Privacy Policy

Name and address of the data con­troller and means of contact

Orano NCS GmbH
Olaf Oldiges
Mar­garete-von-Wrangell-Straße 7
63457 Hanau
Germany

Tel.:           +49 (0) 6181 – 501-100
E-Mail:     info.ncs@orano-ncs.com
Website: www.orano-ncs.com

Purpose of and legal basis for data processing

Purpose of and legal basis for data pro­cessing – in general when visiting the website 

If you use our website for purely infor­ma­tional pur­poses, do not register or otherwise transmit infor­mation to us (e.g. by e-mail), we will only collect such data as your browser transmits to our server (so-called “server log files”). These data are pro­cessed pur­suant to Art. 6 (1)(f) of the General Data Pro­tection Regu­lation (GDPR) on the basis of our legi­timate interest in improving the sta­bility and func­tio­n­ality of our home page. These data will not be used for any other purpose; nor will they be dis­c­losed to third parties. However, we reserve the right to sub­se­quently analyse the log files should there be any indi­ca­tions of illegal use.

Purpose of and legal basis for data pro­cessing – contact form

When you make contact with us (e.g. using the contact form or by e-mail), per­sonal data will be collected. These data will be saved and used exclu­sively for the purpose of responding to your request and the asso­ciated tech­nical admi­nis­tration. The legal basis for pro­cessing the data is our legi­timate interest in responding to your request pur­suant to Art. 6 (1) (f) of the GDPR. If your purpose of making contact is the con­clusion of a con­tract, then Art. 6 (1) (b) of the GDPR forms a further legal basis for the pro­cessing. Your data will be deleted after final pro­cessing of your enquiry; this is the case if it can be inferred that the relevant facts have been con­clu­sively cla­rified and if no legal storage obli­ga­tions pro­hibit us from deleting them.

Purpose of and legal basis for data pro­cessing – Comments function

When you use the Comments function on this website, in addition to your comment, details of the time the comment was created and the commentator’s name you selected will be saved and published on the website. In addition, your IP address will be logged and stored. 

Your IP address is stored for security reasons in case a comment that has been made infringes the rights of third parties or illegal content is posted. 

The legal bases for the storage of your data are Art. 6 (1) (b) and (f) of the GDPR. We reserve the right to delete comments if they are claimed by third parties to be unlawful or offensive.

Purpose of and legal basis for data pro­cessing – News­letter function

When you register for our e-mail news­letter, we will regu­larly send you infor­mation on our company and what we have to offer. The only man­datory infor­mation required for a sub­scription to our news­letter is your e-mail address. 

The pro­vision of further data is vol­untary and these will be used in order to contact you per­so­nally. For sending the news­letter, we use the so-called double-opt-in pro­cedure. This means that we will not send you an e-mail news­letter until you have expressly con­firmed to us that you agree to receive newsletters. 

We will then send you a con­fir­matory e-mail asking you to click on a cor­re­sponding link to confirm that you wish to receive news­letters in future.
By cli­cking on the con­fir­mation link, you consent to our using your per­sonal data pur­suant to Art. 6 (1)(a) of the GDPR. When you register for our news­letter we will store your IP address as regis­tered by your ISP and the date and time of regis­tration in order to be able to track any pos­sible misuse of your e-mail address at a later point in time. 

The data we collect when you register for the news­letter will be used exclu­sively for the pur­poses of adver­tising by way of the news­letter. You can cancel the sub­scription at any time via the link pro­vided in the news­letter. Once you have unsub­scribed, your e-mail address will be deleted immediately from our news­letter dis­tri­bution list unless you have expressly con­sented to the further use of your data or we reserve the right to make further use of your data that is per­mitted by law and which we inform you about in this policy.

Reci­pients or cate­gories of recipients

Depending on type and purpose of use, per­sonal data will be passed on to the fol­lowing external parties:

Ope­rators of IT infra­st­ructure systems, service pro­viders main­taining the website, Google, USA.

Trans­mission to non-EU countries

Within the framework of Google Maps and Google WEB FONT, we pass data to Google, USA, who process on the basis of the “Privacy Shield” and thus gua­rantee the cor­re­sponding EU data pro­tection level.

Time limits for erasure

The data con­troller will process and store the data subject’s per­sonal data only for the period required to achieve the purpose of such storage or where pro­vided for by the European Directive and Regu­lation Body or any other legis­lature in laws or regu­la­tions to which the data con­troller is subject.
If the purpose of storage no longer applies or if a storage period pre­scribed by the European Directive and Regu­lation Body or another com­petent legis­lator expires, the per­sonal data will be blocked or erased rou­tinely and in accordance with such legislation.

Advice on right of with­drawal where consent was selected as the legal basis

You have the right to withdraw at any time your consent given once to the pro­cessing of data. In the event of with­drawal, we will erase the data con­cerned immediately, where further pro­cessing cannot be sup­ported by a legal basis for pro­cessing. The with­drawal of consent does not affect the law­fulness of the pro­cessing carried out on the basis of such consent prior to withdrawal.

Right to lodge a com­p­laint with a super­visory authority

If, in your opinion, the pro­cessing of your per­sonal data con­tra­venes the GDRP, you have the pos­si­bility pur­suant to Art. 77 of the GDRP to lodge a com­p­laint with the afo­re­men­tioned data pro­tection officer or with a super­visory aut­hority. The com­petent super­visory aut­hority for us is:

The Hessian Com­mis­sioner for Data Pro­tection and Freedom of Information
PO Box 3163
D-65021 Wiesbaden

Advice on pro­filing and scoring

As a respon­sible company, we do not use auto­matic decision making, scoring or profiling.

The data subject’s rights

a) Right of confirmation

Every data subject has the right, granted by the European Directive and Regu­lation Body, to obtain from the data con­troller con­fir­mation as to whether per­sonal data relating to him or her are being pro­cessed. If a data subject wishes to exercise this right of con­fir­mation, he or she may at any time contact an employee of the data controller.

b) Right to information

Any data subject affected by the pro­cessing of his or her per­sonal data has the right, granted by the European Directive and Regu­lation Body, to obtain from the data con­troller, at any time and free of charge, infor­mation on the per­sonal data relating to him or her that have been stored, as well as a copy of this infor­mation. In addition, the European Directive and Regu­lation Body has granted the data subject access to the fol­lowing information:

• the pur­poses of processing
• the cate­gories of per­sonal data that are processed
• the reci­pients or cate­gories of reci­pient to whom the per­sonal data have been or will be dis­c­losed, in par­ti­cular reci­pients in third coun­tries or inter­na­tional organisations
• where pos­sible, the envi­saged period for which the per­sonal data will be stored, or, if not pos­sible, the cri­teria used to determine that period
  the exis­tence of the right to request from the con­troller rec­ti­fi­cation or erasure of per­sonal data or restriction of
  pro­cessing of per­sonal data con­cerning the data subject or to object to such processing
• the exis­tence of the right to lodge a com­p­laint with a super­visory authority
• where the per­sonal data are not collected from the data subject, any available infor­mation as to their source
• the exis­tence of auto­mated decision-making, including pro­filing, referred to in Article 22(1) and (4) and, at least in those cases, mea­ningful infor­mation about the logic involved, as well as the signi­fi­cance and the envi­saged con­se­quences of such pro­cessing for the data subject
• Fur­thermore, where per­sonal data are trans­ferred to a third country or to an inter­na­tional orga­ni­sation, the data subject has the right to be informed of the appro­priate safe­guards relating to the transfer.
  
  If a data subject wishes to exercise this right to infor­mation, he or she may at any time contact an employee of the data controller.

c) Right to rectification

The data subject has the right, granted by the European Directive and Regu­lation Body, to obtain from the con­troller without undue delay the rec­ti­fi­cation of inac­curate per­sonal data con­cerning him or her. Fur­thermore, taking into account the pur­poses of the pro­cessing, the data subject has the right to have incom­plete per­sonal data com­pleted, including by means of pro­viding a sup­ple­mentary statement.

If a data subject wishes to exercise this right to infor­mation, he or she may at any time contact an employee of the data controller.

d) Right to erasure (right to be forgotten)

The data subject has the right to obtain from the con­troller the erasure of per­sonal data con­cerning him or her without undue delay and the con­troller shall have the obli­gation to erase per­sonal data without undue delay where one of the fol­lowing grounds applies and to the extent that the pro­cessing is not necessary:

• the per­sonal data are no longer necessary in relation to the pur­poses for which they were collected or otherwise processed.
• the data subject with­draws consent on which the pro­cessing is based according to point (a) of Article 6(1), or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
• the data subject objects to the pro­cessing pur­suant to Article 21(1) and there are no over­riding legi­timate grounds for the pro­cessing, or the data subject objects to the pro­cessing pur­suant to Article 21(2) of the GDPR.
• the per­sonal data have been unlaw­fully processed.
• the per­sonal data have to be erased for com­pliance with a legal obli­gation in Union or Member State law to which the con­troller is subject.
• the per­sonal data have been collected in relation to the offer of infor­mation society ser­vices referred to in Article 8(1) of the GDPR.

If one of the above grounds applies and a data subject wishes to request the erasure of per­sonal data that is stored by Orano NCS GmbH, he or she may at any time contact an employee of the data con­troller. The employee of Orano NCS GmbH will arrange for the request for erasure to be com­plied with without delay.

If the per­sonal data have been made public by Orano NCS GmbH and if our company is obliged to erase the per­sonal data pur­suant to Art. 17 (1) of the GDPR, Orano NCS GmbH will take
rea­sonable steps, including tech­nical mea­sures, to inform data con­trollers which are pro­cessing the per­sonal data that the data subject has requested the erasure by such data con­trollers of any links to, or copy or repli­cation of, those per­sonal data, insofar as the pro­cessing is not required. The employee of Orano NCS GmbH will take the necessary steps in indi­vidual cases.

e) Right to restriction of processing

The data subject has the right, granted by the European Directive and Regu­lation Body, to obtain from the con­troller restriction of pro­cessing where one of the fol­lowing applies:

• the accuracy of the per­sonal data is con­tested by the data subject, for a period enabling the con­troller to verify the accuracy of the per­sonal data.
• the pro­cessing is unlawful and the data subject opposes the erasure of the per­sonal data and requests the restriction of their use instead.
• the con­troller no longer needs the per­sonal data for the pur­poses of the pro­cessing, but they are required by the data subject for the estab­lishment, exercise or defence of legal claims.
• the data subject has objected to pro­cessing pur­suant to Article 21(1) of the GDPR pending the veri­fi­cation whether the legi­timate grounds of the con­troller override those of the data subject

If one of the above-men­tioned con­di­tions is met and a data subject wishes to request the restriction of per­sonal data that is stored byOrano NCS GmbH, he or she may at any time contact an employee of the data con­troller. The employee of Orano NCS GmbH will arrange for the restriction of processing.

f) Right to data portability

Every data subject affected by the pro­cessing of per­sonal data has the right granted by the European Directive and Regu­lation Body to receive the per­sonal data con­cerning him or her, which he or she has pro­vided to a con­troller, in a struc­tured, com­monly used and machine-readable format. The data subject also has the right, to transmit those data to another con­troller without hin­drance from the con­troller to which the per­sonal data have been pro­vided, where: the pro­cessing is based on consent pur­suant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR or on a contract
pur­suant to point (b) of Article 6(1) of the GDPR; the pro­cessing is carried out by auto­mated means, insofar as the pro­cessing is not required for the per­for­mance of a task that lies in the public interest or in the exercise of public aut­hority vested in the data controller.

Fur­thermore, in exer­cising his or her right to data por­ta­bility pur­suant to Art. 20 (1) of the GDPR, the data subject has the right, to have the per­sonal data trans­mitted directly from one con­troller to another, where tech­ni­cally fea­sible and insofar as this does not diversely affect the rights and freedoms of others. 

In order to assert the right to por­ta­bility, the data subject may at any time contact an employee of Orano NCS GmbH.

g) Right to object

Every data subject whose per­sonal data is pro­cessed has the right, granted by the European Directive and Regu­lation Body, for reasons arising from his or her par­ti­cular situation, to raise an objection at any time to the pro­cessing of per­sonal data relating to him or her that is based on Art. 6 (1) (e) or (f) of the GDPR. This also applies to any pro­filing that is based on these Regulations.

In the event of an objection, Orano NCS GmbH will no longer process the per­sonal data, unless we can prove that there are com­pelling legi­timate reasons for the pro­cessing, which override the inte­rests, rights and freedoms of the data subject, or the data pro­cessing is for the estab­lishment, exercise or defence of legal claims.

If Orano NCS GmbH pro­cesses per­sonal data for direct mar­keting pur­poses, the data subject has the right to object at any time to the pro­cessing of his or her data for the pur­poses of. This also includes pro­filing to the extent that it is related to such direct mar­keting. If the data subject objects to pro­cessing by Orano NCS GmbH for pur­poses of direct mar­keting, Orano NCS GmbH/strong> will no longer process the per­sonal data for such .

In addition, the data subject has the right, on grounds relating to his or her par­ti­cular situation, to raise an objection to the pro­cessing of per­sonal data con­cerning him or her, where data is pro­cessed by Orano NCS GmbH for sci­en­tific or his­to­rical research pur­poses or sta­tis­tical pur­poses pur­suant to Article 89(1) of the GDPR, unless the pro­cessing is necessary for the per­for­mance of a task carried out for reasons of public interest.

Cookies

The Orano NCS GmbH website uses cookies. Cookies are text files, which are saved and stored on a com­puter system via an Internet browser.

Many web­sites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is unique iden­tifier of the cookie. It con­sists of a string of cha­racters through which Internet pages and servers can be assigned to the spe­cific Internet browser in which the cookie was stored. This enables the visited Internet pages and servers to dis­tin­guish the indi­vidual browser of the person con­cerned from other Internet browsers that contain other cookies. A par­ti­cular Internet browser can be reco­gnised and iden­tified by its unique cookie-ID.

By using cookies, Orano NCS GmbH can provide the users of this website with more user-friendly ser­vices, which would not be pos­sible without the setting of cookies.
By means of a cookie, the infor­mation and offers on our website can be opti­mised in the interest of the user. Cookies enable us, as already men­tioned, to reco­gnise the users of our website. The purpose of this reco­gnition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter his access data each time he visits the website because this is under­taken by the website and the cookie stored on the user’s com­puter. Another example is the cookie of a shopping basket in the online shop. The online shop remembers the items that a cus­tomer has placed in the virtual shopping basket via a cookie.

The person con­cerned can prevent the setting of cookies by our website at any time by means of an appro­priate setting of the Internet browser used and thus per­ma­nently object to the setting of cookies. Fur­thermore, cookies that have already been set can be deleted at any time via an Internet browser or other software program. This is pos­sible in all common Internet browsers. If the person con­cerned deac­ti­vates the setting of cookies in the Internet browser used, not all func­tions of our website may be usable under certain circumstances.

Privacy policy regarding the deployment and use of Google-Maps

The data con­troller has inte­grated Google Maps into this website.
Google Maps (API) is a web service pro­vided by Google LLC., 1600 Amphi­theatre Parkway, Mountain View, CA 94043, USA (“Google”) for dis­playing inter­active (land) maps to visually display geo­graphic infor­mation. By using this service, website visitors can see the company location and it makes it easier to reach the site.
When you call up web pages in which a Google Maps map is inte­grated, infor­mation about the use of the respective website (such as the IP address) is already trans­ferred to Google’s servers in the USA and stored there. This takes place regardless of whether Google pro­vides a user account that the user is logged in to or whether no user account exists. If the person con­cerned is logged in to Google, his or her data will be assigned directly to his or her account. If this assignment is not desired, the person con­cerned must log out before acti­vating the button. Google stores the data (even for users who are not logged in) as usage pro­files and eva­luates them. In par­ti­cular, such eva­luation will be carried out pur­suant to Art. 6 (1) (f) of the GDPR on the basis of Google’s legi­timate inte­rests in the display of per­so­na­lised adver­tising, market research and/or the design of its website in line with requi­re­ments. You have the right to object to the creation of these user pro­files and must contact Google to exercise these rights.
Google LLC, with its head­quarters in the USA is cer­tified for the US-European privacy agreement “Privacy Shield”, which ensures com­pliance with the data pro­tection level app­li­cable in the EU.
If the person con­cerned does not agree with the future transfer of his or her data to Google as part of the use of Google Maps, it is also pos­sible to com­pletely deac­tivate the Google Maps web service by swit­ching off Java­Script in the browser. Google Maps and thus also the map display on this website can then not be used.
The Google Terms of Use can be found at http://www.google.de/intl/de/policies/terms/regional.html; The Addi­tional Terms of Use for Google Maps can be found at https://www.google.com/intl/de_US/help/terms_maps.html
Detailed infor­mation on data pro­tection in con­nection with the use of Google Maps can be found on the Google website (“Google Privacy Policy”): http://www.google.de/intl/de/policies/privacy/

Privacy policy regarding the deployment and use of Google fonts

The data con­troller has inte­grated Google fonts into this website. Google pro­vides free fonts that can be used in the design of websites.
This page uses so-called web fonts pro­vided by Google LLC., 1600 Amphi­theatre Parkway, Mountain View, CA 94043, USA („Google“) for the uniform display of fonts. When a person accesses a page, the browser loads the required web fonts into the browser cache, in order to display texts and fonts correctly.
For this purpose, the browser used by an indi­vidual must connect with Google’s servers. This will enable Google to know that the relevant website has been accessed via the IP address of the person con­cerned. The use of Google Web Fonts is in the interest of a uniform and appe­aling pre­sen­tation of the online offe­rings. This con­sti­tutes a legi­timate interest within the meaning of Art. 6 (1) (f) of the GDPR. If the browser of the person con­cerned does not support web fonts, a standard font is used by the com­puter of the person concerned.
Google LLC., with its head­quarters in the USA, is cer­tified for the US-European privacy agreement “Privacy Shield”, which ensures com­pliance with the data pro­tection level app­li­cable in the EU.
Further infor­mation on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s Privacy Policy: https://www.google.com/policies/privacy/

Privacy policy regarding the deployment and use of YouTube

The data con­troller has inte­grated YouTube com­ponents into this website. YouTube is an Internet video portal that enables video publishers to post video clips and other users to view, rate and comment on them free of charge. YouTube allows the publi­cation of all types of videos, which is why com­plete films and tele­vision pro­grammes, but also music videos, trailers and videos made by users them­selves can be accessed via the Internet portal.
The ope­rating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a sub­si­diary of Google Inc., 1600 Amphi­theatre Pkwy, Mountain View, CA 94043-1351, USA.
Each time one of the indi­vidual pages of this website, which is ope­rated by the data con­troller, and into which a YouTube com­ponent (YouTube video) has been inte­grated, is accessed, the Internet browser on the IT system of the person con­cerned is auto­ma­ti­cally prompted by the YouTube com­ponent to download a repre­sen­tation of the cor­re­sponding YouTube com­ponent from YouTube. Further infor­mation about YouTube can be found at https://www.youtube.com/yt/about/de/. As part of this tech­nical process, YouTube and Google obtain infor­mation about which spe­cific subpage of our website is being visited by the person concerned.
If the person con­cerned is logged into YouTube at the same time, YouTube reco­gnizes which spe­cific subpage of our website the person is visiting by calling up a subpage con­taining a YouTube video. This infor­mation is collected by YouTube and Google and assigned to the respective YouTube account of the person concerned.
YouTube and Google will receive infor­mation through the YouTube com­ponent that the person con­cerned has visited our website whenever that person is logged into YouTube at the same time as accessing our website, regardless of whether that person clicks on a YouTube video or not. If the person con­cerned does not want YouTube and Google to receive such infor­mation, they may prevent the trans­mission by logging out of their YouTube account before visiting our website.
The Privacy Policy published by YouTube, which is available at https://www.google.de/intl/de/policies/privacy/, pro­vides infor­mation about the collection, pro­cessing and use of per­sonal data by YouTube and Google.