With this data protection notice, the
TechniSat Digital GmbH
Julius-Saxler-Straße 3
54550 Daun
Phone: 0049 (0)6592 / 712 -0
E-Mail: datenschutz@technisat.de
(hereinafter also referred to as "TechniSat") fulfils its existing legal obligation to provide information in accordance with Art. 13 of the General Data Protection Regulation ("GDPR") with regard to the processing of personal data of customers, interested parties, business partners and suppliers. In the following, we therefore explain which of your personal data we process and how.
Personal data within the meaning of Art. 4 No. 1 GDPR includes information such as your name, your address, your telephone number, your e-mail address, your bank details or your date of birth.
Processing of personal data in according to with Art. 4 No. 2 GDPR is any procedure or procedure series which is performed on personal data, whether or not by automated means.
We process personal data within the meaning of Art. 4 No. 2 GDPR in accordance with the specifications and conditions set out below within the framework of automated processing based on a relevant legal authorisation basis.
The corresponding legal bases for our data processing are presented below.
Automated decision-making in individual cases, including profiling in accordance with Art. 22 GDPR, does not take place.
We process your data, which we collect from you or which you provide to us, in particular in order to establish a contractual relationship with you and to be able to fulfil the existing contractual relationship with you, Art. 6 para. 1 sentence 1 lit. b GDPR.
The aforementioned also includes the implementation of pre-contractual measures, which are carried out at your request.
Personal data collected by us directly from you upon conclusion of the contract is required for the conclusion of the respective contract.
In order to be able to prepare an offer for you as an interested party, you are contractually obliged to provide the necessary data. Failure to provide the required personal data may mean that the contract cannot be fulfilled.
In this context, we process in particular corresponding contact data, financial data, especially payment data, as well as data in connection with the respective contract concluded, insofar as they are necessary to fulfil the respective purpose. If you order a product and/or service, we also process your contact data for communication purposes and to provide the ordered products and services.
In the event that you are not a natural person, we process the personal data of your contact person.
In addition, we process your data in order to submit or analyse corresponding offers, manage an order or provide support services.
The same applies if we purchase products or services from you as a business partner or supplier.
With regard to the fulfilment of legal obligations, Art. 6 para. 1 sentence 1 lit. c GDPR is the corresponding legal basis. We process your personal data depending on the respective legal obligation, e.g. with regard to the requirements of the Money Laundering Act.
In addition, Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest", is our basis for authorisation if we have a legal, economic or idealistic interest in data processing and the rights, interests or fundamental rights of the data subjects worthy of protection do not outweigh this interest.
Personal data will also be processed by us if you give your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. However, failure to give this consent or its revocation does not affect the possibility of recourse to statutory authorisation bases, in particular Art. 6 para. 1 sentence 1 lit. b GDPR, "necessity for the performance of the contract", Art. 6 para. 1 sentence 1 lit. c GDPR, "legal obligation", and Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest", with regard to data processing. Your declaration of consent is voluntary. There are no disadvantages for you if you do not give your consent. You can revoke your consent at any time by sending us an e-mail or by post. The revocation of consent does not affect the permissibility of the processing carried out until the revocation.
If you would like to place an order in our TechniSat Online Shop at www.technishop.de, we may refer you to www.technishop.de/datenschutz for further information on data processing.
If you register for a MyTechniSat account on our TechniSat website/), the data you provide will be processed by us. The mandatory information is your e-mail address, which is used exclusively for the purpose of operating the app and for personal access. You can provide further personal data on a voluntary basis if you wish, e.g. name, address, country, telephone, mobile, fax, date of birth. Your personal data will be stored by us in order to answer your questions.
The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR, "Performance of a contract".
In order to access our specialised trade portal and specialised trade online shop, you must register. Mandatory information is specially marked, in particular customer number, company, company address, your e-mail address and telephone number. This data is processed by us in order to fulfil the existing contractual relationship with you, in particular based on the distribution agreement. For further information on data processing, please refer to https://fachhandel.technisat.com/en_EN/Datenschutz/199-924/.
The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR, "performance of a contract", alternatively Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest".
When you contact us by e-mail, via chat/chatbot, by telephone or via a contact form on our website, the data you provide will be processed by us. Mandatory information is only required in the respective contact option and depending on the subject area, e.g. purchase advice, technical problems, questions about product registration and warranty / questions about data protection / becoming a TechniSat retailer or repair order / RMA. This information is required so that we can answer your enquiry accordingly. You can provide further personal data on a voluntary basis if you wish, e.g. if you want us to send you information material by post, we need your address. Your personal data will be stored by us in order to answer your questions. We delete the data arising in this context after storage is no longer necessary, or restrict processing if there are statutory retention obligations.
The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR, "consent", alternatively Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest".
We use Microsoft Teams to hold online meetings
We hereby inform you about the processing of your personal data in the context of our online meetings using the Microsoft Teams video conferencing solution.
If you do not wish to communicate with us via Microsoft Teams, you can reach us via all our other communication channels. You can also invite us to an online meeting via your own meeting tool instead.
If you cannot or do not want to use the Microsoft Teams app, it is possible to use Microsoft Teams via your browser. The service is then provided via the Microsoft Teams website.
We process the following personal data as part of our online meetings using Microsoft Teams:
However, the scope of data processing also depends on the information you provide before or during participation in an online meeting. For example, a profile picture is optional. You may also have the option of using the chat function in an online meeting. If you make use of this, your text entries will be processed in order to display them in the online meeting. If it is necessary for the purposes of logging the results of an online meeting, we will log the chat content.
You can switch off or mute the camera and / or microphone yourself at any time via the Microsoft Teams application. You can also stop using the chat function at any time.
The legal basis for this is Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest".
Meetings are generally not recorded. Recordings may only be made in exceptional cases if the participants have been expressly and transparently informed of the planned recording in advance and have given their consent where necessary, and have received additional data protection information, including on the specific purpose of the recording and the recipients to whom the recording is to be made available. If necessary, the legal basis is the consent of the data subject, Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Personal data processed in connection with participation in online meetings will not be passed on to third parties.
Microsoft Teams is part of the Office 365 cloud application. Microsoft Office 365 is a software from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.
Data processing with Office 365 takes place on servers in data centres in the EU. We have concluded an data processing contract with Microsoft within the meaning of Art. 28 GDPR. This also includes extensive technical and organisational measures, such as the encryption of data.
In exceptional cases, Microsoft may request access for the purpose of remote maintenance. This access will then be checked by us and granted if authorised. Access may be granted to affiliated Microsoft companies outside the EU. In this case, we have taken measures to ensure an appropriate level of data protection.
We cannot rule out the possibility that data is routed via servers located outside the EU.
Data is transferred to companies in the USA on the basis of an adequacy decision by the European Commission within the meaning of Art. 45 (3) GDPR, which stipulates that an adequate level of protection exists in the USA.
Microsoft reserves the right to process customer data for its own business purposes. We have no influence on this data processing by Microsoft. Microsoft is independently responsible for these data processing activities, so you can contact Microsoft for further information.
Further information: privacy.microsoft.com/en/privacystatement anddocs.microsoft.com/en/microsoftteams/teams-privacy
Station selection: To search for and select Internet radio stations, the device processes your IP address, the web address of the radio station and the hardware and software ID of your device. This information is transmitted to the manufacturer of the central device components, Frontier Smart Technologies Group Limited, and the Internet radio database operator, airable GmbH. Further information and corresponding data protection notices can be found here: Frontier Smart Technologies Group Limited, Harston Mill, Harston Cambridge CB22 7GG, United Kingdom, see www.frontiersmart.com/privacy-policy/; airable GmbH, Am Treppchen 2, 41334 Nettetal, see www.airablenow.com/datenschutz/.
Data is transferred to companies in the UK on the basis of an adequacy decision by the European Commission within the meaning of Art. 45 (3) GDPR, which stipulates that an adequate level of protection is in place in the UK.
The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR, "Performance of a contract".
Radio reception: To receive an Internet radio station, your IP address and theweb address of the radio station and transmitted to the respective radio station.
Rechtsgrundlage ist Art. 6 Abs. 1 S. 1 lit. b DS-GVO, "Vertragsdurchführung".
Software updates: DThe software for your device is provided by Frontier Smart Technologies Group Limited. In order to keep this up to date, your IP address, hardware and software ID as well as information about the model and software version of the device are transmitted there. Further information and the corresponding data protection notice can be found here: Frontier Smart Technologies Group Limited, see www.frontiersmart.com/privacy-policy/.
Data is transferred to companies in the UK on the basis of an adequacy decision by the European Commission within the meaning of Art. 45 (3) GDPR, which stipulates that an adequate level of protection is in place in the UK.
The legal basis for this is Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest".
Network connection: To connect the device to your home network, the deviceThe name and password of your WLAN are saved. The data is deleted as soon as you disconnect.
The legal basis for this is Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest".
Third-party services: You can obtain services from third-party providers such as the management of favorites lists or connection to streaming services under the respective terms of use, whereby the respective provider is responsible for this under data protection law within the meaning of Art. 4 No. 7 GDPR. Further information can be found in the respective data protection notices of the providers.
ISIO Internet list update: In order to provide your device with the current ISIO Internet list, we process the public IP address of the router, DeviceID (device-specific identifier) and the internal serial number (last once per month). The internal serial number and DeviceID are stored without any link to other data for statistical purposes (how many devices of one type download the ISIO Internet list per month) and are deleted at the end of the month, i.e. after five weeks at the latest.
The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR, "performance of a contract", alternatively Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest".
Connection to the Internet: To be able to use the numerous Internet-based additional services of your TechniSat device, you must establish a connection to the Internet. Only then will the Internet-based additional services be enabled and the device will exchange data with the respective service providers via the Internet. If you refuse to connect your TechniSat device to the Internet, your device can only be used offline, i.e. to receive television signals with the integrated device-specific functions (e.g. recording function).
To check the network connection quality, you also have the option of carrying out an Internet speed test with your device. In doing so, we process the public IP address of the router and your country setting.
The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR, "performance of a contract", alternatively Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest".
TECHNIMATIC device software update: To provide the device software, we process the public IP address of the router, DeviceID (device-specific identifier), country setting and the internal serial number (last once per month). The internal serial number and DeviceID are stored without any link to other data for statistical purposes (how many devices of one type download the device software per month) and are deleted at the end of the month, i.e. after five weeks at the latest.
The legal basis for this is Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest".
TechniSat CONNECT:For the purpose of using the digital program guide (SFI) and timer programming with the TechniSat CONNECT app, we process your MyTechniSat e-mail address and password, the public IP address of your Internet router, the network device name in the home network, the data of the digital TV guide, programmed and executable recording times of the digital video recorder. This information is stored for 30 days.
Further information can be found in the data protection notice of the TechniSat CONNECT app.
The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR, "Performance of a contract".
Identification of the device: For the purpose of using the Internet functionality and statistical evaluation, we process the MAC address and IP address to identify the device. This information is not merged with the purchaser's personal data. This information is transmitted to servers in the EU and stored for 15 days (MAC address) or 30 days (IP address).
The legal basis for this is Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest".
SIEHFERN INFO (SFI) information service: For the purpose of using the digital TV guide "SFI", we process the public IP address of the router, DeviceID (device-specific identifier) and the internal serial number (last once per month). This information is transmitted to our server in Germany for this purpose. The IP address is stored for a maximum of three days for load balancing between the individual servers. The serial number is stored for statistical purposes and deleted after five weeks.
The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR, "performance of a contract", alternatively Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest".
Web browser: For the purpose of connecting to websites, the user can access any websites of website operators. TechniSat is neither responsible for data security nor for the content of the websites. The operator of the website is responsible under data protection law within the meaning of Art. 4 No. 7 GDPR. TechniSat refers to the data protection notices of the website operators.
Cookies: Cookies from website operators are not the responsibility of TechniSat. The website operator is responsible under data protection law within the meaning of Art. 4 No. 7 GDPR. TechniSat refers to the data protection notices of the website operators. We ourselves neither set cookies nor read them.
HbbTV: For the purpose of using additional program information, teletext services and media libraries, the respective HbbTV provider (TV broadcaster) processes the browser name, browser version, manufacturer name and software version on its own responsibility. The HbbTV provider is responsible under data protection law within the meaning of Art. 4 No. 7 GDPR. TechniSat refers to the data protection information of the respective HbbTV provider (television broadcaster).
ISIPRO - Automatic channel list update: In order to provide your device with the latest satellite reception data, we process the public IP address of the router, DeviceID (device-specific identifier) and the internal serial number (last one per month). The internal serial number and DeviceID are stored without any link to other data for statistical purposes (how many devices of one type download the ISIPRO per month) and are deleted at the end of the month, i.e. after five weeks at the latest.
The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR, "performance of a contract", alternatively Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest".
The data controller within the meaning of Art. 4 No. 7 GDPR is the company: Vestel Elektronik Sanayi ve Ticaret A.S., Levent 199 Buyukdere Cad. No 199 Sisli, Istanbul, 34394.
Name and contact details of the representative pursuant to Art. 27 GDPR: Vestel Holland B.V. Germany Branch Office, Parkring 6, 85748 Garching near Munich, e-mail: info@vestel-germany.de
Further information on data processing can be found in the data protection notice, which is available at www.vestel-germany.de/en/privacy-policy.
The data controller within the meaning of Art. 4 No. 7 GDPR is the company: VIDAA USA Inc., 10775 Bell Road, Duluth, Georgia 30097, United States.
Name and contact details of the representative pursuant to Art. 27 GDPR: VERDATA Datenschutz GmbH & Co KG, Römerstraße 12, 40476 Düsseldorf, Germany, e-mail: vidaa.representative@verdata.eu.
Further information on data processing can be found in the data protection notice, which is available at https://www.vidaa.com/privacy-policy/.
Connection to the home network and the Internet: For the purpose of authentication, controlling the app and distinguishing between different users (if several are created), it is necessary to integrate the central unit into your home network and connect it to the Internet. The following user data about you will be processed: User name, e-mail address or telephone number, password, time of registration and user profile. The following data about your system is also processed: Device name, password, version, device ID and configuration of the central unit, information on the connected components (door magnet status, motion detector, remote control, siren), status information (active/inactive status, online status, history with times of the last triggers, battery status, language, approximate location for the time zone) as well as the IP address of the central unit and your end device.
Further information can be found in the TechniSmart app's data protection notice.
The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR, "performance of a contract", alternatively Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest".
Storage of data on your end device: You can voluntarily activate the auto-login option to speed up the login process. In this case, the app stores your user name locally as well as your associated password and WLAN password in encrypted form for as long as this option is active. Your data will not be passed on.
Further information can be found in the TechniSmart app's data protection notice.
The legal basis for this is your voluntary consent, Art. 6 para. 1 sentence 1 lit. a GDPR. Not giving your consent has no disadvantages for you, but you will not be able to use our function. You can withdraw your consent at any time by deactivating the option shown. Withdrawing your consent does not affect the permissibility of the processing of your data up to the point of withdrawal.
We also intend to process the data provided by you or collected by us for advertising purposes in the case of an existing customer relationship and other contractual relationships for consideration. In this case, the legal basis under data protection law is Art. 6 para. 1 sentence 1 lit. f GDPR, "legitimate interest". According to the recitals to the GDPR, such a legitimate interest is given in particular with regard to so-called direct advertising, see recital 47 p. 7. The term "direct marketing" refers to the direct approach of a customer by a provider with the aim of promoting the sale of products or services in return for payment. Customer satisfaction surveys or participation in surveys can also fall under the legal concept of advertising. The other legal requirements, in particular § 7 UWG, are of course observed.
Without an existing customer relationship or without any other paid contractual relationship, we will only process your personal data for advertising purposes, if you have given us your voluntary consent to do so, Art. 6 para. 1 sentence 1 lit. a GDPR.
Advertising is carried out by post, by electronic means, including e-mail, social media, or by telephone, insofar as this is legally permissible.
The advertising measures relate in particular to all products and all services, customer satisfaction surveys and polls as well as invitations to trade fairs and events.
You can object to the processing of your personal data for advertising purposes at any time. The relevant contact details are listed in the data protection notice. In this case, your personal data will no longer be processed for advertising purposes and will be deleted from the relevant advertising mailing lists.
If we use processors in this context, we have concluded an order processing contract with them in accordance with the provisions of Art. 28 GDPR, so that the processor is subject in particular to our instructions as the client.
The maximum duration of storage depends on the purpose of the data processing. The duration of storage generally depends on the period for which processing is required to fulfil the purpose.
Deletion periods under data protection law do not apply if and insofar as statutory retention obligations, such as those under social security law, commercial law or tax law, for example pursuant to Section 257 HGB or Section 147 AO, require longer deletion periods.
We transfer data within the specialist departments insofar as this is necessary to achieve the purpose.
We may transfer data within the Techniropa Holding Group. The primary authorisation basis for data transfer within the group of companies is Art. 6 para. 1 sentence 1 lit. f GDPR. This states that data processing is lawful if processing is necessary for the purposes of the legitimate interests pursued, except where such interests are overridden by the interests or fundamental rights of the data subject. Recital 48 of the recitals to the GDPR, which are to be regarded as interpretation aids to the GDPR, specifies the legitimate interest for a transfer within a group of companies. Accordingly, such a transfer within the group for internal administrative purposes with regard to the processing of customer data is to be qualified as a legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR. Internal administrative purposes relating to customer data in this sense may include centralised customer management, internal group reporting or, in the case of access to data within matrix structures in a group of companies.
Based on the intercompany agreements concluded with individual companies in the Techniropa Group, TechniSat acts as a processor for individual Group companies in the areas of IT, human resources, financial accounting, organisational services, marketing and purchasing, among others. A corresponding order processing contract in accordance with Art. 28 GDPR has been concluded in each case; we will be happy to provide you with the individual contracts if required.
We also use Microsoft Office 365 as a cloud application, software from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland. Reference may be made to the aspects described under C., II. in this context.
Furthermore, transfers may be made to external third parties insofar as the aforementioned is necessary and legally permissible to achieve the purpose, for example to: Auditing companies, tax consulting companies, law firms, financing companies, banks, factoring companies, other assignees, advertising agencies, lettershops, printers, postal service providers, freight forwarders, public authorities, including tax offices, customs, insurance companies, companies that check creditworthiness, IT service providers, debt collection companies, data carrier disposal companies, creditor protection associations and other business information services. The authorisation basis for data transmission is Art. 6 para. 1 sentence 1 lit. f GDPR.
Processors used are contractually bound to the requirements of Art. 28 GDPR. Processors will only process your data in accordance with the legal requirements, in accordance with our instructions and only in the context of the fulfilment of the contract.
All processing of personal data generally takes place in Germany or in member states of the European Union. We do not transfer personal data to countries outside the member states of the European Union, so-called third countries, or to other international organisations, unless otherwise stated in the data protection notice.
If we should transfer personal data to companies in third countries, the aforementioned will only take place if the third country has been confirmed by the EU Commission as having an adequate level of data protection in accordance with Art. 45 para. 3 GDPR, which is the case with regard to both the USA and the UK, or if other appropriate data protection guarantees, e.g. binding internal company data protection regulations or an agreement of the standard contractual clauses of the EU Commission or the consent of the data subject is available, Art. 44 et seq. GDPR.
We take all necessary technical and organisational measures, taking into account the requirements of Art. 24, 25 and 32 GDPR, to protect personal data from loss, destruction, access, modification or dissemination by unauthorised persons and misuse. For example, we comply with the legal requirements for the pseudonymisation and encryption of personal data, the confidentiality, integrity, availability and resilience of systems and services in connection with processing, the availability of personal data and the ability to restore it quickly in the event of a physical or technical incident, and the establishment of procedures to regularly review, assess and evaluate the effectiveness of technical and organisational measures to ensure the security of processing. Furthermore, we also comply with the requirements of Art. 25 GDPR with regard to the principles of "privacy by design" and "privacy by default", i.e. data protection through data protection-friendly default settings.
You have a right to receive information about your personal data free of charge and, if the legal requirements are met, a right to rectification, blocking and erasure of your data, to restriction of processing, to data portability and a right to object.
Insofar as we base the processing of your personal data on the balancing of interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you may object to the processing. This is the case if, in particular, the processing is not necessary for the fulfilment of a contract with you. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.
You also have the option of lodging a complaint with a competent supervisory authority, e.g. Landesbeauftragter für den Datenschutz und die Informationsfreiheit RLP, Hintere Bleiche 34, 55116 Mainz.
If you have any questions about the processing of your personal data, questions relating to the aforementioned rights and their assertion, or suggestions, please contact the contact details above or the data protection officer:
Phone: 0049 (0) 6592 712 1351
E-mail: datenschutzbeauftragter@technisat.de
Version: 2, valid from 23.01.2024.
Our latest version of this data protection notice applies in each case.
The interested party / business partner / supplier is obliged to view the data protection notice at regular intervals and to make it available to his employees if he himself is not a natural person and if personal data is processed by his employees through us.
In the event of any discrepancies between the German and English versions of this Data Protection Notice, only the German version shall be valid.