Information on the processing of your data by video surveillance systems
1. Which information does this document contain for you?
To protect our property and against vandalism, we operate video surveillance systems at our sites. Our facilities are also equipped with video camera systems for quality assurance and accident prevention purposes. We ensure that we meet the requirements of the German Data Protection Ordinance (DSGVO) and other applicable data protection laws. In what follows, we provide you with a detailed insight into our handling of your data and your rights.
2. Who is responsible for processing and who is our data protection officer?
Responsible for processing is
thyssenkrupp Materials Processing Europe GmbH
The data protection officer of thyssenkrupp Materials Processing Europe GmbH can be reached at firstname.lastname@example.org
3. What do the video surveillance systems record?
Our video surveillance systems record areas worthy of protection, buildings in our possession and relevant sections of our production facilities. There is no automatic recognition of persons on the video images.
4. For what purposes are data processed and on which legal basis?
With the systems, we pursue the purpose of safeguarding domestic law in accordance with § 4 (1) 2, 3 BDSG and Art. 6 Para. 1 lit f DSGVO. In addition, the systems also serve as protective precautions for the security of information, e.g. as access control in accordance with § 64 (3) 1st BDSG and the specifications of the IT baseprotection of the Federal Office for Information Security (BSI).
5. Who receives the records?
We use the records when damage has occurred or an alarm has been triggered. Within our company, only those persons and bodies are granted access to the records who are involved in clarifying the facts.
Depending on the event, the security companies commissioned by us may also have access to the data in order to prevent the act and support us in clearing up the matter. In the event of criminal offences, we hand over the records as evidence to our legal advisers and to the competent authorities.
6. How long are records stored?
If there is no indication of damage, the records are automatically deleted. This usually takes place less than 72 hours after recording.
Since we cannot detect all possible damage within a few days, we keep the records for up to one week, depending on the location, for possible clarification.
7. Which data protection rights can you claim as the person affected?
You have the right to request information about the data stored about you, Art. 15 GDPR. In addition, you may request the rectification or erasure of your data, Art. 16, 17 GDPR. You may also be entitled to restrict the processing of your data and a right to release the data you provided in a structured, common, machine-readable format, provided this does not affect the rights and freedoms of others, Art. 18, 20 GDPR.
To exercise your rights, please contact the responsible body or data protection officer listed under section 2.
You also have the option to file a complaint with a data protection authority, Art. 77 GDPR. The right of appeal is without prejudice to any other administrative or judicial remedy. The data protection authority responsible for us is:
The State Commissioner for the Protection of Data and Freedom of Information for North Rhine-Westphalia
Information about your right of objection according to Art. 21 of the General Data Protection Regulation (GDPR)
For reasons that arise from your particular situation, you have the right to object to the processing of your personal data at any time pursuant to Article 6 para. 1 f of the GDPR (data processing on the basis of a balance of interests); this also applies to any profiling based on this provision as defined in Article 4 No. 4 GDPR.
If you file your objection, we will no longer process your personal data unless we can establish compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.
The objection can be informal and should ideally be addressed with the responsible body or data protection officer listed in the privacy statement under section 2.