Data Protection

Data protection declaration in accordance with Art. 13, 21 of the Regulation (EU) (Basic Data Protection Regulation, DSGVO) with supplementary information

We at Ferrostaal Air Technology GmbH are very pleased about your interest in our website and our services. The protection of personal data is a particularly high priority for us. We would like to inform you about the collection and processing of personal data that may be associated with the use of our website and about the rights of affected persons in this context. You will find a definition of the terms used in part below below.


I. Name and address of the data controller

The person responsible for the information provided in connection with the use of our Internet site,, its sub-pages and the social media appearances linked to it within the meaning of the DSGVO and other data protection laws applicable to us and other provisions of a data protection nature is

Ferrostaal Air Technology GmbH
Werner-von-Siemens-Strasse 11
66793 Saarwellingen


II. Collection and storage of personal data in connection with the visit of our website, type and purpose of use


1. Security

In order to protect the users and us from misuse, the IP address of the system used for the call is transmitted to us.

2. Collection of general data and information

Our website collects a number of general data and information with every visit. This general data and information is stored in the log files of the server. The following can be recorded

used browser types and versions,
the operating system used by the accessing system,
the website from which an accessing system reaches our website (so-called referrers),
the sub-websites, which are accessed via an accessing system on our website,
the date and time of access to the website,
the Internet Protocol (IP) address of the calling system,
the Internet service provider of the accessing system,
other similar data and information which serve to avert danger in the event of attacks on our information technology systems.

When using this general data and information, we do not draw any conclusions about the person concerned. Rather, this information is required to

(1) to deliver the contents of our website correctly,

(2) to optimise the contents of our website and the advertising for it,

(3) to ensure the permanent functionality of our information technology systems and the technology of our website and

(4) to provide law enforcement authorities with information necessary for law enforcement purposes in the event of a cyber attack.

This anonymously collected data and information is therefore evaluated by Ferrostaal Air Technology GmbH both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimum level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a person concerned.


3. Cookies

Our Internet pages use cookies. Cookies are text files which are filed and stored on a computer system via an Internet browser.

Numerous internet pages and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identification of the cookie. It consists of a string of characters which can be used to assign Internet pages and servers to the specific Internet browser in which the cookie was stored. This enables the Internet pages and servers visited to distinguish the individual browser of the person concerned from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified by means of the unique cookie ID.

By using cookies, Ferrostaal Air Technology GmbH can provide users of this website with more user-friendly services which would not be possible without the setting of cookies.

By means of a cookie, the information and offers on our website can be optimised in the interest of the user. As already mentioned, cookies enable us to recognise the users of our internet site. The purpose of this recognition is to make it easier for users to use our website. The user of a website that uses cookies, for example, does not have to enter his or her access data each time he or she visits the website, as this is done by the website and the cookie stored on the user's computer system. The person concerned can prevent cookies from being set by our website at any time by means of an appropriate setting in the Internet browser used, thereby permanently opposing the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, it is possible that not all functions of our website can be used to their full extent.


4. Google Maps

This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. To use the functions of Google Maps it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

You can find more information about the handling of user data in Google's privacy policy:


III. Collection and processing of personal data during applications and in the application procedure

We collect and process the personal data of applicants for the purpose of processing the application procedure. The processing can also take place electronically. This is particularly the case if an applicant submits appropriate application documents to the person responsible for processing electronically, for example by e-mail. If the data controller concludes an employment contract with an applicant, the transmitted data is stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted after the rejection decision has been announced, provided that deletion does not conflict with any other legitimate interests of the controller. Other legitimate interests in this sense are, for example, the preservation of the possibility of providing evidence in a possible legal dispute in accordance with the General Equal Treatment Act (AGG).


IV. Collection and processing of personal data in the context of client relationships

The collection and processing of personal data within the scope of client relationships is based on the respective client requirements and is generally carried out by the respective mandate-leading Ferrostaal Air Technology GmbH itself as the responsible party and in compliance with the professional regulations applicable to it. Any processing activities of Ferrostaal Air Technology GmbH are only carried out as a processor on behalf of the client.


V. Legal basis of the processing

6 I lit. a DS-GVO serves as a legal basis for processing operations for which we obtain consent for a specific processing purpose.

If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations necessary for the supply of goods or the provision of another service or consideration, the processing is based on Art. 6 I lit. b DS-GVO. The same applies to such processing operations which are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our services.

If we are subject to a legal obligation which makes it necessary to process personal data, for example to fulfil tax obligations, the processing is based on Art. 6 I lit. c DS-GVO.

In rare cases, the processing of personal data may become necessary to protect the vital interests of the person concerned or of another natural person. This would be the case, for example, if a visitor to our company was injured and his or her name, age, health insurance details or other vital information had to be passed on to a doctor, hospital or other third party. The processing would then be based on Art. 6 I lit. d DS-GVO.

Finally, processing operations could be based on Art. 6 I lit. f DS-GVO. Processing operations which are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of Ferrostaal Air Technology GmbH or a third party (e.g. clients), provided that the interests, basic rights and fundamental freedoms of the data subject do not prevail. With regard to our website, this applies in particular to the processing operations pursuant to Section II. of this data protection declaration. We are permitted such processing operations in particular because they have been specifically mentioned by the European legislator. In this respect, he took the view that a legitimate interest could be assumed if the person concerned is a customer of the person responsible. A further legitimate interest is the performance of our business activities for the benefit of the well-being of all our employees and our shareholders as well as the processing for the purpose of direct advertising, in particular for the sending of information on services, legal developments, invitations, events and comparable information.

For Ferrostaal Air Technology GmbH, supplementary provisions of professional law may be applied.


VI. Transfer of personal data

Personal data will only be passed on to third parties if there is a data protection authority to transmit data, e.g. in accordance with section V of this data protection declaration, and to external service providers for processing within the scope of a strictly instruction-bound order processing.

As a rule, data processing outside the EU or the EEA does not take place. If such a data transfer should be necessary in individual cases, it will be carried out exclusively on the basis of the EU standard contractual clauses or to countries in respect of which the EU has passed an adequacy decision, as well as within the scope of commissioned processing.


VII Duration for which personal data is stored

The criterion for the duration of the storage of personal data is the respective legal retention period. After expiry of the period, the corresponding data is routinely deleted if and to the extent that it is no longer required for the fulfilment or initiation of a contract, or if legitimate interests of the person responsible outweigh the deletion interest of the person concerned - e.g. the protection of legal defence options and liability insurance protection in the case of potentially not yet statute-barred even theoretically possible recourse claims of clients and/or affected persons. If such a legitimate interest ceases to exist at a later date, this data is also routinely deleted.


VIII. Rights of data subjects

Affected persons have the right:

to request information about their personal data processed by us in accordance with Art. 15 DSGVO In particular, they may request information on the purposes of the processing, the category of personal data, the categories of recipients to whom their data have been or will be disclosed, the planned storage period, the existence of a right of rectification, cancellation, restriction of processing or opposition, the existence of a right of appeal, the origin of their data, if not collected from them, as well as the existence of automated decision making including profiling and, if applicable, meaningful information on the details thereof (we would like to point out at this point that we do not carry out profiling);

pursuant to Art. 16 DSGVO, to demand the correction of incorrect or incomplete personal data stored by us without delay;

pursuant to Art. 17 DSGVO to demand the deletion of your personal data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or even potentially defend legal claims;

pursuant to Art. 18 DSGVO, to demand the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful but you refuse to delete it and we no longer require the data, but you require it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing pursuant to Art. 21 DSGVO;

in accordance with Art. 20 DSGVO, to receive your personal data that you have provided us with in a structured, common and machine-readable format or to request that it be transferred to another responsible party;

in accordance with Art. 7 para. 3 DSGVO, to revoke your consent, once granted, at any time. As a result, we may no longer continue data processing based on this consent for the future and

complain to a supervisory authority pursuant to Art. 77 DSGVO. As a rule, the supervisory authority of your usual place of residence or workplace or our registered office is available for this purpose. In the latter case, this is the supervisory authority(ies): State Commissioner for Data Protection and Freedom of Information Saarland Fritz-Dobisch-Str. 12 - 66111 Saarbrücken

The foregoing rights may be restricted by overriding statutory provisions on the protection of professional secrecy of mandate.


IX. Right of objection

If personal data are processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 letter f of the DPA, the data subject has the right to object to the processing of his/her personal data in accordance with Art. 21 DPA if there are reasons for doing so arising from his/her particular situation or if the objection is directed against direct marketing. In the latter case, the data subject has a general right of objection, which is implemented by us without specifying a specific situation.

If you wish to exercise your right of revocation or objection, simply send an e-mail to


X. Contact details of the Data Protection Officer

The contact details of our data protection officer are as follows:

CNT Ltd.
Werner-von-Siemens-Strasse 15
66793 Saarwellingen


XI. Up-to-dateness and amendment of this data protection declaration

This data protection declaration is currently valid and has the status of May 2018. Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to amend this data protection declaration. The current data protection declaration can be viewed and printed out at any time on the website at



The data protection declaration of Ferrostaal Air Technology GmbH is based on the terms used by the European legislator for directives and regulations when the basic data protection regulation (DSGVO) was issued. Our data protection declaration should be easy to read and understand for the public as well as for customers and business partners. In order to ensure this, we would like to explain some of the terms used in it using the legal definitions.

We use the following terms, among others, in this privacy policy:

a) Personal data

Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Data subject

Data subject means any identified or identifiable natural person whose personal data are processed by the controller.

c) Processing

Processing is any operation or set of operations, performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

e) Profiling

Profiling is any automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the performance of work, economic situation, health, personal preferences, interests, reliability, conduct, location or change of location of that natural person.

f) Pseudonymisation

Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the inclusion of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data is not attributed to an identified or identifiable natural person.

g) Controller or data controller

Controller or data controller is the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union law or by the law of the Member States, the controller or the specific criteria for his nomination may be provided for by Union law or by the law of the Member States.

h) Processor

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i) Recipient

The recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not it is a third party. However, authorities which may receive personal data in the course of a specific investigation, in accordance with Union or national law, shall not be considered as recipients

j) Third party

Third party means any natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorized to process the personal data.

k) Consent

Consent means any freely given, informed and unequivocal expression of the data subject's wishes in a specific case, in the form of a declaration or other unequivocal affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.

> Google Analytics deaktivieren <

over seventy-five years of experience
more than a hundred employees
more than eight hundred projects worldwide