Intamin > Privacy Policy

Privacy Policy

DATA PROTECTION STATEMENT AND CONSENT TO DATA USE FOR

www.intaminworldwide.com, www.intaminamusement.com, www.intamin.com, www.intamintransportation

Data protection is a matter of trust, and your trust is important to us. To ensure that you feel safe whilst visiting our website, we observe strict regulations when processing your personal data and would like to inform you about how we collect and use your data. The following Data Protection Statement explains which data we collect on our websites and which data we process and how, and who you can contact in case of any concerns.

I. NAME AND ADDRESS OF THE CONTROLLER

The controller in accordance with the General Data Protection Regulation, other national data protection laws of the Member States and other legal data protection provisions is:

Intamin AG
Verenastrasse 37
CH-8832 Wollerau
Switzerland
+41 447869111
info@intamin.com
www.intamin.com

Intamin Transportation Ltd.
Landstrasse 126
FL-9494 Schaan
Liechtenstein
+423 2370363
info@intamintransportation.com
www.intamintransportation.com

Intamin Amusement Rides Int. Corp. Est.
Landstrasse 126
FL-9494 Schaan
Liechtenstein
+423 2370343
info@intamin.com
www.intamin.com

II. NAME AND ADDRESS OF THE DATA PROTECTION OFFICER

The controller’s data protection officer is:

Intamin Amusement Rides int. Corp. Est.
Landstrasse 126
FL-9494 Schaan
Liechtenstein
+423 2370367
info@intamin.com
www.intamin.com

III. GENERAL INFORMATION ON DATA PROCESSING

1. SCOPE OF PROCESSING OF PERSONAL DATA

In principle, we only process our users’ personal data when it is necessary to do so in order to provide a functioning website and for the content and services we offer. The processing of our users’ personal data is normally only carried out with the user’s consent. One exception is where it is not possible to obtain consent beforehand for practical reasons and it is permitted by law to process the data.

2. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

When we obtain consent for processing operations for personal data from the data subject, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) forms the legal basis.

In the case of the processing of personal data which is necessary for the performance of a contract to which the data subject is party, Article 6(1)(b) GDPR forms the legal basis. This also applies for processing operations that are necessary to take steps prior to entering into a contract.

When processing personal data is necessary for compliance with a legal obligation to which our company is subject, Article 6(1)(c) GDPR forms the legal basis.

In the event that the processing of personal data is necessary in order to protect the vital interests of the data subject or of another natural person, Article 6(1)(d) GDPR forms the legal basis.

If the processing is necessary for the protection of the legitimate interests of our company or a third party and such interests are not overridden by the interests or fundamental rights and freedoms of the data subject, Article 6(1)(f) GDPR forms the legal basis for the processing.

3. DATA ERASURE AND STORAGE PERIOD

The data subject’s personal data will be erased or blocked as soon as the purpose of storage ceases to apply. Storage can also be carried out if this is provided for by the European or national legislator in Union regulations, laws or other rules to which the controller is subject. Data will also be blocked or erased if the storage period prescribed by the aforementioned standards expires, unless continued storage of the data is necessary for conclusion or performance of a contract.

IV. OPERATION OF A WEBSITE AND CREATION OF LOG FILES

1. DESCRIPTION AND SCOPE OF DATA PROCESSING

Every time our website is visited, our system automatically records data and information from the system of the requesting computer.

The following data are collected in this way:

(1) Information on the browser type and version used

(2) The user’s operating system

(3) The user’s Internet service provider

(4) The user’s IP address

(5) The date and time of access

(6) Websites from which the user’s system reaches our website

(7) Websites which are visited by the user’s system via our website

The data are also stored in our system’s log files. These data are not stored together with the user’s other personal data.

2. LEGAL BASIS FOR DATA PROCESSING

The legal basis for the temporary storage of the data and log files is Article 6(1)(f) GDPR.

3. PURPOSE OF DATA PROCESSING

It is necessary for the system to store the IP address temporarily to enable the website to be sent to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session.

Storage in log files is carried out to ensure the functionality of the website. We also use the data to optimise the website and to ensure the security of our IT systems. An analysis of the data for marketing purposes is not carried out in this context.

We also have a legitimate interest in data processing for these purposes in accordance with Article 6(1)(f) GDPR.

4. LENGTH OF STORAGE PERIOD

The data will be erased as soon as they are no longer required to achieve the purpose of their collection. When data are collected to operate the website, this is the case when the relevant session ends.

When data are stored in log files, this is the case after seven days at the latest. No further storage is possible. In this case, users’ IP addresses will be erased or distorted so that assignment to the requesting client is no longer possible.

5. RIGHT TO OBJECT AND RIGHT TO RECTIFICATION

Recording data to operate the website and storing the data in log files is essential for running the website. Therefore, the user does not have any right to object.

V. USE OF COOKIES

a) Description and scope of data processing

Our website uses cookies. Cookies are text files which are saved in the user’s web browser or by the user’s web browser on their computer system. When a user visits a website, a cookie may be saved on their operating system. This cookie contains a characteristic character string which allows the browser to be clearly identified when the website is visited again.

We use cookies to make our website more user-friendly. Some elements of our website require the accessing browser to be identified even after changing pages.

These cookies store and transmit the following data:

(1) Language settings

(2) Login details

Our website also uses cookies to allow us to analyse users’ surfing behaviour.

The following data can be transmitted in this way:

(1) Search terms entered

(2) Frequency of page views

(3) Use of website functions

The data collected from users in this way is pseudonymised by technological means. Therefore, assignment of the data to the requesting user is no longer possible. The data are not stored together with users’ other personal data.

When visiting our website, users are informed of the use of cookies for analytical purposes and referred to this data protection notice by an info banner. Reference is also made in this regard to how the storage of cookies can be prevented in the browser settings.

When visiting our website, the user is informed of the use of cookies for analytical purposes and their consent is obtained for processing the personal data used in this regard. Reference is also made to this data protection notice in this regard.

b) Legal basis for data processing

The legal basis for the processing of personal data using technically necessary cookies is Article 6(1)(f) GDPR.

The legal basis for the processing of personal data using technically necessary cookies for analytical purposes when the user’s consent has been obtained in this regard is Article 6(1)(a) GDPR.

c) Purpose of data processing

The purpose of using technically necessary cookies is to make the website easier for users to use. Some functions of our website cannot be offered without the use of cookies. These services require the browser to be recognised again after a page change.

We require cookies for the following applications:

(1) Acquisition of language settings

(2) Recognising search terms

The user data collected by the technically necessary cookies are not used to create user profiles.

Analytics cookies are used for the purpose of improving the quality of our website and its content. Analytics cookies tell us how the website is used so we can continuously optimise it.

We also have a legitimate interest in the processing of personal data for these purposes in accordance with Article 6(1)(f) GDPR.

d) Length of storage, right of objection and deletion

Cookies are stored on the user’s computer and transmitted from it to our website. You, as the user, therefore have full control over the use of cookies. You can disable or restrict the transmission of cookies by adjusting the settings in your web browser. Cookies which have already been saved can be deleted at any time. This can also be done automatically. If you disable cookies for our website, it may no longer be possible to fully use all the website’s functions.

Sending flash cookies cannot be disabled in the browser, but can be disabled by changing the Flash Player settings.

VII. CONTACT FORM AND EMAIL CONTACT

1. DESCRIPTION AND SCOPE OF DATA PROCESSING

On our website there is a contact form that can be used to contact us electronically. If a user chooses this option, the data entered into the entry form will be transmitted to us and stored. These data are:

Name
Surname
Company
E-mail address

(5) Subject

(6) Address

(7) Country

(8) Message

The following data are also stored at the time of sending the message:

(1) The user’s IP address

(2) The date and time of registration

Your consent for processing the data will be obtained during submission and you will be referred to this data protection notice.

Alternatively, you have the option to contact us via the email address provided. In this case, the user’s personal data transmitted with the email will be stored.

We will not distribute the data to third parties in this context. The data are used solely to process the conversation.

2. LEGAL BASIS FOR DATA PROCESSING

The legal basis for the processing of data when the user’s consent has been obtained is Article 6(1)(a) GDPR.

The legal basis for the processing of data that are transmitted when sending an email is Article 6(1)(f) GDPR. If the aim of contact by email is to conclude a contract, Article 6(1)(b) GDPR is also a legal basis for processing.

3. PURPOSE OF DATA PROCESSING

We only process the personal data entered in the contact form to facilitate contact. In the event of contact by email, there is also the necessary legitimate interest in processing the data.

The other personal data processed during submission are used to prevent misuse of the contact form and ensure the security of our IT systems.

4. LENGTH OF STORAGE PERIOD

The data will be erased as soon as they are no longer required to achieve the purpose of their collection. For personal data from the contact form and that which has been sent by email, this is the case when the conversation with the user ends. The conversation is considered to have ended when it is clear from the circumstances that the matter in hand has been fully clarified.

Additional personal data collected during submission will be erased after seven days at the latest.

5. RIGHT TO OBJECT AND RIGHT TO RECTIFICATION

The user has the possibility of withdrawing their consent to the processing of personal data at any time. If the user contacts us by email, they may object to the storage of their personal data at any time. The conversation cannot be continued in such a case.

The section below describes how to withdraw your consent and how to object to the storage of your personal data.

In this case, all personal data stored during contact will be erased.

VIII. WEB ANALYSIS

1. SCOPE OF PROCESSING OF PERSONAL DATA

We use Google Analytics, a web analysis service from Google Inc. (“Google”). Google uses cookies. The information generated by the cookie regarding use of this website by the user is usually transferred to a Google server in the USA and stored there.

Google will use this information on our behalf to evaluate use of our website by users, to produce reports on activity within this website offer and to provide other services to us related to the use of the website offer and of the Internet. As part of this process, pseudonymised usage profiles of users may be generated out of the data processed.

We only use Google Analytics with IP anonymisation enabled. This means that the IP address of users will first be abbreviated by Google within the Member States of the European Union or in other States party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. The IP address transmitted by the user’s browser will not be merged with other data by Google.

The users can prevent the storage of cookies via the relevant setting on their browser software; the users can also prevent the release of data generated by the cookies about your use of the website to Google as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en .

Further information on the use of data for advertising purposes by Google, as well as settings options and procedures available for opting out can be found on Google’s website: https://www.google.com/intl/de/policies/privacy/partners/

(“How Google uses information from sites or apps that use our services”), http://www.google.com/policies/technologies/ads (“Advertising”), http://www.google.de/settings/ads (“Control the information Google uses to show you ads”) and http://www.google.com/ads/preferences/ (“Take control of your Google ads experience”).

The software places a cookie on the user’s computer (see above for information on cookies). If individual pages of our website are accessed, the following data are stored:

(1) Two bytes of the IP address of the user’s accessing system

(2) The website accessed

(3) The website from which the user arrives at the accessed website (referrer)

(4) The subpages visited from the accessed website

(5) The length of time spent on the website

(6) The frequency of website access

The software runs exclusively on our website’s servers. The user’s personal data are only stored there. The data shall not be passed on to third parties.

The software is configured so that full IP addresses are not stored; instead, 2 bytes of the IP address are hidden (e.g. 192.168.xxx.xxx). This ensures that the truncated IP address cannot be assigned to the accessing computer.

2. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

The legal basis for processing the user’s personal data is Article 6(1)(f) GDPR.

3. PURPOSE OF DATA PROCESSING

The processing of the user’s personal data allows us to analyse the surfing behaviour of our users. By analysing the data obtained, we are able to compile information about the use of individual elements of our website. This helps us to continuously improve our website and its user friendliness. We also have a legitimate interest in the processing of data for these purposes in accordance with Article 6(1)(f) GDPR. Anonymising the IP address adequately safeguards the user’s interest in the protection of personal data.

4. LENGTH OF STORAGE PERIOD

The data will be deleted as soon as they are no longer required for our purpose.

In our case, this is 6 months after the case.

5. RIGHT TO OBJECT AND RIGHT TO RECTIFICATION

We offer our website users the option to opt out of the analysis process. To do this, they must follow the corresponding link. This places another cookie on their system, which tells our system not to store the user’s data. If the user deletes this cookie from their system in the meantime, the user must set the opt out cookie again.

Further information on privacy settings can be found here:

https://myaccount.google.com/privacy.

IX. RETARGETING AND DATA COLLECTION BY THIRD PARTIES

As part of retargeting and banner advertising, we use the services of third parties who place cookies on our site. These are the following providers:

– Doubleclick by Google, Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; https://www.google.de/intl/de/policies/technologies/ads/

– Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA; https://www.facebook.com/about/privacy

– Linkedin Inc., 222 Scond Street San Francisco, CA 94105, USA; https://www.linkedin.com/legal/privacy-policy

– Salesforce Inc., Suite 300 San Francisco, CA 94105; https://www.salesforce.com/company/privacy/

– Pinterest Inc., 808 Brannan St San Francisco, CA 94103-4904; https://policy.pinterest.com/de/privacy-policy

X. DATA SUBJECT RIGHTS

The following list covers all data subject rights pursuant to GDPR. Rights that have no relevance for our own website do not need to be listed. The list can thus be shortened.

If your personal data are processed, you are the data subject in accordance with the GDPR and you have the following rights vis-à-vis the controller:

1. RIGHT OF ACCESS

You can request confirmation from the controller of whether we process personal data concerning you.

If such processing is carried out, you can request details of the following information from the controller:

(1) the purposes for which the personal data are processed;

(2) the categories of personal data which are processed;

(3) the recipients or categories of recipients to whom personal data concerning you has been or will be disclosed;

(4) the planned length of storage of the personal data concerning you or, if it is not possible to provide specific details of this, the criteria for determining the storage period;

(5) the existence of a right to rectification or deletion of the personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;

(6) the existence of a right to lodge a complaint with a supervisory authority;

(7) all available information on the origin of the data, if the personal data are not obtained from the data subject;

(8) the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) GDPR and, in these cases at least, meaningful information on the logic involved as well as the significance and the envisaged consequences of such processing for the data subject.

You have the right to request information on whether personal data concerning you will be transferred to a third country or to an international organisation. In this regard, you can request information on the appropriate safeguards in accordance with Article 46 GDPR related to transmission.

2. RIGHT TO RECTIFICATION

You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you are incorrect or incomplete. The controller must carry out the rectification immediately.

3. RIGHT TO RESTRICTION OF PROCESSING

Under the following circumstances, you can request the processing of personal data concerning you to be restricted:

(1) for a period enabling the controller to verify the accuracy of the personal data, if you are contesting the accuracy of the personal data concerning you;

(2) when the processing is unlawful and you oppose the erasure of the personal data and request the restriction of use of the personal data instead;

(3) when the controller no longer needs the personal data for processing purposes, but you need it to establish, exercise or defend your legal rights, or

(4) when you have objected to the processing in accordance with Article21 (1) GDPR and verification of whether the controller’s legitimate grounds override your grounds is still pending.

If the processing of personal data concerning you has been restricted, this data may, with the exception of storage, only be processed with your consent or to establish, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the EU or of a Member State.

Where processing has been restricted under the aforementioned conditions, you will be informed by the controller before the restriction is lifted.

4. RIGHT TO ERASURE

A) DUTY TO ERASE

You can ask the controller to erase personal data concerning you immediately and the controller is obliged to erase these data immediately where one of the following grounds applies:

(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.

(2) You withdraw your consent on which the processing is based in accordance with Article 6(1)(a) or Article 9(2)(a) GDPR and there are no other legal grounds for the processing.

(3) You submit an objection to the processing in accordance with Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you submit an objection to the processing in accordance with Article 21(2) GDPR.

(4) The personal data concerning you were processed unlawfully.

(5) The deletion of personal data concerning you is necessary to fulfil a legal obligation under Union law or the law of a Member State to which the controller is subject.

(6) The personal data concerning you were collected in relation to information society services offered in accordance with Article 8(1) GDPR.

B) DISCLOSING INFORMATION TO THIRD PARTIES

If the controller has made personal data concerning you public and is obliged to delete them in accordance with Article 17(1) GDPR, it shall take reasonable steps, taking into account available technology and implementation costs, including technical measures, to inform controllers who are processing the personal data that you as the data subject, have requested the erasure of all links to these personal data or of copies or replications of these personal data.

C) EXCEPTIONS

The right to erasure is not granted if the processing is necessary

(1) to exercise the right of freedom of expression and information;

(2) to fulfil a legal obligation which requires processing in accordance with the law of the Union or the Member States to which the controller is subject or to perform a task that is carried out in the public interest or in the exercise of official authority vested in the controller;

(3) for reasons in the public interest in the area of public health in accordance with Article 9(2)(h) and (i) and Article 9(3) GDPR;

(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) GDPR, if the right provided in (a) is likely to render impossible or seriously impair the achievement of the objectives of this processing, or

(5) to establish, exercise or defend legal claims.

5. RIGHT TO INFORMATION

If you have asserted the right to rectification, deletion or restriction of processing vis-à-vis the controller, the controller is obliged to inform all recipients to whom the personal data concerning you were disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or would involve a disproportionate effort.

You have the right vis-à-vis the controller to information on these recipients.

6. RIGHT TO DATA PORTABILITY

You have the right to receive personal data concerning you which you have provided to the controller in a structured, commonly used and machine-readable format. You also have the right to transmit these data to another controller without hindrance from the controller to whom the personal data were provided, if

(1) the processing is based on consent in accordance with Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract in accordance with Article 6(1)(b) GDPR and

(2) the processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another controller, where this is technically feasible. The freedom and rights of others may not be adversely affected by this.

The right to data portability does not apply for the processing of personal data that are necessary to perform a task that is carried out in the public interest or in the exercise of official authority vested in the controller.

7. RIGHT TO OBJECT

You have the right, for reasons arising from your own particular situation, to object at any time to the processing of personal data concerning you that is performed in accordance with Article 6(1)(e) or (f) GDPR; this also applies to any profiling based on these provisions.

The controller will no longer process the personal data concerning you, unless it can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing facilitates the establishment, exercise or defence of legal claims.

Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

If you object to processing for direct advertising purposes, the personal data concerning you will no longer be processed for these purposes.

Notwithstanding Directive 2002/58/EC, you are also entitled in the context of the use of information society services to exercise your right of objection by means of automated procedures for which technical specifications are used.

8. RIGHT TO WITHDRAW DECLARATION OF CONSENT UNDER DATA PROTECTION LAW

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent will not affect the lawfulness of processing carried out based on the consent prior to withdrawal.

9. AUTOMATED INDIVIDUAL DECISION-MAKING, INCLUDING PROFILING

You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal effects for you or similar significant adverse effects for you. This does not apply if the decision

(1) is necessary for the conclusion or performance of a contract between you and the controller,

(2) is permissible under the law of the Union or the Member States to which the controller is subject, and this law provides adequate measures to safeguard your rights and freedoms and your legitimate interests, or

(3) is made with your express consent.

However, these decisions may not be based on special categories of personal data in accordance with Article 9(1) GDPR, unless Article 9(2)(a) or (g) applies and suitable steps to protect rights and freedoms and your legitimate interests have been taken.

In the cases stated in (1) and (3), the controller will take suitable steps to safeguard rights and freedoms and your legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express your own point of view and to contest the decision.

10. RIGHT TO LODGE A COMPLAINT WITH A DATA PROTECTION AUTHORITY

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you believe that the processing of the personal data concerning you infringes the GDPR.

The supervisory authority where the complaint was lodged will inform the complainant of the status and outcome of the complaint, including the possibility of a judicial legal remedy in accordance with Article 78 GDPR.