We, the company Intenta GmbH, thank you for visiting our homepage. As Intenta GmbH, the secure handling of your data is particularly important to us. We would therefore like to inform you in detail about the use of your data when you visit our website.
The data protection declaration of Intenta GmbH is based on the terms used by the European guideline and regulation provider when the basic data protection regulation (DSGVO) was issued. Our data protection declaration should be easy to read and understand both for the public and for our customers and business partners. To ensure this, we would like to explain the terms used in advance.
We use the following terms, among others, in this data protection declaration:
- Personal data: Personal data are all information relating to an identified or identifiable natural person (hereinafter "data subject"). Identifiable is a natural person who can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
- Data subject: Data subject is any identified or identifiable natural person whose personal data are processed by the controller.
- Processing: processing means any operation or series of operations carried out with or without the aid of automated procedures in connection with personal data, such as the collection, collection, organisation, arrangement, storage, adaptation or alteration, retrieval, retrieval, use, disclosure by transmission, dissemination or any other form of provision, reconciliation or linking, restriction, erasure or destruction.
- Restriction of processing: Restriction of processing is the marking of stored personal data with the aim of restricting their future processing.
- Profiling: Profiling is any type of automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, behaviour, whereabouts or relocation of that natural person.
- Pseudonymisation: Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not assigned to an identified or identifiable natural person.
- Controller or controller: The controller or controller is a natural or legal person, public authority, institution or other body which alone or jointly with others decides on the purposes and means of processing personal data. Where the purposes and means of such processing are laid down by Union law or by the law of the Member States, the person responsible or the specific criteria for his appointment may be laid down by Union law or by the law of the Member States.
- Processor: Processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the data controller.
- Recipient: A natural or legal person, authority, institution or other body to whom personal data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union law or the law of the Member States within the framework of a particular investigation mandate shall not be regarded as recipients.
- Third party: a third party is a natural or legal person, authority, institution or other body other than the data subject, the data processor, the data processor and the persons authorised to process the personal data under the direct responsibility of the data processor or the data processor.
- Consent: Consent shall mean any informed and unequivocal expression of will voluntarily given by the data subject in the particular case in the form of a declaration or other clear affirmative act by which the data subject indicates his or her consent to the processing of personal data concerning him or her.
2. Name and address of the person responsible
The person responsible within the meaning of the Basic Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
3. Name and address of the data protection officer
The designated data protection officer of the person responsible is:
- Dipl.-Ing., M.Eng. Thomas Dietz
Phone: +49 (0) 371 243 54 170
If you have any questions regarding the collection, processing or use of your personal data, information, correction, blocking or deletion of data or revocation of consent given or objection to a specific use of data, please contact our data protection officer directly.
4. General information on data processing
4.1 Scope of processing of personal data
We only process personal data of our users if this is necessary to provide a functional website as well as our contents and services. The processing of personal data of our users takes place regularly only after consent of the user. An exception applies in those cases where prior consent cannot be obtained for real reasons and the processing of the data is permitted by law.
4.2 Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU Data Protection Ordinance (DSGVO) serves as the legal basis.
In the processing of personal data required for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b DSGVO serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c DSGVO serves as the legal basis.
In the event that the vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) DSGVO serves as the legal basis.
If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f DSGVO serves as the legal basis for processing.
4.3 Data erasure and storage time
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.
5. Legal or contractual provisions for the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of failure to provide them
We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). In some cases, it may be necessary for a contract to be concluded if a data subject provides us with personal data which must subsequently be processed by us. For example, the person concerned is obliged to provide us with personal data if our company enters into a contract with him/her. Failure to provide personal data would mean that the contract with the data subject could not be concluded. Prior to the provision of personal data by the data subject, the data subject must contact our data protection officer. Our data protection officer will inform the data subject on a case-by-case basis whether the provision of personal data is required by law or contract or required for the conclusion of the contract, whether there is an obligation to provide the personal data and what consequences the failure to provide the personal data would have.
6. provision of the website and creation of log files
6.1 Description and scope of data processing
The website of Intenta GmbH collects a series of general data and information every time a person or an automated system accesses the website. This general data and information is stored in the log files of the server. You can enter the
1. used browser types and versions,
2. the operating system used by the accessing system,
3. the website from which an accessing system reaches our website (so-called referrer),
4. the subwebsites which are accessed via an accessing system on our website,
5. the date and time of access to the Website,
6. an Internet Protocol (IP) address,
7. the Internet service provider of the accessing system and
8. other similar data and information used for security purposes in the event of attacks on our information technology systems.
When using this general data and information, Intenta GmbH does not draw any conclusions about the person concerned. Rather, this information is needed to
- to deliver the contents of our website correctly,
- to optimize the contents of our website as well as the advertising for them,
- to ensure the long-term functionality of our information technology systems and the technology of our website, and
- to provide law enforcement agencies with the information necessary for law enforcement in the event of a cyber attack.
- These anonymously collected data and information are therefore evaluated by Intenta statistically and with the aim of increasing data protection and data security in our company in order ultimately to ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a person concerned.
The log files contain IP addresses or other data that enable an assignment to a user. This could be the case, for example, if the link to the website from which the user accesses the website or the link to the website to which the user switches contains personal data.
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
6.2 Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f DSGVO.
6.3 Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this the IP address of the user must remain stored for the duration of the session.
The data is stored in log files to ensure the functionality of the website. In addition, the data serves us to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
Our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f DSGVO also lies in these purposes.
6.4 Duration of storage
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
If the data is stored in log files, this is the case after seven days at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.
6.5 Possibility of objection and elimination
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
7.1 Description and scope of data processing
In order to make your visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your mobile device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your terminal and enable us to recognize your browser on your next visit (persistent cookies). You can set your browser in such a way that you are informed about the setting of cookies and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or generally. If cookies are not accepted, the functionality of our website may be limited.
Some elements of our website require that the calling browser can be identified even after a page change.
The following data is stored and transmitted in the cookies:
- Language settings
In this way, the following data can be transmitted:
- Entered search terms
- Frequency of page views
- Use of website functions
- The user data collected in this way is pseudonymised by technical precautions. Therefore, it is no longer possible to assign the data to the calling user.
The data will not be stored together with other personal data of the users.
7.2 Legal basis for data processing
The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f DSGVO.
7.3 Purpose of data processing
We need cookies for the following applications:
- Accepting language settings
- Remembering search terms
- The user data collected by technically necessary cookies are not used to create user profiles.
The analysis cookies are used to improve the quality of our website and its content. Through the analysis cookies we learn how the website is used and can thus continuously optimize our offer.
For these purposes, our legitimate interest also lies in the processing of personal data in accordance with Art. 6 para. 1 lit. f DSGVO.
7.4 Duration of storage, possibility of objection and removal
8. Contact form and e-mail contact
8.1 Description and scope of data processing
Due to legal regulations, the website of Intenta GmbH contains information that enables quick electronic contact with our company and direct communication with us, which also includes a general address for so-called electronic mail (e-mail address). If a data subject contacts the data controller via e-mail or a contact form, the personal data transmitted by the data subject will be stored automatically. Such personal data voluntarily provided by a data subject to the controller will be stored for the purpose of processing or contacting the data subject. This personal data is not passed on to third parties.
If you use our contact form, the following data entered in the input mask will be transmitted to us and stored:
- last name
- email address
- piece of news
8.2 Legal basis for data processing
The legal basis for the processing of data is Art. 6 para. 1 lit. a DSGVO if the user has given his consent.
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f DSGVO. If the e-mail contact aims at the conclusion of a contract, then additional legal basis for the processing is Art. 6 exp. 1 lit. b DSGVO.
8.3 Purpose of data processing
The processing of the personal data from the input mask serves us only for the treatment of the establishment of contact. In the event of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
8.4 Duration of storage
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by e-mail, this is the case when the respective conversation with the user is finished. The conversation is terminated when it can be inferred from the circumstances that the facts in question have been finally clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
8.5 Updating/deletion of your personal data
You have the possibility to check, change or delete the personal data provided to us at any time by sending us an e-mail to the e-mail address email@example.com.
You also have the right to revoke consent once given with effect for the future at any time.
The stored personal data will be deleted if you revoke your consent to its storage.
The controller shall process and store the personal data of the data subject only for the time necessary to achieve the data retention purpose or to the extent provided for by the European regulator or other legislator in laws or regulations to which the controller is subject.
If the storage purpose ceases to apply or if a storage period prescribed by the European Directive and Regulation Giver or another competent legislator expires, the personal data is routinely blocked or deleted in accordance with the statutory provisions.
9. Use of protected customer area
9.1 Description and scope of data processing
If you wish to use our protected customer area for customers of the Intenta sensors (in the following customer area) and download the files we provide for the product, you must register by entering your e-mail address and a password of your choice (this will only be sent to us in encrypted form). The provision of this data is voluntary. Use of the customer area is only possible with the agreement of the data protection guidelines described here. We ask for this through a double opt-in procedure during registration.
9.2 Legal basis for data processing
If you use our customer area, we store your user name (e-mail address), the time of the download and its completeness. The legal basis is your consent at registration (Art. 6 para. 1 lit a DSGVO).
9.3 Use of automatic update function
In addition, it is possible to register for an automatic e-mail update with the login data provided to be informed directly about newly available documents. The registration for the subscription is voluntary. Your data will only be used to provide new information about the purchased product, the Intenta 3D Vision Sensors, and will not be passed on to third parties.
We use the so-called double opt-in procedure for update notification, i.e. we will only send you update notifications by e-mail if you have previously confirmed that you want us to activate the update service. We will then send you a notification e-mail and ask you to confirm by clicking on a link contained in this e-mail that you wish to receive future updates about new documents etc. If you do not wish to receive any further notifications from us at a later date, you can object to this at any time. A notification in text form to firstname.lastname@example.org is sufficient for this purpose. Of course you will also find a link to unsubscribe in the customer area.
10. Web analysis by Google (Universal) Analytics
This website uses Google (Universal) Analytics, a web analysis service of Google Inc. (www.google.de). Google (Universal) Analytics uses methods that enable an analysis of your use of the website, such as so-called "cookies", text files that are stored on your computer. The information generated about your use of this website is usually transmitted to a Google server in the USA and stored there.
By activating IP anonymisation on this website, the IP address is reduced prior to transmission within the Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The anonymous IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You can prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: http://wbs.is/rom89.
10.1 Legal basis for the processing of personal data
The legal basis for processing users' personal data is Art. 6 para. 1 lit. f DSGVO.
10.2 Purpose of data processing
The processing of users' personal data enables us to analyse the surfing behaviour of our users. We are in a position to compile information about the use of the individual components of our website by evaluating the data obtained. This helps us to continuously improve our website and its user-friendliness. For these purposes, it is also in our legitimate interest to process the data in accordance with Art. 6 para. 1 lit. f DSGVO. By anonymizing the IP address, users' interest in protecting their personal data is sufficiently taken into account.
10.3 Duration of storage
The data will be deleted as soon as they are no longer needed for our recording purposes.
10.4 Possibility of objection and elimination
You have the option to prevent the recording of your data by Google Analytics by clicking on the following link. This will result in the placement of an opt out cookie, which prevents the recording of your data during future visits to this website: Google Analytics deactivation
10 Embedded videos from external websites
Some of our pages contain embedded content from YouTube. No personal data, with the exception of the IP address, is transmitted when a page from our Internet offer with integrated videos from a YouTube channel is accessed alone. In the case of YouTube, the IP address will be transmitted to Google Inc, 600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").
11. Rights of the data subject
If personal data are processed by you, you are affected within the meaning of the DSGVO and you have the following rights vis-à-vis the person responsible:
11.1 Right to information
You can ask the person in charge to confirm whether personal data concerning you will be processed by us.
If such processing has taken place, you can request the following information from the person responsible:
- the purposes for which the personal data are processed;
- the categories of personal data processed;
- the recipients or categories of recipients to whom the personal data concerning you have been or are still being disclosed;
- the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;
- the existence of a right to have your personal data concerning you corrected or deleted, a right to have processing restricted by the controller or a right to object to such processing;
- the existence of a right of appeal to a supervisory authority;
- available information on the origin of the data if the personal data are not collected from the data subject;
- the existence of automated decision-making, including profiling in accordance with Article 22(1) and (4) DSGVO and - at least in these cases - meaningful information on the logic involved and the scope and intended effects of such processing for the data subject.
- You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees pursuant to Art. 46 DSGVO in connection with the transmission.
11.2 Right to rectification/update
You have a right of rectification and/or completion vis-à-vis the data controller if the personal data processed concerning you are incorrect or incomplete. The person responsible shall make the correction without delay.
11.3 Right to limitation of processing
Under the following conditions, you may request that the processing of personal data concerning you be restricted:
- if you dispute the accuracy of the personal data concerning you for a period of time that enables the person responsible to verify the accuracy of the personal data;
- the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
- the controller no longer needs the personal data for the purposes of the processing, but you do need them to assert, exercise or defend legal claims, or
- if you have filed an objection to the processing pursuant to Art. 21 para. 1 DSGVO and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons.
- If the processing of personal data concerning you has been restricted, such data may only be processed - apart from being stored - with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or a Member State.
11.4 Right to cancellation
11.4.1 Duty to delete
You may request the data controller to delete the personal data relating to you without delay and the controller is obliged to delete this data without delay if one of the following reasons applies:
- The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
- You revoke your consent, on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a DSGVO, and there is no other legal basis for the processing.
- You file an objection against the processing pursuant to Art. 21 para. 1 DSGVO and there are no overriding legitimate reasons for the processing, or you file an objection against the processing pursuant to Art. 21 para. 2 DSGVO.
- The personal data concerning you have been processed unlawfully.
- The deletion of personal data concerning you is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the data controller is subject.
- The personal data concerning you have been collected in relation to information society services offered pursuant to Art. 8 para. 1 DSGVO.
11.4.2 Information to third parties
If the data controller has made the personal data concerning you public and is obliged to delete it pursuant to Art. 17 para. 1 DSGVO, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data processors who process the personal data that you as the data subject have requested the deletion of all links to this personal data or of copies or replications of this personal data.
The right to cancellation does not exist insofar as the processing is necessary
- to exercise freedom of expression and information;
- for the performance of a legal obligation required for processing under the law of the Union or of the Member States to which the controller is subject or for the performance of a task in the public interest or in the exercise of official authority conferred on the controller;
- for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 DSGVO;
- for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 para. 1 DSGVO, insofar as the law referred to under a) is likely to render impossible or seriously impair the attainment of the objectives of such processing, or
- to assert, exercise or defend legal claims.
11.5 Right to information
If you have exercised your right to have the data controller correct, delete or limit the processing, he/she is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction on processing, unless this proves impossible or involves a disproportionate effort.
The person responsible shall have the right to be informed of such recipients.
11.6 Right to Data Transferability
You have the right to receive the personal data concerning you that you have provided to the person responsible in a structured, common and machine-readable format. In addition, you have the right to pass this data on to another person in charge without obstruction by the person in charge to whom the personal data was provided, provided that
- processing is based on consent pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO or on a contract pursuant to Art. 6 para. 1 lit. b DSGVO and
- processing is carried out using automated methods.
In exercising this right, you also have the right to request that the personal data concerning you be transferred directly from one data controller to another data controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to transferability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the controller.
11.7 Right of objection
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you under Article 6(1)(e) or (f) of the DSBER; this also applies to profiling based on these provisions.
The data controller no longer processes the personal data concerning you, unless he can prove compelling reasons worthy of protection for the processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing.
If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
You have the possibility to exercise your right of objection in connection with the use of Information Society services by means of automated procedures using technical specifications, notwithstanding Directive 2002/58/EC.
11.8 Right to revoke the data protection declaration of consent
You have the right to revoke your data protection declaration of consent at any time. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until revocation.
11.9 Automated decision in individual cases including profiling
You have the right not to be subject to a decision based exclusively on automated processing - including profiling - that has legal effect against you or significantly impairs you in a similar manner. This does not apply if the decision
1) is necessary for the conclusion or performance of a contract between you and the person responsible,
2) is admissible under Union or Member State law to which the person responsible is subject and that law contains appropriate measures to safeguard your rights, freedoms and legitimate interests; or
3) with your express consent.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 DSGVO, unless Art. 9 para. 2 lit. a or g DSGVO applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.
With regard to the cases mentioned in 1) and 3), the person responsible takes appropriate measures to protect the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person by the person responsible, to state his own position and to challenge the decision.
11.10. Right of appeal to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or suspect of infringement, if you believe that the processing of personal data concerning you is contrary to the DSGVO.
The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 DSGVO.
12. General legal basis of the processing
Unless otherwise stated, Article 6(1)(a) DSGVO serves our company as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case for example with processing operations necessary for the delivery of goods or the provision of another service or consideration, the processing is based on Article 6(1)(b) DSGVO. The same applies to such processing processes that are necessary to carry out pre-contractual measures, for example in cases of enquiries about our products or services. If our company is subject to a legal obligation requiring the processing of personal data, for example for the fulfilment of tax obligations, the processing is based on Art. 6 para. 1 letter. (c) DSGVO. In rare cases, the processing of personal data may become necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured in our company and his name, age, health insurance data or other vital information had to be passed on to a doctor, a hospital or other third parties. The processing would then be based on Article 6(1)(d) DSBER. Ultimately, processing operations could be based on Article 6(1)(f) DSGVO. Processing operations which are not covered by any of the aforementioned legal bases are based on this legal basis if processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. Such processing procedures are permitted to us in particular because they have been specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the person concerned is a customer of the person responsible (recital 47, second sentence, DSGVO).
Information to be provided where personal data are collected from the data subject (Article 13 GDPR) via data recording by a measuring vehicle
Purpose of the processing of personal data
Within the framework of various development projects, Intenta GmbH conducts video- and sensor-based driver and driver environment observations, as well as vehicle environment recordings in line with defined driving scenarios with road traffic participants. These records are exclusively intended for product development, further development, the validation of complex, application-specific software algorithms and product testing of vehicle sensor systems.
Legal basis for the processing
Personal data are processed based on point (f) of Article 6(1) GDPR. The data processor has a legitimate interest in processing the personal data as these data form the basis for realising assistance systems for the active and passive protection of the health and lives of persons directly or indirectly involved in certain traffic situations.
Categories (including special categories in the form of biometric data) of personal data recorded
The following personal data may be processed:
- Time of collection
- GPS data at the time of collection
- Biometric data
Disclosure of personal data to third parties
Data may be disclosed to third parties in connection with development projects. All personal data will be anonymised before processing to prevent it from being associated with a natural person after its disclosure.
Length of storage/Criteria for determining the storage period
Recorded personal data are stored for at least the duration of the particular development project unless a different storage period is required by law or other binding provisions. In general, archiving obligations stipulate a storage period of 10 years after the end of the project.
Rights of the data subject
Data subjects can obtain information about their stored personal data at any time and request their rectification, erasure or restriction of the processing. Under certain circumstances, they have the right to receive the personal data concerning them that have been processed in a structured, commonly used and machine-readable format and have the right to transmit these data to another controller (data portability), provided such transmission does not affect the rights and freedoms of others. If technically feasible, Intenta GmbH will also transmit the data directly to an externally controller.
The right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State where they reside or work or where the alleged infringement is said to have occurred if they believe that the processing of personal data concerning them infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and the outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.
Information on the erasure of data
The data recorded for product development and testing purposes are recorded in the test vehicles and stored in encrypted form. Live visualisations in the vehicle are not stored. The data are not accessible to the driver or the passengers. Due to this security measure and the related protection of the confidentiality of personal data, the data cannot be erased on site. These data can be erased pursuant to Article 17 GDPR only at the premises of the processing bodies.
If an erasure request is received, the personal data of the data subject will be erased without undue delay unless Intenta GmbH is obliged by law to archive the data, or if further processing of the data is required for the establishment, exercise or defence of legal claims. Anonymised data will not be erased even if consent has been withdrawn. In addition, Intenta expressly reserves the right to further process the personal data recorded on data capturing journeys within the limits of other legal bases provided the data are required for the specific development purpose.
If you have any further questions about the collection, processing or use of personal data, or about access to information, the rectification, blocking or erasure of data, or objecting to a particular use of the data, please contact our Data Protection Officer:
Dipl.-Ing., M.Eng. Thomas Dietz
Tel.: +49 (0) 371 243 54 170
To help us deal with your request promptly and efficiently, the following information should be provided to the Data Protection Officer (a form is not required):
- Vehicle registration number (test vehicle)
- Distinctive features to enable us to identify the person concerned (e.g. vehicle registration plate of the recorded vehicle, unique biometric data (height, physique, clothing))