

If we collect and process your personal data on the basis of your consent, you also have the right to revoke the consent you have given with effect for the future. Your revocation does not affect the legality of the data processing carried out on the basis of your consent up to the time of revocation.

If necessary, we must verify your identity before we can process your requests.

Should incorrect information be stored despite our efforts to ensure that the data is correct and up-to-date, we will correct it after giving you the appropriate notice.

In the event of complaints, it is possible to contact a data protection supervisory authority.

 

Automated decision making

There is no automated decision-making pursuant to Art. 22 para. 1, 4 GDPR.

 

Security and confidentiality

MAN ES protects your data with technical and organizational security measures to prevent accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security measures, such as data encryption, are regularly improved in line with technological developments. Furthermore, MAN ES employees are obliged to maintain confidentiality with regard to the handling of personal data.

___________________________________

Status of this information: June 2019

We will notify you again if relevant changes are made to this information.