Aachener
Maschinenbau

Phone-alt Envelope Map-marker-alt

Aachener
Maschinenbau

Phone-alt Envelope Map-marker-alt
  • Privacy Policy

Data protection

Introduction

We, AMBA Maschinenbau, are responsible for the collection, processing, and storage of your data. You can always find details about us in our imprint. Our data protection officer can be reached at info@amba.de.

Careful handling of your personal data is our top priority. We process data in accordance with legal regulations, e.g., the General Data Protection Regulation (GDPR) and associated national provisions.

This privacy policy applies to all websites accessible under our domain www.amba.de
as well as our social media pages (LinkedIn). If you navigate to websites of other operators through our offerings, their own privacy policies apply, and the operators of those websites are responsible for their content.

SSL or TLS Encryption
For security reasons and to protect the transmission of confidential content, such as orders, inquiries, or data entered into forms on our pages, we use SSL or TLS encryption. A secure connection is indicated by “https://” in the browser address bar and the padlock symbol.

When SSL or TLS encryption is active, the data you transmit to us cannot be read by third parties.

Why We Process Your Data

You can generally use our website without disclosing your identity.

Collection and processing of your personal data occur for the following purposes and legal bases:

  • Contract initiation according to Art. 6(1) a and b GDPR
  • Contract execution according to Art. 6(1) b GDPR
  • Customer management according to Art. 6(1) b, c, f GDPR
  • Communication and data exchange according to Art. 6(1) a, b, c, f GDPR
  • Public relations and advertising according to Art. 6(1) a, f GDPR
  • Implementation of consent declarations according to Art. 6(1) a GDPR
  • Ensuring proper operation of a data processing system according to Art. 6(1) c and f GDPR
  • Applicant selection processes for HR and resource management according to Art. 6(1) a, b GDPR in conjunction with §26 BDSG

Which Data We Collect and Process

Directly collected data includes:

  • Email address and, if applicable, a password (e.g., for newsletter subscription, customer account use, or contact form submission)
  • Address data (e.g., for order processing as part of our service)
  • Payment data (for processing payments for services rendered)
  • Data you actively provide while using our services
  • Other data you voluntarily provide, e.g., fields marked as “optional”

Indirectly collected data includes:

  • Technical connection data (e.g., pages visited on our website, your IP address shortened by the last three digits, date and time of visit, device used, browser configuration)
  • Data collected through website and newsletter tracking

Minors:

Our website is not directed at minors, and we do not knowingly collect personal data from minors. If we learn that a minor under 16 has provided personal data without parental consent, we will delete it immediately.

Who Has Access to Your Data and Who We Share It With

Access
Access to your personal data is limited to our employees and contracted service providers who need it to perform their duties.

If third parties gain access to your data, we have obtained your consent or have a legal basis.

We also use service providers for services and data processing (e.g., hosting, newsletter delivery, order fulfillment, payment processing, email dispatch, database maintenance, server security, or website tracking). All processors are carefully selected and receive access only to the extent and duration necessary to provide the service or as you have consented.

Data Exchange within the Corporate Group
Data exchanged within our corporate group occurs exclusively within the EU/EEA and is for internal administrative purposes only. Corporate group refers to affiliated companies as defined in Art. 4(19) GDPR.

Transfer to Third Countries and Legal Basis
Some servers of our service providers are located in the USA or other countries outside the EU. Companies in these countries are subject to data protection laws that may not provide the same level of protection as in the EU. Transfers to such countries are safeguarded by contractual or other recognized instruments.

Transfers of personal data to third countries are based on an adequacy decision under Art. 45(3) GDPR, EU standard contractual clauses under Art. 46(2)(c) GDPR, or your consent under Art. 49(1)(a) GDPR.

Storage Periods

We store personal data in accordance with legal requirements or your consent, until the purposes for which it was collected no longer apply (e.g., end of a contract, inactivity, or withdrawal of consent).

Further retention occurs only if:

  • legal retention obligations exist (e.g., AO and HGB);
  • data is needed to assert or defend legal claims, e.g., for technological and forensic requirements;
  • deletion would conflict with the legitimate interests of the data subjects; or
  • another exception under Art. 17(3) GDPR applies.

Your Rights

Under certain conditions, you have rights under Art. 15–18 GDPR to access, correct, or delete your personal data or to restrict processing. If processing is based on legitimate interests (Art. 6(1)(f) GDPR), you can object under Art. 21(1) GDPR. You also have the right to object to the use of your data for direct marketing under Art. 21(2) GDPR.

If you gave consent to processing, you may withdraw it at any time under Art. 7(3) GDPR.

To exercise your rights, contact us at info@amba.de. You also have the right to file a complaint with a supervisory authority under Art. 77 GDPR.

Use of Our Website – Profiling, Cookies, Web Tracking

Cookies and Opt-Out Options
We use cookies to recognize visitor preferences and optimize the website. This enhances navigation and user experience. Cookies also help identify popular areas of our site. Permanent cookies are used for better guidance and personalized service.

Session cookies are deleted when the browser is closed. You can configure your browser to notify you about cookies. Legal basis: Art. 6(1)(c) and Art. 6(1)(f) GDPR – protecting our web servers and ensuring functionality.

Non-essential cookies are set only after your explicit consent, which can be revoked anytime. If cookies are completely blocked, some website functions, including cookie-based opt-out, may not work.

Google Analytics
This website uses Google Analytics by Google LLC (“Google”). Cookies store information on your usage, typically sent to Google servers in the USA. Google Signals may be enabled for personalized ads. Google Analytics and Google Signals are used only with your consent under Art. 6(1)(a) GDPR.

Recipient of Data: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.

Google Fonts
We use Google Fonts, provided by Google Ireland Limited. Implementation is based on your consent obtained via our consent manager (Art. 6(1)(a) GDPR). Consent can be revoked at any time.

GA Audience
Our site uses GA Audience by Google, which sets cookies on devices to analyze usage across devices. Data is used only with your consent (Art. 6(1)(a) GDPR).

Recipient of Data: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.

Borlabs Cookie Consent
We use Borlabs Cookie Consent by Borlabs, Rübenkamp 32, 22305 Hamburg. Data processed includes opt-in/opt-out data, referrer URL, cookie version, expiration, user settings, UID, consent timestamp, and type.

Legal Basis: Art. 6(1)(c) GDPR
Recipient: Borlabs, Rübenkamp 32, 22305 Hamburg
Transfer Basis: EU Standard Contractual Clauses Art. 46(2)(c) GDPR

Social Media Buttons
Our site uses social media buttons (Facebook, Twitter, Pinterest) as links, not iFrames. The respective providers are responsible for compliance with data protection regulations.

Additional Notes on Specific Services

Contact Form
Data submitted via our contact form is processed for communication and data exchange to respond to your inquiry. Data is stored only as long as necessary for this purpose or until retention periods expire.

Phone-alt