Privacy policy
The DMG MORI customer portal is provided by DMG MORI USA, INC., 2400 Huntington Blvd., Hoffman Estates, IL 60192
(hereinafter: "DMG MORI", "we" or "us") as the "controller", as the "body corporate", or as otherwise designated
in a comparable role under other applicable laws and regulations.
The DMG MORI customer portal enables you to manage your DMG MORI machine tools and customer data and to
communicate efficiently with us. The DMG MORI customer portal is available via our website at
https://us.mydmgmori.com.
By using the DMG MORI customer portal, we process personal data. This includes all data relating to an identified
or identifiable natural person. In the following, we would like to inform you which personal data we store or
process when you use the DMG MORI customer portal and how we handle or with whom we share this data. In addition,
we inform you about the measures we take to safeguard your personal information, about the legal basis of the
processing to the extent required under applicable law, about our legitimate interests, as far as our legitimate
interests serve as the legal basis for processing, about your rights as the person concerned, and finally about
your contact persons in case of questions or grievances.
By using our Services, you understand and consent to us collecting and using your information as described in this
Privacy Policy.
If you do not agree with our policies and practices, your choice is not to use the DMG MORI customer portal. By
accessing or using the DMG MORI customer portal, you agree to this privacy policy. This policy may change from
time to time. It is our policy to post any changes we make to our privacy policy on this page. Your continued use
of the DMG MORI customer portal after we make changes is deemed to be acceptance of those changes, so please check
the policy periodically for updates.
Our DMG MORI customer portal is not intended for children under 16 years of age. No one under age 16 may provide
any information to the DMG MORI customer portal. We do not knowingly collect personal information from children
under 16. If you are under 16, do not use or provide any information on the DMG MORI customer portal or register
on the DMG MORI customer portal, or provide any information about yourself to us, including your name, address,
telephone number, or email address. If we learn we have collected or received personal information from a child
under 16 without verification of parental consent, we will delete that information. If you believe we might have
any information from or about a child under 16, please contact us.
1.Information about the processing of your data
1.1
Processing of personal data when visiting our DMG MORI customer portal at
https://us.mydmgmori.com.
1.1.1
When you visit the
DMG MORI customer portal at
https://us.mydmgmori.com, we initially collect
the data
listed
below on the basis of applicable laws, e.g. our legitimate interest. This data is necessary to be able to
present
the
DMG MORI customer portal and to ensure its stability and security:
- (a)IP address;
- (b)date and time of the request;
- (c)time zone difference to the coordinated universal time (UTC
- (d)content of the request (specific page);
- (e)access status/HTTP status code;
- (f)data amount transmitted;
- (h)browser used;
- (i)operating system and its interface;
- (j)language and version of the browser software.
1.1.2
In addition to the data mentioned above, cookies are stored on your computer when you visit
our website.
Cookies are small text files which are stored on your hard disk assigned to the browser you are using and
through
which certain information flows to the location that sets the cookie (in this case by us). Cookies cannot
execute
programs or transfer viruses to your computer. They serve to make the Internet and our services more
user-friendly
and effective by allowing us to respond to you when you return to our services. Cookies are also used to
enhance
the secure use of our services.
1.1.3
Our website uses the following types of cookies:
- Transient cookies (see a)
- Persistent cookies (see b).
- (a)Transient cookies are automatically deleted when you close
the browser. This includes in particular
session cookies. These store a so-called session ID, with which various requests from your browser can be
assigned to the session. The session cookies are deleted when you log out or close the browser.
- (b)Persistent cookies are deleted after three months at the
latest. You can delete the cookies in the
security settings of your browser at any time.
- (c)You can configure your browser settings in accordance with
your wishes and, for example, refuse to
accept
cookies. However, we would like to make you aware that in this case you may not be able to use all
functions of
the DMG MORI customer portal.
- (d)We use cookies to identify you for subsequent visits, if
you have an account with us. Otherwise you
would
have to log in again each visit.
2.Processing of personal data for registration and conclusion of
the end user
contract
2.1
If you register or log in to the DMG MORI customer portal, we use your access data (e-mail
address
(myDMGMORI-ID) and password) to grant access to your user account and to manage it ("Mandatory Information").
Mandatory Information are required for the conclusion of the end user agreement which is provided to you and
which
you will have to accept upon registration. If you do not provide this data, you will not be able to create a
user
account, and accordingly you will not be able to avail of our services on the portal. In detail such data is:
- (a)personal master data (e.g. first and last name, business
address);
- (b)communication data (e.g. business telephone number and e-mail
address);
- (c)status data (e.g. customer number, company function, representation
authority);
- (d)first- and second name (if applicable), e-mail address of a person
with representation authority.
2.2
In addition, you may provide the following voluntary information as part of the registration
process:
- (a)title;
- (b)remarks.
2.3
We use the Mandatory Information to authenticate you when you log in and to respond to requests
to reset your
password. We process the data entered by you during registration or login (1) to verify your authorization to
manage the user account; (2) to enforce the terms of the end user agreement and any rights and obligations
associated therewith; and (3) to contact you in order to send you technical or legal notices, updates, security
messages or other messages concerning the management of the user account.
2.4
We use voluntary information to be able to address you (title) and to respond to your inquiry
(remarks)
adequately.
2.5
If you provide personal information that we have not requested (unsolicited information) you
thereby give
consent for use by DMG MORI to perform contractual obligations arising from the end user agreement, e.g.
performing service work. If we could not have solicited such personal information and if it is lawful and
reasonable to do so, we will destroy or de-identify the information.
2.6
The aforementioned data processing is lawful, inter alia, when (1) you have given express or
tacit consent,
(2) it is necessary for the fulfilment of a contract between you as the concerned party and us, (3) we have a
legitimate interest in ensuring the functionality and error-free operation of the DMG MORI customer portal,
which
outweighs your rights and interests in the protection of your personal data, (4) the data is anonymized, (5) the
processing is necessary to exercise rights in judicial, administrative, or arbitration proceedings, (6) the
processing is necessary for an emergency that threatens the life, health, or security of an individual, (7) the
processing is clearly in your interests and consent cannot be obtained in a timely way, or (8) otherwise
permitted
under applicable law or a resolution by a competent authority ("Justified"). We have a legitimate interest in
ensuring the functionality and error-free operation of the DMG MORI customer portal, which outweighs your rights
and interests in the protection of your personal data.
3.Processing of personal data by using the DMG MORI customer
portal via the website
3.1
After registration and the conclusion of the so-called end user agreement, you can use the DMG
MORI customer portal via our website,
https://us.mydmgmori.com After registration, you can, among other things,
manage your master data, review service reports and invoices, generate tickets for service calls, place, plan
and follow up orders, enter offers and participate in awarding processes, view manuals and circuit diagrams of
your machine tools or use the online shop of the
DMG MORI-Group for the purchase of spare parts and related
services. In order to be able to offer you these services, we process your data:
- (a)communication data (e.g. business telephone number and e-mail
address);
- (b)contract master data;
- (c)billing and payment data;
- (d)machine, customer and service history;
- (e)personal master data (e.g. first and last name, business
address);
- (f)planning data (for example, for service calls);
- (g)machine-related data (for example, IBN data, machine number, machine
type);
- (h)data of personnel belonging to the group or specified by you (if
applicable).
All data processing described above is Justified, in particular as (1) the processing is necessary for the
fulfilment of the contract between you as concerned person and us for the use of the DMG MORI customer portal,
or (2) we have a legitimate interest - outweighing your rights and interests – to offer you a functional,
error-free service that is in line with the market standard and your interests.
3.2
Integration of YouTube videos
3.2.1
We have integrated YouTube videos into our
DMG MORI customer portal, which are saved on
https://www.youtube.com and can be played directly from our
DMG MORI customer portal. These are integrated in
the "extended data protection mode", i.e. no data about you as a user is transferred to YouTube if you do not
play the videos. Only when playing the videos, the data referred to in sections 3.2.2 and 3.2.3 will be
transmitted. Such data transmission is not subject to any influence on part of us.
3.2.2
When playing the videos, YouTube receives the information that you have accessed the
corresponding subpage of our website. In addition, the data mentioned under section 3.2.3 of this privacy
information is transmitted irrespective of whether you are logged in through a YouTube user account or whether
no user account exists.
When playing the videos, YouTube receives the information that you have accessed the
corresponding subpage of our website. In addition, the data mentioned under section 3.2.3 of this privacy
information is transmitted irrespective of whether you are logged in through a YouTube user account or whether
no user account exists.
YouTube stores your data as user profiles and uses them for purposes of advertising, market
research and/or demand-oriented design of its website. Such an evaluation is also carried out for users who
are not logged in to provide tailored advertising. You have a right of objection to the creation of these user
profiles, but you must contact YouTube directly in order to exercise this right.
3.2.3
This use of YouTube and the associated data transmission are Justified. For further
information on the purpose and scope of data collection and its processing by YouTube, please see their
privacy policy. There you will also find further information on your rights and settings to protect your
privacy:
https://policies.google.com/privacy.
3.3
Links to third party websites
We link websites of other providers not affiliated with us (third parties), e.g. to our profiles
on social networks like LinkedIn, Xing, Twitter, YouTube, Instagram and Facebook. Please note that we have no
influence on which data is processed by these providers when you click on these links. Since the data processing
by third parties is beyond our control, we cannot take responsibility for this. For further information on the
processing of your data by these third parties, please refer to the privacy information of the respective
provider.
4.Passing on and transmission of data
4.1
If, in the course of our processing, we disclose data to other persons and companies (processors
or third parties), transmit or otherwise grant access to the data, this is only done on the basis of a legal
permission, consent, a legal obligation to do so or on the basis of our legitimate interests, or otherwise
Justified. In particular, we disclose personal information to third parties if it is necessary for the primary
purpose of collecting the information, or for a related secondary purpose, if the disclosure could be reasonably
expected. Where a disclosure to third parties is necessary, we will require that the third party undertake to
treat the personal information in accordance with all applicable privacy laws to which we are bound.
4.2
The data provided by you during registration will be passed on within the DMG MORI Group to the
extent necessary for internal administrative purposes in order to provide you the services, including joint
customer service.
4.3
If there are indications of unlawful or mal usage of the DMG MORI customer portal, and if
necessary for the clarification of such usage or for legal prosecution, personal data will be forwarded to law
enforcement or other authorities and affected third parties or legal advisors. A transmission might also take
place if it serves the enforcement of terms of use or other legal claims. We are also legally obliged to provide
information to certain public bodies upon request, such as criminal prosecution authorities, authorities that
pursue administrative offences including fines, and the tax authorities.
Any disclosure of personal data is lawful as (1) the processing is necessary for the fulfilment
of a legal obligation which we are obliged to fulfil, as (2) we have a legitimate interest in disclosing the
data to the aforementioned third parties if there are indications of misconduct or in order to enforce our terms
of use, other conditions or legal claims of third parties your rights and interests in the protection of your
personal data do not outweigh, or (3) otherwise Justified.
4.4
We are dependent for the provision of services in the DMG MORI customer portal on the services
of the following external companies and external service providers:
- (a)Orbis SE, Nell-Breuning-Allee 3-5, 66115 Saarbrücken, Germany
- (b)GoSe Consulting LLC, 1550 East Royall Place Unit 709, Milwaukee, Wisconsin 53202, United States (concept
and programming of serial interfaces);
- (c)diplexa GmbH, Osningstr. 25, 33605 Bielefeld, Germany (programming of serial interfaces);
- (d)Microsoft Ireland Operations Limited, The Atrium Building Block B, Carmanhall Road, Sandyford Business
Estate, Dublin 18, Ireland (Azure Cloud Hosting);
- (e)Google LLC, ABC-Strasse 19, 20354 Hamburg, Germany (Google Maps location indicator);
- (f)Userlane GmbH, Rosenheimer Strasse143c, 81671 Munich, Germany (User tours).
- (g)Americaneagle.com, 20 N Upper Wacker Drive, Chicago, Illinoi 60606, United States
- (h)Bigcommerce, Inc., 11305 Four Points Drive Building ll, First Floor, Austin, TX 78726, United States
Any disclosure of personal data is lawful as (1) we have a legitimate interest in disclosing the
data for administrative purposes within our group and your rights and interests in the protection of your
personal data do not outweigh, or (2) we have carefully selected our external companies and external service
providers as processors, re-examined them on a regular basis and contractually obliged them to process all
personal data exclusively in accordance with our instructions.
4.5
In the course of the further development of our business, the structure of our company may be
subject to change as regards legal form, the establishment, purchase or sale of subsidiaries, companies or parts
thereof. In such transactions, customer information may be transmitted along with the company to be transferred.
Whenever personal data is transferred to third parties to the extent described above, we safeguard that this is
done in accordance with this privacy policy and the applicable data protection law.
Any disclosure of personal data is lawful (1) as we have a legitimate interest in adapting our
corporate form to the economic and legal circumstances as required and as your rights and interests in the
protection of your personal data do not outweigh the protection of your privacy, or (2) as otherwise Justified.
5.Data security
5.1
Personal information we collect is securely stored within our databases. We have physical,
electronic and procedural safeguards in place for personal information and take reasonable steps to ensure that
your personal information is protected from misuse, interference, loss and unauthorized access, modification and
disclosure.
The steps we take to protect your personal information include the following:
- (a)access to data processing systems by unauthorized measures is protected by implementing access controls,
implementing security measures, maintaining authorizations and other relevant measures;
- (b)access to IT systems by unauthorized persons is protected by technical measures regarding user ID,
dedicated password protocols, information and data classification policies, secure deletion of data and other
relevant measures;
- (c)in relation to personnel who are authorized to access the data subject to their access authorization, we
implement access rights that are based on role requirements, dedicated authorization processes, information
and
data classification policies and other appropriate measures;
- (d)to ensure the adequate separation of data we implement physical separation of data based on the relevant
purpose of collection, separate processing of personal data dependent upon intended function, encryption of
personal data and other relevant measures;
- (e)we maintain the safety of personal data during electronic transmission by ensuring personal data can be
verified, implementing an information and data classification policy, maintaining e-mail encryption and other
relevant measures;
- (f)we maintain relevant systems and protocols that allow us to monitor access to personal data. We also
implement further measures to protect data from accidental destruction or loss;
- (g)we ensure business continuity by maintaining contingency plans in our data centers and reviewing our
recovery plans regularly; and
- (h)we have also implemented appropriate processes to respond to events and violations, including
notification. The implementation and effectiveness of incident management is reviewed at regular intervals as
part of internal audits and adjusted if necessary.
Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never
occur, we use all reasonable efforts to prevent it.
You should bear in mind that submission of information over the internet is never entirely
secure. We cannot guarantee the security of information you submit via our customer portal whilst it is in
transit over the internet and any such submission is at your own risk.
6.Data transfers to third countries
6.1
In addition to the data transmissions already described, the following applies: If the data is
transferred, stored or processed overseas/abroad, in particular on our servers in Germany or in another
countries of the European Union or the European Economic Area, or if this is done in the context of using the
services of third parties or the disclosure or transmission of data to third parties, this is only done in order
to fulfil our (pre-)contractual obligations, on the basis of consent, on the basis of a legal obligation, on the
basis of our legitimate interests, or if otherwise Justified.
Subject to legal or contractual permissions, we will only process the data in a country or
permit to be processed in a country if the special conditions are met. This means, for example, that the
processing is carried out on the basis of special guarantees, such as a legally compliant level of data
protection or in compliance with officially recognized special contractual obligations (so-called standard
contractual clauses).
7.Change of purpose
7.1
Processing of your personal data for purposes other than those described above will only be
carried out to the extent permitted by law or if you have consented to the changed purpose of the data
processing. In the event of further processing for purposes other than those for which the data was originally
collected, we will inform you of these other purposes before processing and provide you with all further
relevant information.
8.Period of data storage
8.1
Amendments We will use secure methods to delete or permanently de-identify your personal data
when it is no longer required for the purposes for which we have collected or used it in accordance with the
preceding paragraphs. As a standard procedure, we store your personal data for the duration of the end user
agreement relating to the
DMG MORI customer portal plus a period of 6 months, during which we keep backup copies
after deletion, provided that this data is no longer required for criminal prosecution or to secure, assert or
enforce legal claims.
Specific details in this data privacy policy or legal requirements for the storage and
deletion of personal data, in particular those which we must store for tax reasons, remain unaffected.
9.Your rights as a data subject
9.1
Right to information
You have the right to obtain from us, at any time and upon request, information on the personal
data processed by us and relating to you (in accordance applicable law). To do so, please contact us at the
addresses below. Please note that we may refuse access to the information in circumstances recognized under
applicable law, such as when (i) the information is inseparable from the personal information of other
individuals, (ii) the information is subject to attorney-client privilege, or (iii) the disclosure of the
information would reveal confidential commercial information.
9.2
Right to correct incorrect data
You have the right to ask us to correct any personal data concerning you without delay if it is
incomplete or inaccurate. To do so, please contact us at the addresses below.
9.3
Right to deletion
Under the conditions set forth in applicable law, you have the right to request us to delete the
personal data concerning you. These conditions provide in particular for a right of deletion if the personal
data is no longer necessary for the purposes for which they were collected or otherwise processed, as well as in
cases of unlawful processing, the existence of an objection or withdrawal of consent, or the existence of an
obligation to delete them. To exercise your right of deletion, please contact us at the addresses below.
9.4
Right to limit processing
You have the right to demand that we restrict processing in accordance with applicable law. This
right exists in particular if the accuracy of the personal data is disputed between the user and us, for the
period of time required to verify its accuracy, and in the event that the user requests limited processing
instead of deletion in the case of an existing right to deletion; also in the event that the data is no longer
required for the purposes pursued by us, but the user requires it for the assertion, exercise or defence of
legal claims, and if the successful exercise of an objection is still disputed between us and you. In order to
exercise your right to limit the processing, please contact us at the addresses below.
9.5
Right to data transferability
You have the right to receive from us the personal data concerning you that you have provided us
with in a structured, common, machine-readable format in accordance with applicable law. To exercise your right
to data transferability, please contact us at the contact addresses below.
9.6
Revocation of consent
If you have given us your consent to process your personal data, you can revoke this consent at
any time, free of charge and free of disadvantages and with effect for the future. This by e-mail to
disagree@dmgmori.com or by sending a message to the contact addresses given below. After revocation of your
consent, your personal data will no longer be used for the aforementioned purposes and - subject to permissible
processing for other purposes and compliance with applicable laws - will be deleted.
10.Right of objection
Furthermore, you have the right to object at any time, for reasons arising from your particular situation to the
processing of personal data relating to you (which is carried out in the public interest, or based on a balancing
of interests, all being justified by applicable law; this also applies to profiling. If you lodge an objection, we
will only process your personal data if we can prove that there are compelling legitimate reasons for doing so
which outweigh your interests, rights and freedoms or if the processing serves to assert, exercise or defend legal
claims, and if appliable law provides for such overriding processing.
11.Right of complaint
You also have the right, in accordance with applicable law, to lodge a complaint to a data protection supervisory
authority about the processing of your personal data by us.
12.Sensitive personal information
Unless we specifically request or invite it, we ask that you not send us, and you not disclose, any sensitive
personal information under applicable laws and regulations (e.g., credit or debit card number, with our without
any required security code, personal identification number, financial account number, driver’s license number,
government-issued identification card number, information related to racial or ethnic origin, political opinions,
religion or philosophical beliefs, health, sex life or sexual orientation, criminal background, or trade union
membership, or biometric or genetic data for the purpose of uniquely identifying an individual) on or through the
DMG MORI customer portal or otherwise to us. If you have accidentally sent or disclosed to us any sensitive
personal information, please contact us at request deletion of such information.
13.Your questions and comments, our data protection officer
If you have any questions or comments about our handling of your personal data or if you wish to exercise the
above rights as a data subject, please contact us.
14.Amendment of the data protection declaration
We always keep this privacy policy up to date. Therefore, we reserve the right to change it from time to time and
to update it if there are changes in the collection, processing, storage or use of your data. The current version
of the data protection declaration can always be found under "Data Protection" at https://us.mydmgmori.com.