Data Protection

We know how to treasure your trust and use utmost care and highest security standards to protect your personal data against unauthorised access. The processing of the personal data on our website takes place in accordance with the regulations of the Federal Data Protection Act (BDSG) valid till 24.05.2018, the German Telemedia Act (TMG) and the General Data Protection Regulation (GDPR) valid from 25.05.2018.

Responsible authority
Responsible authority within the meaning of the BDSG or the GDPR is

NPR of Europe GmbH
Siemensstr. 56
70825 Korntal-Münchingen

Telephone: +49 7150 9163 0
E-Mail: info@npr-europe.com

Data processing on our website
When you visit our website, the webserver temporarily saves each access in a log file. Following data is recorded and saved till the automatic erasure:

  • P address of the requesting computer
  • Date and time of the access
  • Name and URL of the requested file
  • transmitted data volume
  • Message whether the request was successful
  • Identification data of the used browser and operating system.

This data is processed for the purpose of enabling the use of the website (link connection), for the system security, the technical administration, the network infrastructure as well as for the optimisation of the internet offer. We cannot assign this data to definite persons. This data is not combined with the other data sources; in addition, the data is erased after a statistical evaluation.

Under the GDPR, the legal basis for the data processing is § 15 para.(1) TMG.

Collection, processing and use of the personal data
During the data processing, your interests worth being protected are always taken into consideration as per the legal specifications. Personal data is collected only if you have voluntarily shared it within the framework of contact (e.g. your name, your email address or your address). We use the data shared by you without your separate consent exclusively to answer your queries. After your questions have been answered, your data will be blocked for further use, unless you have expressly consented to the further use of your data.

Under the GDPR, the legal basis for data processing is Article 6 (1) sentence 1 lit. b) GDPR.

Fulfilment of the information obligation according to the BDSG
According to BDSG, you have, upon request, a right to free information about your stored personal data as well as a right to rectification, blocking or erasure of this data.

Fulfilment of the information obligation according to the GDPR:
Under application of the GDPR, you are entitled for the following rights of the individual affected, provided that its preconditions are present:

  • Right to information about your data stored with us as per art. 15 GDPR,
  • Right to rectification of incorrect data according to art. 16 GDPR,
  • Right to erasure of your data stored with us as per art. 17 GDPR,
  • Right to restriction of the processing of your data stored with us according to art. 18 GDPR,
  • Right to data transmission according to art. 20 GDPR,
  • Right to file an objection with responsible supervisory authority according to art. 77 GDPR if according to you the processing of the personal data concerned with you violates the regulations of the GDPR.

In case of queries regarding collection, processing or use of your personal data, in case of information, rectification, blocking or erasure of data, please contact:

E-Mail: info@npr-europe.com

Privacy policy for online meetings, conference calls and webinars via “Zoom”

We would like to inform you in the following about the processing of personal data in connection with the use of “Zoom”.

Purpose of the processing
We use the “Zoom” tool to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter referred to as “online meetings”). “Zoom” is a service of Zoom Video Communications, Inc. which is based in the USA.

Responsible
NPR of Europe GmbH is responsible for data processing directly related to the holding of “online meetings”.
Note: If you load the Internet site of “Zoom”, the provider of “Zoom” is responsible for data processing. However, loading the Internet site is only necessary for the use of “Zoom” in order to download the software for the use of “Zoom”.
You can also use “Zoom” if you enter the respective meeting ID and, if necessary, additional access data for the meeting directly in the “Zoom” app.
If you do not want to or cannot use the “Zoom” app, the basic functions can also be used via a browser version, which you can also find on the “Zoom” website.

What data is processed?
When using “Zoom”, different types of data are processed. The scope of the data also depends on the information you provide before or during participation in an “online meeting”.

The following personal data are subject to processing:

  • User information: First name, last name, phone (optional), email address, password (if “single-sign-on” is not used), profile picture (optional), department (optional),
  • Meeting metadata: Topic, description (optional), participant IP addresses, device/hardware information,
  • For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat,
  • When dialling in by telephone: Information on incoming and outgoing telephone numbers, country name, start and end time. If necessary, further connection data such as the IP address of the device can be saved,
  • Text, audio and video data: You may be able to use the chat, question or survey functions in an “online meeting”. To this extent, the text entries you make are processed in order to display and, if necessary, log them in the “online meeting”. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the device are processed for the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time using the “Zoom” applications,
  • In order to participate in an “online meeting” or to enter the “meeting room”, you must at least provide information about your name.

Scope of processing
We use “zoom” to conduct “online meetings”. If we want to record “online meetings”, we will inform you transparently in advance and – if necessary – ask for your consent. If recording is taking place, this will also be displayed in the “Zoom” app.
If necessary for the purposes of logging the results of an online meeting, we will log the chat content. However, this will usually not be the case.
In the case of webinars, we can also process the questions asked by webinar participants for the purposes of recording and following up webinars.
If you are registered as a user at “Zoom”, reports on “online meetings” (meeting metadata, phone dial-in data, questions and answers in webinars, survey function in webinars) can be stored for up to one month at “Zoom”.
Automated decision-making within the meaning of Article 22 GDPR is not used.

Legal basis of the data processing
If personal data are processed by employees of NPR of Europe GmbH, § 26 BDSG is the legal basis for data processing. If, in connection with the use of “Zoom”, personal data are not required for the establishment, execution or termination of the employment relationship, but are nevertheless an elementary component in the use of “Zoom”, Art. 6 Para. 1 letter f) GDPR is the legal basis for the data processing. In these cases, we are interested in the effective execution of “online meetings”.
In addition, the legal basis for data processing in connection with “online meetings” is Art. 6 Para. 1 letter b) GDPR, insofar as the meetings are held within the framework of contractual relationships.
If there is no contractual relationship, the legal basis is Art. 6 Para. 1 letter f) GDPR. Here too, we are interested in the effective conduct of “online meetings”.

Receiver / Forwarding of data
Personal data that is processed in connection with participation in “online meetings” is generally not passed on to third parties unless it is specifically intended for disclosure. Please note that content from “online meetings” as well as personal meetings are often used to communicate information with customers, interested parties or third parties and are therefore intended for disclosure.
Other recipients: The provider of “Zoom” necessarily obtains knowledge of the above-mentioned data, insofar as this is provided for in our contract processing agreement with “Zoom”.

Data processing outside the European Union
“Zoom” is a service rendered by a provider from the USA. The processing of personal data therefore also takes place in a third country. We have concluded an order processing contract with the provider of “Zoom” which meets the requirements of Art. 28 GDPR.
An adequate level of data protection is guaranteed, on the one hand, by the “Privacy Shield” certification of Zoom Video Communications, Inc. and, on the other, by the conclusion of the so-called EU standard contract clauses.

Data Protection Officer
We have appointed a Data Protection Officer.
You can reach them as follows: dataprotection@npr-europe.com

Your rights as a data subject
You have the right to access any personal data concerning you. You can contact us for information at any time.
In the case of a request for information that is not made in writing, we ask for your understanding that we may require you to provide evidence that proves that you are the person you claim to be.
Furthermore, you have the right to correction or deletion or to restriction of processing, as far as you are legally entitled to do so.
Finally, you have the right to object to the processing within the framework of the legal requirements.
There is also a right to data transferability within the framework of data protection regulations.

Deletion of data
We generally delete personal data when there is no need for further storage. A need can exist in particular if the data is still needed to fulfil contractual services, to check and grant or reject warranties and, if applicable, guarantee claims. In the case of statutory storage obligations, deletion shall only be considered after the expiry of the respective storage obligation.

Data protection information for online meetings, telephone conferences and webinars via “Jitsi Meet” of NPR of Europe GmbH
We would like to inform you in the following about the processing of personal data in connection with the use of “Jitsi Meet” (hereinafter: “Jitsi”).

Purpose of the processing
We use the “Jitsi” tool to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter referred to as “online meetings”). “Jitsi” is an open-source software for online meetings, which we have installed and operate on our own server.

Responsible
NPR of Europe GmbH is responsible for data processing directly related to the holding of “online meetings”.

What data is processed?
When using “Jitsi”, different types of data are processed. If you participate in a “Jitsi” meeting, you will be asked for your name at the beginning of the meeting. This name is processed for the duration of your participation in the online meeting and then deleted.
Any audio, video or chat content is also only processed during the respective online meeting.

The following data are processed for technical operation:

The following personal data are subject to processing:
IP address: To be able to conduct the online meeting, the IP address used by your device must be processed. The logging of the IP address is deactivated on our “Jitsi” server.
Meeting name and password (if applicable): When an online meeting is set up, a name for the online meeting is chosen by the organiser. In addition, a password can be provided for participation in the online meeting. This data is only processed until the end of the respective online meeting and then deleted. Please note, however, that the name of “online meeting” and the date, time and duration of the “online meeting” can be saved locally in your browser. If you no longer wish to see this data, you should delete your browser cache.
E-Mail address: You have the option to specify an e-mail address. This e-mail address will then be used to retrieve and display a profile photo from the service “Gravatar”. Gravatar profile photos will only be displayed if a public Gravatar image can be retrieved for the email address you provide.

Scope of processing
We use “Jitsi” to conduct “online meetings”. If we want to record “online meetings”, we will inform you transparently in advance and – if necessary – ask for your consent.

Legal basis of the data processing
If personal data are processed by employees of NPR of Europe GmbH, § 26 BDSG is the legal basis for data processing. If, in connection with the use of “Jitsi”, personal data are not required for the establishment, execution or termination of the employment relationship, but are nevertheless an elementary component in the use of “Jitsi”, Art. 6 Para. 1 letter f) GDPR is the legal basis for the data processing. In these cases, we are interested in the effective execution of “online meetings”.
In addition, the legal basis for data processing in connection with “online meetings” is Art. 6 Para. 1 letter b) GDPR, insofar as the meetings are held within the framework of contractual relationships.
If there is no contractual relationship, the legal basis is Art. 6 Para. 1 letter f) GDPR. Here too, we are interested in the effective execution of “online meetings”.

Receiver / Forwarding of data
Personal data that is processed in connection with participation in “online meetings” is generally not passed on to third parties unless it is specifically intended for disclosure. Please note that content from “online meetings” as well as personal meetings are often used to communicate information with customers, interested parties or third parties and are therefore intended for disclosure.
If you have provided an email address in the “online meeting”, then the “Gravatar” service of Automattic Inc. (USA) is loaded. The use of “Gravatar” does not constitute order processing for us. The provider themselves determines the purpose and means of data processing. If you have created an account with “Gravatar”, these terms and conditions apply.

Data processing outside the European Union
Data processing outside the European Union (EU) generally does not take place. However, we cannot exclude the possibility that data is routed via Internet servers located outside the EU. This may be the case in particular if participants in “online meetings” are in a third country.

However, the data is encrypted during transport over the Internet and thus protected against unauthorised access by third parties.
If you have provided an email address in the “online meeting”, then the “Gravatar” service of Automattic Inc. (USA) is loaded. Automattic Inc.‘s servers may also be located outside the EU. The appropriate level of privacy protection is ensured by Automattic Inc.‘s Privacy Shield certification.

Data Protection Officer
We have appointed a Data Protection Officer.
You can reach them as follows: NPR of Europe GmbH, – Data Protection Officer –Siemensstr. 56, 70825 Korntal-Münchingen, E-Mail: info@npr-europe.com

Your rights as a data subject
You have the right to access any personal data concerning you. You can contact us for information at any time.
In the case of a request for information that is not made in writing, we ask for your understanding that we may require you to provide evidence that proves that you are the person you claim to be.
Furthermore, you have the right to correction or deletion or to restriction of processing, as far as you are legally entitled to do so.
Finally, you have the right to object to the processing within the framework of the legal requirements.
There is also a right to data transferability within the framework of data protection regulations.

Deletion of data
We generally delete personal data when there is no need for further storage. A need can exist in particular if the data is still needed to fulfil contractual services, to check and grant or reject warranties and, if applicable, guarantee claims. In the case of statutory storage obligations, deletion shall only be considered after the expiry of the respective storage obligation.
Right of appeal to a supervisory authority
You have the right to appeal to a data protection supervisory authority about the processing of personal data by us.
Amendment of this privacy policy
We revise this privacy policy in the event of changes in data processing or other occasions that make this necessary. You will always find the current version on this website.

Transparency and security.

Almost all well-known engine manufacturers trust in the high-quality workmanship, durability and safety of our innovative solutions – many of them have been doing so for decades.