We attach great importance to data protection. When collecting and processing your personal data, we act in compliance with current data protection legislation, in particular the EU General Data Protection Regulation. This Policy describes how and for which purposes your data are collected and used and what options you have regarding your personal data.
1. Name and contact data of the person responsible for processing (controller)
NAMUR – User Association of Automation Technology in Process Industries,
represented by the Board of Management consisting of Dr. Felix Hanisch (Chairman), Michael Pelz (Deputy Chairman), Renatus Neijts, Tobias Schlichtmann, DI Igor Stolz, Dr. Frank van den Boomen
c/o Bayer AG
Build. K 9
Phone +49 214/30-71034
A data protection officer has not been appointed.
2. Collection and storage of personal data and type and purpose of use
a) When visiting the website
When visiting our website https://www.namur.net/, the browser installed on your terminal device will automatically send information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected und stored without any action on your part until it will be automatically erased:
- IP address of the accessing computer,
- date and time of access,
- name and URL of the file accessed,
- website from which the access originates (referrer URL),
- browser used and, where relevant, the operating system of your computer and the name of your internet access provider.
We process the files listed for the following purposes:
- To ensure smooth establishment of a connection to the website,
- to ensure comfortable use of our website,
- to evaluate system security and stability, and
- for other administrative purposes.
The legal basis for data processing is provided by Article 6(1), subparagraph 1, point (f) of the General Data Protection Regulation. Our legitimate interest derives from the purposes of data collection listed above. In no case will we use the collected data to draw conclusions as to your person.
b) When using the password-protected area of the website
In addition to collecting and storing data when the website is accessed, we also collect and store the following additional data when the password-protected area of the website is accessed (see also the log-in form on the website):
- Title, job title, first name, family name,
- e-mail, password,
- telephone, fax, mobile phone,
- company name, department,
- street, building, P.O. box, postal code, town/city, country,
- NAMUR Working Group(s),
- NAMUR recommendations and NAMUR worksheets which were sent out automatically (including date and time).
The purposes of processing this information are
- authorisation management when the website is accessed and within the website,
- identifying the demand for NAMUR recommendations and NAMUR worksheets,
- meeting a contractual obligation to provide NAMUR recommendations and NAMUR worksheets.
The legal basis for data processing is provided by Article 6(1), subparagraph 1, point (b) of the General Data Protection Regulation if data storage is necessary for serving the agreed purpose of use, and alternatively Article 6(1), subparagraph 1, point (f) of the General Data Protection Regulation to pursue our legitimate interest in the aforementioned purposes and to optimise the services offered. In no case will we use the collected data to draw conclusions as to your person.
c) When using NAMUR.smart
In addition to collecting and storing data when the website is accessed, we also collect and store the following additional data when NAMUR.smart is accessed:
- First name, family name,
- telephone number,
- e-mail address,
- user role.
The purposes of data processing are
- authorisation management when the software application is accessed and within the application,
- clear assignment of technical equipment to persons responsible,
- attribution of error messages,
- developing statistics of technical equipment,
- providing services under NAMUR.smart.
The information will be stored permanently, if this is necessary to serve the purpose of the software application (long-term statistics).
The legal basis for data processing is provided by Article 6(1), subparagraph 1, point (b) of the General Data Protection Regulation if data storage is necessary for serving the agreed purpose of use, and alternatively Article 6(1), subparagraph 1, point (b) of the General Data Protection Regulation to pursue our legitimate interest in the aforementioned purposes and to optimise the services offered. In no case will we use the collected data to draw conclusions as to your person.
d) When using our contact form
If you have questions of any kind, you can contact us by filling in a contact form that is available on our website. In this case, it is necessary to provide a valid e-mail address so that we know who sent the enquiry and can answer it. Further information may be provided on a voluntary basis. Data processing for the purpose of contacting us is based on your voluntary consent pursuant to Article 6(1), subparagraph 1, point (a) of the General Data Protection Regulation.
The personal data we collect when you use the contact form are automatically erased after your enquiry has been satisfactorily handled.
e) When registering for the AGM using our contact form
In addition to collecting and storing data when you visit our website, the following personal data are also collected and stored when you register for the Annual General Meeting using our contact form:
- Title, job title, first name, family name,
- e-mail address, password,
- telephone, fax, mobile phone,
- company name, department,
- street, building, P.O. box, postal code, town/city, country,
- NAMUR Working Group(s).
The Information will be used for the following purposes:
- Organisation of the Annual General Meeting
- Hotel bookings
- Information of participants
- Drawing up a partipants' list for all participant / name badges with QR code, which includes first name, family name, company name, additionally also e-mail address and telephone number and enables the exchange of contact data without a business card
The legal basis for data processing is provided by Article 6(1), subparagraph 1, point (b) of the General Data Protection Regulation if data storage is necessary for serving the purpose of the Association (holding an Annual General Meeting), and alternatively Article 6(1), subparagraph 1, point (f) of the General Data Protection Regulation to pursue our legitimate interest in the aforementioned purpose
f) When attending the Annual General Meeting
Photographs and videos will be taken at the AGM and in its environment (e.g. during coffee breaks).
Purpose of use: The data will be used to provide information on the Association's activities in published reports (e.g. social-media) and presentations and also among members and to promote the Association.
The legal basis is provided by Article 6(1), subparagraph 1, point (f) of the General Data Protection Regulation, where relevant to be read in conjunction with Article 85 of the General Data Protection Regulation and sec. 23(1), no. 1 of the Art Copyright Act. Our legitimate interest is to provide information on and promote the Association's activities and its social presence.
g) There is no legal obligation to provide the data listed under a) to f). However, you need to provide this information if you want to access the site or make use of the services offered: It is not possible e.g. to log in without entering the information required.
3. Erasure of data
Personal data of the data subject will be erased or blocked
- once the purpose of storage ceases to exist, and
- when European or national legislation in regulations, laws or other legal provisions to which the controller is subject does not provide for any storage, and
- when storage is not required for concluding or performing a contract, and
- when storage is not required for protecting overriding legitimate interests, and
- when consent to further data storage has been withheld.
4. Transfer of data
a) Typical categories of recipients of personal data - where necessary for the purpose of processing - are members of the Association's Board of Management, NAMUR Office staff, other member companies and their employees and commissioned processors and service providers.
b) Categories of recipients of the data you provided when registering for the Annual General Meeting and the photographs and videos taken during the AGM are
- KCO Congress- und Tagungsorganisation - Margarete Kohl whom we have commissioned to organise the AGM. This organisation will be provided with the personal data of participants to book hotels and draw up participants' lists;
- the hotel where the congress agency has booked rooms. It will be provided with the personal data required for booking;
- participants will be provided with participants' lists giving the first name, family name, job title and represented member company of the participants;
- persons whom NAMUR - User Association of Automation Technology in Process Industries - has commissioned to organise its Annual General Meeting.
- Photographs and videos taken at the Annual General Meeting and in its environment (e.g. during coffee breaks) may be published on our website, in information material, press releases and the like. This means that recipients are the general public, member companies and participants.
c) We will only share your personal data with third parties if
- you have given your explicit consent pursuant to Article 6(1), subparagraph 1, point (a) of the General Data Protection Regulation,
- there is a legal obligation to transfer the data pursuant to Article 6(1), subparagraph 1, point (c) of the General Data Protection Regulation,
- this is legally permitted and, pursuant to Article 6(1), subparagraph 1, point (b) of the General Data Protection Regulation, required for performing a contract with you or for meeting obligations the Association has vis-à-vis you, or
- the transfer of your personal data pursuant to Article 6(1), subparagraph 1, point (f) of the General Data Protection Regulation is necessary to protect legitimate interests, especially to establish, exercise and defend legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-transfer of your personal data.
Cookies collect information which is generated in connection with the specific terminal device used. This does not imply, however, that we can immediately identify you.
First, using cookies helps to make it more comfortable for you to use our website. For instance, we use so-called session cookies to recognise that you have already visited some parts of our website.
These session cookies are automatically erased when you leave our website.
Also with a view to optimising user-friendliness, we use temporary cookies which are stored on your terminal equipment for a specified period of time. When you return to our site to benefit from our services, the temporary cookies will automatically identify you as a previous visitor and show your previous entries and settings so you need not repeat them.
The data processed by cookies are required for the aforementioned purposes of protecting our legitimate interests and those of third parties according to Article 6(1), subparagraph 1, point (f) of the General Data Protection Regulation.
Most browsers accept cookies automatically. However, you can configure your browser in such a way that cookies are not stored on your computer or that there will always be a message before a new cookie is generated. Complete deactivation of cookies, however, may disable some functions of our website.
6. Analytics tools
The tracking methods we use and which are described in the following are based on Article 6(1), sentence 1, point (f) of the General Data Protection Regulation. With these tracking methods we want to ensure a needs-driven design and continual optimisation of our website.
Another reason for using these tracking methods is to gather statistics about the use of our website and evaluate them with a view to optimising our service offer for you. These interests are considered legitimate within the meaning of the aforementioned provision.
This website uses Matomo, an open-source software for the statistical evaluation of user access. Matomo uses so-called cookies (cf. section 4), i.e. text files which are stored on the users' computers and permit an analysis of the use of the website by users. The information generated by the cookies on how the website is used is stored on the server of the provider in Germany. Immediately after processing and before it is stored the IP address is anonymised. Users can prevent the installation of cookies by setting their browser software accordingly. However, the provider informs the users that in this case they may not be able to fully use all functions of this website.
7. Social Media Plug-ins
Based on Article 6(1) subparagraph 1, point (f) of the General Data Protection Regulation, we use social plug-ins of the social networks Facebook, Twitter, XING and LinkedIn on our website to raise general awareness of our Association. The underlying advertising purpose is considered a legitimate interest within the meaning of the General Data Protection Regulation. The respective providers must ensure that their websites comply with data protection provisions.
On our website we use social media plug-ins by Facebook in order to individualise the site. To this end, we use the 'LIKE' and 'SHARE' buttons. This is a service provided by Facebook. When you visit an area of our website which contains such a plug-in, your browser will establish a direct connection with the Facebook servers. The contents of the plug-in are directly transmitted to your browser which will incorporate them into the website.
As a result, Facebook will receive the information that your browser has accessed this particular area of our website even though you may not have a Facebook account or are not currently logged in to Facebook. Your browser will directly transmit this information (including your IP address) to a Facebook server in the US where it will be stored. If you are logged in to Facebook, Facebook can assign the visit to our website directly to your Facebook account.
When you interact with the plug-ins, e.g. when you click on the 'LIKE' or 'SHARE' buttons, this information is also directly communicated to a Facebook server and stored. Furthermore, this information is published on Facebook and shown to your friends.
Facebook may use this information for advertising and market research purposes and for developing a needs-oriented design for the Facebook website. To this end, Facebook develops use, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, inform other Facebook users of your activities on our website and offer other services associated with the use of Facebook.
If you do not wish Facebook to assign the data collected about our website to your Facebook account, you need to log out of Facebook prior to visiting our website.
Plug-ins of the short messenger service provided by Twitter Inc. (Twitter) are integrated into our website. You can identify the Twitter plug-ins (tweet button) by the Twitter logo on our website. An overview of tweet buttons is available on about.twitter.com/resources/buttons.
When you visit an area of our website which contains such a plug-in, a direct connection will be established between your browser and the Twitter server. In this way Twitter is informed that you have visited our website using your IP address. When you click on the Twitter tweet button while you are logged in to your Twitter account, you can provide links to the contents of our website on your Twitter profile. This helps Twitter to assign your visit to our website to your user account.
We would like to point out that we as the provider of a website will not be informed about the data transmitted and their use by Twitter.
If you do not wish Twitter to assign the visit to our website to your address, please log out of your Twitter user account prior to visiting our website.
We would like to inform you about personal data processing via the function of the XING share button.
On our website you will find plug-ins of the LinkedIn social network, i.e. LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter referred to as LinkedIn). You can identify the LinkedIn plug-ins by the LinkedIn logo or the recommend button. Please note that, when you visit our website, the plug-in will establish a connection between your internet browser and the LinkedIn server to inform LinkedIn of the visit of our website by your IP address. When you click on the recommend button and are at the same time logged in to your LinkedIn account, you may link contents from our website with your LinkedIn profile. In this way you enable LinkedIn to assign your visit of our website to you or your user account. You should know that we are not informed of the data transmitted and their use by LinkedIn.
Further details regarding data collection and your legal and setting options can be found on http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv.
8. Rights of data subjects
You have the right,
- pursuant to Article 15 of the General Data Protection Regulation, to obtain information regarding the personal data we process. In particular, you can obtain information on the purposes of processing, the category of personal data, the categories of recipients to whom your data were or will be disclosed, the envisaged storage period, the existence of the right to request rectification, erasure, restriction of processing or objection to processing, the existence of the right to lodge a complaint, the source of your data where we did not collect them and the existence of automated decision-making, including profiling, and, where relevant, meaningful information on pertinent details;
- pursuant to Article 16 of the General Data Protection Regulation, to obtain from us without undue delay the rectification of inaccurate and the completion of incomplete personal data stored;
- pursuant to Article 17 of the General Data Protection Regulation, to obtain from us the erasure of your stored personal data unless processing is necessary to exercise the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
- pursuant to Article 18 of the General Data Protection Regulation, to obtain from us the restriction of processing your personal data where you contest the accuracy of the data, where processing is unlawful, but you oppose the erasure of the data, where we do no longer need the data, but you require them for the establishment, exercise or defence of legal claims or where you have objected to processing pursuant to Article 21 of the General Data Protection Regulation;
- pursuant to Article 20 of the General Data Protection Regulation, to receive your personal data in a structured, commonly used and machine-readable format or to transmit these data to another controller;
- pursuant to Article 7(3) of the General Data Protection Regulation, to withdraw your consent given earlier. As a result, we must in future refrain from continuing the processing of your data which was based on this consent; and
- pursuant to Article 77 of the General Data Protection Regulation, to lodge a complaint with a supervisory authority. Usually you may lodge this complaint with the supervisory authority at your habitual residence, place of work or seat of our Office.
9. Right to object
Where your personal data are processed on the basis of legitimate interests pursuant to Article 6(1), subparagraph 1, point (f) of the General Data Protection Regulation, you have the right pursuant to Article 21 of the General Data Protection Regulation to object to the processing of your personal data on grounds relating to your particular situation or if the objection applies to direct marketing. In the latter case, you have a general right to object, i.e. without having to cite a particular situation, which we will comply with.
If you would like to exercise your right to withdraw your consent or to object, it will suffice to send an e-mail to this effect to office[at]namur.de.
10. Data security
On our website we use the widespread SSL method (Secure Socket Layer) in combination with the highest encryption supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support a 256-bit encryption, we fall back on 128-Bit v3 technology. A locked key or lock symbol in the bottom status bar of your browser will indicate whether an individual page of our website is transmitted in encrypted form.
Other than that, we take appropriate technical and organisational security measures to protect your data against accidental or willful manipulations, partial or complete loss, destruction or unauthorised access by third parties. We continually improve our security measures in keeping with technological developments.