Heidelberger Druckmaschinen AG Privacy Statement.

If you wish to make use of special services of our company via our website or the apps or if you order something via our eShop, the processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing (for example, the implementation of a contractual agreement), we will ask for your consent.

This Privacy Statement contains information about the data we collect from you, how we use it and how you can object to the use of this data.

Who is responsible for data collection and processing?

Heidelberger Druckmaschinen AG welcomes your visit to our web pages and app and your interest in our products. Please note that this Privacy Statement no longer applies if you follow links to third-party sites or register in areas controlled by other data controllers.

The data controller with respect to this website or app is:

Heidelberger Druckmaschinen AG
Gutenbergring
69168 Wiesloch
Germany
Tel.: +49 (0)6221 92 00

Our data protection officer can be contacted at:

Heidelberger Druckmaschinen AG
Data Protection Officer
Gutenbergring
69168 Wiesloch
Germany

E-mail: Datenschutzbeauftragter@heidelberg.com

Why do we process your data (processing purpose) and what is the legal basis for this?
On what legal grounds are cookies used and are there options for opting out?
To whom will your data be passed on?
How long will your data be stored?
What rights do data subjects have?


Further information on data processing when using various services can be found here:

Event information
Online event "Innovation Week 2021" on October 13-15, 2021 and Heidelberg Media Library

Name of the person responsible and representative:

Heidelberger Druckmaschinen AG
Kurfürstenanlage 52-60
69115 Heidelberg
Tel.: +49 (0)6221 92 00
Fax: +49 (0)6221 92 69 99
Email: information@heidelberg.com

Contact information data protection officer:

Data protection officer
Heidelberger Druckmaschinen AG
Gutenbergring
69168 Wiesloch
Email: datenschutzbeauftragter@heidelberg.com

Rights of data subjects:

A detailed description of the rights of data subjects can be found here.

Purposes of the data processing and its legal basis:

Please note all of the data processing listed below that may take place during the event.

Registration and implementation of the online event, including making an appointment, streaming, videos, video calls, and chats

Starting September 20, 2021, all those interested can register for the digital event taking place on October 13-15, 2021.
The portal heidelberg.com/innovationweek2021 (URL: innovationweek.heidelberg.com) and access to the content will also remain available until December 2021 at heidelberg.com/videos (URL: medialibrary.heidelberg.com).
Interested parties can talk to a Heidelberg expert in a video call or in a peer-to-peer chat at heidelberg.com/innovationweek2021 during event days. The connection is encrypted with DTLS-SRTP.
The availability of contact persons depends on the country and language of the participants. The relevant contact data collected as part of the event or during a visit to the Heidelberg Media Library, as well as interest in our products and services, will be transmitted to the relevant national or sales company. The legal basis is our contractual obligation pursuant to Article 6 (1) sub 1 (b) GDPR to provide the participant with the contractual services. Using this offering is optional.

Confirmation of the email address (double opt-in) and email communication
To complete the registration process, it is necessary to confirm the registration. A confirmation email will be sent to the email address provided during registration. This email contains a link via which the registration can be confirmed and thus completed. The system used stores the date and time of registration and the confirmation.

The email address will then be used to send emails with information about the event.

Video and streaming

On the event days October 13-15, 2021, presentations about Heidelberg’s products and services will be shown in a live stream as part of the Innovation Week 2021 event. Additional video content is expected to be available on demand until December 31, 2021 at heidelberg.com/innovationweek2021 (as of 25 October 2021: heidelberg.com/videos).

For this we use plug-ins from Youtube.de/youtube.com. These are operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. If you visit the Heidelberger Druckmaschinen AG websites with such a plug-in, a connection to YouTube servers is established and the plug-in is displayed on the website via a message to your browser. This stores cookies on your computer (VISITOR_INFO1_LIVE, PREF, YSC). Furthermore, which of our websites you have visited is transmitted to the YouTube server. If you are registered as a member of YouTube, YouTube will assign this information to your personal user accounts on these platforms. When using these plug-ins, e.g., by clicking the start button to play a video or audio file or when sending a comment, this information is assigned to your YouTube user account. You can prevent this by logging out of YouTube before calling up the file or sending a comment.
The legal basis is our contractual obligation pursuant to Article 6 (1) sub 1 (b) GDPR to provide the participant with the contractual services.
The purpose and scope of data collection and use by Google as well as your rights and setting options to protect your privacy as a YouTube user can be found in YouTube's data protection information.

Video calls and chat during the online event

On the day of the event, registered participants can chat with a Heidelberg expert via video call or chat.
On the day of the event, October 13-15, 2021, as part of the Innovation Week 2021 event, questions or comments can be submitted to Heidelberg in a chat during the live stream broadcast. These texts will only be visible to chat administrators. The chat administrators can answer you personally or send a message to all Innovation Week visitors participating in the chat. All our employees have been and will be trained on the subject of data protection and instructed how to handle customer data securely and confidentially.
The chat will take place in virtual rooms on heidelberg.com/innovationweek2021.
In addition to the data from the registration form, the communication data and organizational data (such as the date and time of registration and confirmation), we also process technical data such as the IP address, location, status reports, session IDs, log files, or accessed videos or streams. The registration data, any consent, as well as information about which of our products and services you are interested in, are transmitted to our CRM system for advertising use of the contact details (see following sections).
The legal basis for the provision of the website until registration is based on the legal basis Article 6 (1) Sentence 1 (f) GDPR “legitimate interest”. It is our legitimate interest to provide an online platform for registration.
The registration and implementation of the event, including stream, video, and communication, is pursuant to Article 6 (1) sentence 1 (b) GDPR "Fulfillment of the contract" or "Request of the data subject prior to entering into a contract".
We also use cookies on our online event and media library page. For cookies that are not technically required, e.g., Google Analytics and Google Tag Manager, we ask for your voluntary consent via our content management solution ("cookie banner"). These consents are voluntary and can be revoked at any time. Further information about the processing of the online event page, Google Analytics, Google Tag Manager, and cookies can be found in the respective section under: https://www.heidelberg.com/global/en/global_content/privacy_statement.jsp

Use of the contact data for commercial use for legitimate interest

We process the contact details and interests collected during the event for advertising purposes pursuant to Article 6 (1) sentence 1 (f) in connecting with Recital 47 GDPR. It is our legitimate interest to hold events to process contact information from interested parties.
The relevant contact data collected as part of the event, as well as interest in our products and services, will be transmitted to the relevant national or sales company. The processing takes place in our CRM program as well as email and telecommunication systems.
Please note the right of objection for processing for the purpose of direct advertising, which you can find in the section "Rights".

The use of the contact data for commercial use for legitimate interest

In Germany, we need your voluntary consent to use certain contact channels for advertising purposes, such as telephone and email. These consents are requested during registration or during the course of the event. Pursuant to Article 6 (1) sentence 1 (a) GDPR, the consent is voluntarily and can be revoked at any time. Participation in the online event is also possible without consent or after consent has been withdrawn.
If you have given your consent to marketing contact via email, you will be given the option of confirming this email via double opt-in before its use.

Other processing within the scope of legitimate interests

Processing of personal data in the context of legitimate interests (Article 6 (1) sentence 1 (f) GDPR) can take place to assert, exercise, or defend legal claims or damages. For this purpose, it may also be necessary to pass it on to the required third parties in individual cases. Information on the individual right of objection can be found in the "Rights" section.
We use a consent management platform. With this service you can decide which of the various services available on our website (which are associated with the processing of personal data) you only want to use based on consent. It also enables us to document your consent to data processing and to provide the legally required proof of this. Your declaration applies to all of our websites and apps.

The following data are processed:
Date and time of your visit
Device information
Browser information
Anonymized IP address
Opt-in and opt-out data
The legal basis for processing is Article 6 (1) sentence 1 (f) in connection with Article 7 (1) GDPR.

Recipients or categories of recipients of personal data:

Responsible employees and the contracted service providers and their subcontractors have access to the data of the on-site event as well as the associated services. If contracted service providers have access to personal data and this constitutes the processing of data, a data processing agreement has been concluded with the service providers, which also includes provisions for possible subcontractors.

Other processing within the scope of legitimate interests
Other processing within the scope of the legitimate interest, can include a transfer of personal data to the judiciary, authorities, legal representation, insurance companies, and necessary companies, e.g., Internet providers.

Intention to transfer data to third countries or an international Organization:

The relevant contact data collected as part of the event, as well as interest in our products and services, will be transmitted to the relevant national or sales company.

Beyond the processing mentioned above, there is no transfer of the participant data by the person responsible to a third country or an international organization insofar this is necessary for the processing, except for the location where the participant resides or the corresponding devices or services are used there for communication or, for technical reasons, a corresponding routing takes place over which we have no influence.

Duration or criteria for the retention duration:

After the event has ended, we will continue to provide you with new content on the platform until December 31, 2021, after which the platform will be closed. The data on the event platform will then be deleted after 6 weeks. Data transmitted to our CRM system and Google Analytics remain unaffected.

The data of the participants will be processed for advertising purposes until the data subject objects or the purpose of the advertising purpose no longer applies. In individual cases, longer data retention may be necessary for legitimate interests (Article 6 (1) sentence 1 (f) GDPR).

Regarding additional data retention: All information is stored for three years after the end of processing. The legal basis for this is our obligation to document our compliance with the data protection requirements pursuant to Article 6 (1) sentence 1 (c) GDPR in conjunction with Article 5 (2) and Article 24 GDPR in connection with our legitimate interest in data detection for complying with the requirements of Article. 6 (1) sentence 1 (f) GDPR in conjunction with Section 41 of the German Federal Data Protection Act (BSSG) and Section 41 (2) sub 1 of the German Administrative Offences Act (OWiG). The platform is operated by our processor, Usercentrics GmbH, Sonnenstraße 23, 80331 Munich, Germany.

More information can be found here.

Provisioning required by law or contractually required as well as the consequences of non-provision:

To do this, we need

  • the information from the fields indicated as mandatory fields in the registration form,
  • the organizational and technical data required to fulfill the contract, and any communication data that may arise from video calls or chats.

Participating is not possible without this information.

Optional information, as well as consent to commercial use and the use of non-technically required cookies, are voluntary and do not impact the event.

Automated decision-making:

There is no automated decision in individual cases, including profiling pursuant to Article 22 GDPR.

Google Tag Manager

We use the Google Tag Manager. The provider of the Google Tag Manager components is Alphabet Inc. This service enables you to manage website tags via an API. The Google Tag Manager implements only tags. This means that cookies are not used and no personal information is collected. Google Tag Manager triggers other tags that can be used to collect data. However, Google Tag Manager does not access this data. If you have been deactivated on a domain or cookie basis, this applies to all tracking tags if they have been implemented with Google Tag Manager.

Google Analytics

As part of the protected platform Innovation Week, we use Google Analytics for the purpose of the contractual services pursuant to Article 6 (1) sentence 1 (b) GDPR and also use and evaluate the data collected in order to offer you interesting content on our website and to enable a personalized experience. Outside the current protection scope, we only use Google Analytics with your consent, which can be revoked at any time, pursuant to Article 6 (1) sentence 1 (a) GDPR. Google Analytics is a web analysis service of Google Ireland Ltd. ("Google"). Google Analytics uses cookies, which enable an analysis of your use of our websites. In this context, our data processor Google creates pseudonymized user profiles and uses cookies.

Processed data
User ID
Browser type/version,
used operating system,
Referrer URL (the previously visited page),
Host name of the accessing terminal device,
Time of the server request

We only use Google Analytics in connection with activated IP anonymization (IP masking). This means: The IP address of a user is truncated by Google for users within the member states of the European Union and other contracting states of the Agreement on the European Economic Area. Only in exceptional cases (e.g., in the event of a technical defect in the European Union) is the IP address transmitted to a server in the USA and truncated there.

The method of anonymizing IP addresses used by Google does not consist of writing IP addresses on a hard disk, because anonymization is performed immediately after receiving the request in memory.

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser within the scope of Google Analytics is not combined with other data from Google. You can prevent the installation of cookies by setting your browser accordingly. However, we would like to point out that in this case, you may not be able to use all functions of this website to their full extent.

Transfer to third countries (outside the EU and EEA): In the course of the analysis of user behavior, Google receives personal data based on your consent and processes it worldwide, insofar as this is necessary for the provision of services:

Contact details Google:
Google Ireland Limited
Gordon House, Barrow Street
Dublin 4
Ireland
Tel +353 1 543 1000
Fax +353 1 686 5660
Email: support-deutschland@google.com

The transfer to third countries is based on Google's EU standard contract clauses. We store the data on pseudonymized profiles, which cannot be assigned to any individual person, for a period of 26 months to prevent cases of abuse and to optimize our websites. After 26 months have passed, this data is automatically deleted. Click here to download the browser add-on to deactivate Google Analytics.

Used Cookies

Name: _ga, _gat, _gid
Provider: Google Analytics
Description: Google Universal Analytics | Both analyse the browsing pattern and allow the creation of flow statistics; ga is used to distinguish individual users by means of designation of a randomly generated number as a client identifier, which allows the calculation of visits and sessions; _gat is used to distinguish between the different monitoring objects that are created in the session
Retention period: _ga, _gid - 1 year after setting or update ; _gat - 10 minutes from setting or update

Name: _gtm
Provider: Google Tag Manager
Description: Administration of our consent management solution and the dependent use of Google Analytics.
Retention period: _gtm – 1 year from setting or update

Name: ssm_au_c
Provider: Usercentrics
Description: This cookie is used to manage the cookie consent on our website and to save your preferences.
Retention period: They remain until you delete the cookies from your browser or make changes to the cookie consent feature.

Name: evesessid
Provider: Event it
Description: Used to get or set the session ID of the current session.
Retention period: Expires after the session

Name: srv_id
Provider: Event it
Description: Serves to manage the user session on the server side.
Retention period: Expires after the session

Name: eveprotect
Provider: Event it
Description: To defend against various attack scenarios on the web.
Retention period: Expires after the session

Use of the Heidelberg App
Participation in Heidelberg surveys using Microsoft Forms
Microsoft Teams privacy policy
Contact form
Job search


Social Media:

Social Media and Facebook
Twitter
Instagram
LinkedIn
XING


The following services fall under the category “essential cookies”:

Consent management platform
ClickDimensions and newsletters
Google Tag Manager
Zoovu (only in PANTONE® Manager)
YouTube
Podigee (only for podcasts)
reCAPTCHA
Akamai


The following service falls under the category “functional cookies”:

New Relic


The following services fall under the category “marketing cookies”:

Google Analytics
Google Analytics Advertising Feature
Google Remarketing
Google Conversion-Tracking
Facebook Pixel
LinkedIn Insight Tag

Revised and posted as of 10/22/2021.

How can we help you?

We look forward to your message. In order to be able to react quickly to your request, we need some information. *These fields are required.