Privacy policy

The DMG MORI customer portal is provided by DMG MORI USA, INC., 2400 Huntington Blvd., Hoffman Estates, IL 60192 (hereinafter: "DMG MORI", "we" or "us") as the "controller", as the "body corporate", or as otherwise designated in a comparable role under other applicable laws and regulations.

The DMG MORI customer portal enables you to manage your DMG MORI machine tools and customer data and to communicate efficiently with us. The DMG MORI customer portal is available via our website at https://us.mydmgmori.com.

By using the DMG MORI customer portal, we process personal data. This includes all data relating to an identified or identifiable natural person. In the following, we would like to inform you which personal data we store or process when you use the DMG MORI customer portal and how we handle or with whom we share this data. In addition, we inform you about the measures we take to safeguard your personal information, about the legal basis of the processing to the extent required under applicable law, about our legitimate interests, as far as our legitimate interests serve as the legal basis for processing, about your rights as the person concerned, and finally about your contact persons in case of questions or grievances.

By using our Services, you understand and consent to us collecting and using your information as described in this Privacy Policy.

If you do not agree with our policies and practices, your choice is not to use the DMG MORI customer portal. By accessing or using the DMG MORI customer portal, you agree to this privacy policy. This policy may change from time to time. It is our policy to post any changes we make to our privacy policy on this page. Your continued use of the DMG MORI customer portal after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Our DMG MORI customer portal is not intended for children under 16 years of age. No one under age 16 may provide any information to the DMG MORI customer portal. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on the DMG MORI customer portal or register on the DMG MORI customer portal, or provide any information about yourself to us, including your name, address, telephone number, or email address. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us.

1.Information about the processing of your data

1.1
Processing of personal data when visiting our DMG MORI customer portal at https://us.mydmgmori.com.
1.1.1
When you visit the DMG MORI customer portal at https://us.mydmgmori.com, we initially collect the data listed below on the basis of applicable laws, e.g. our legitimate interest. This data is necessary to be able to present the DMG MORI customer portal and to ensure its stability and security:
  1. (a)IP address;
  2. (b)date and time of the request;
  3. (c)time zone difference to the coordinated universal time (UTC
  4. (d)content of the request (specific page);
  5. (e)access status/HTTP status code;
  6. (f)data amount transmitted;
  7. (h)browser used;
  8. (i)operating system and its interface;
  9. (j)language and version of the browser software.
1.1.2
In addition to the data mentioned above, cookies are stored on your computer when you visit our website. Cookies are small text files which are stored on your hard disk assigned to the browser you are using and through which certain information flows to the location that sets the cookie (in this case by us). Cookies cannot execute programs or transfer viruses to your computer. They serve to make the Internet and our services more user-friendly and effective by allowing us to respond to you when you return to our services. Cookies are also used to enhance the secure use of our services.
1.1.3

Our website uses the following types of cookies:

  • Transient cookies (see a)
  • Persistent cookies (see b).
  1. (a)Transient cookies are automatically deleted when you close the browser. This includes in particular session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the session. The session cookies are deleted when you log out or close the browser.
  2. (b)Persistent cookies are deleted after three months at the latest. You can delete the cookies in the security settings of your browser at any time.
  3. (c)You can configure your browser settings in accordance with your wishes and, for example, refuse to accept cookies. However, we would like to make you aware that in this case you may not be able to use all functions of the DMG MORI customer portal.
  4. (d)We use cookies to identify you for subsequent visits, if you have an account with us. Otherwise you would have to log in again each visit.

2.Processing of personal data for registration and conclusion of the end user contract

2.1
If you register or log in to the DMG MORI customer portal, we use your access data (e-mail address (myDMGMORI-ID) and password) to grant access to your user account and to manage it ("Mandatory Information"). Mandatory Information are required for the conclusion of the end user agreement which is provided to you and which you will have to accept upon registration. If you do not provide this data, you will not be able to create a user account, and accordingly you will not be able to avail of our services on the portal. In detail such data is:
  1. (a)personal master data (e.g. first and last name, business address);
  2. (b)communication data (e.g. business telephone number and e-mail address);
  3. (c)status data (e.g. customer number, company function, representation authority);
  4. (d)first- and second name (if applicable), e-mail address of a person with representation authority.
2.2
In addition, you may provide the following voluntary information as part of the registration process:
  1. (a)title;
  2. (b)remarks.
2.3
We use the Mandatory Information to authenticate you when you log in and to respond to requests to reset your password. We process the data entered by you during registration or login (1) to verify your authorization to manage the user account; (2) to enforce the terms of the end user agreement and any rights and obligations associated therewith; and (3) to contact you in order to send you technical or legal notices, updates, security messages or other messages concerning the management of the user account.
2.4
We use voluntary information to be able to address you (title) and to respond to your inquiry (remarks) adequately.
2.5
If you provide personal information that we have not requested (unsolicited information) you thereby give consent for use by DMG MORI to perform contractual obligations arising from the end user agreement, e.g. performing service work. If we could not have solicited such personal information and if it is lawful and reasonable to do so, we will destroy or de-identify the information.
2.6
The aforementioned data processing is lawful, inter alia, when (1) you have given express or tacit consent, (2) it is necessary for the fulfilment of a contract between you as the concerned party and us, (3) we have a legitimate interest in ensuring the functionality and error-free operation of the DMG MORI customer portal, which outweighs your rights and interests in the protection of your personal data, (4) the data is anonymized, (5) the processing is necessary to exercise rights in judicial, administrative, or arbitration proceedings, (6) the processing is necessary for an emergency that threatens the life, health, or security of an individual, (7) the processing is clearly in your interests and consent cannot be obtained in a timely way, or (8) otherwise permitted under applicable law or a resolution by a competent authority ("Justified"). We have a legitimate interest in ensuring the functionality and error-free operation of the DMG MORI customer portal, which outweighs your rights and interests in the protection of your personal data.

3.Processing of personal data by using the DMG MORI customer portal via the website

3.1
After registration and the conclusion of the so-called end user agreement, you can use the DMG MORI customer portal via our website, https://us.mydmgmori.com After registration, you can, among other things, manage your master data, review service reports and invoices, generate tickets for service calls, place, plan and follow up orders, enter offers and participate in awarding processes, view manuals and circuit diagrams of your machine tools or use the online shop of the DMG MORI-Group for the purchase of spare parts and related services. In order to be able to offer you these services, we process your data:
  1. (a)communication data (e.g. business telephone number and e-mail address);
  2. (b)contract master data;
  3. (c)billing and payment data;
  4. (d)machine, customer and service history;
  5. (e)personal master data (e.g. first and last name, business address);
  6. (f)planning data (for example, for service calls);
  7. (g)machine-related data (for example, IBN data, machine number, machine type);
  8. (h)data of personnel belonging to the group or specified by you (if applicable).
All data processing described above is Justified, in particular as (1) the processing is necessary for the fulfilment of the contract between you as concerned person and us for the use of the DMG MORI customer portal, or (2) we have a legitimate interest - outweighing your rights and interests – to offer you a functional, error-free service that is in line with the market standard and your interests.
3.2
Integration of YouTube videos
3.2.1
We have integrated YouTube videos into our DMG MORI customer portal, which are saved on https://www.youtube.com and can be played directly from our DMG MORI customer portal. These are integrated in the "extended data protection mode", i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when playing the videos, the data referred to in sections 3.2.2 and 3.2.3 will be transmitted. Such data transmission is not subject to any influence on part of us.
3.2.2
When playing the videos, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under section 3.2.3 of this privacy information is transmitted irrespective of whether you are logged in through a YouTube user account or whether no user account exists.
When playing the videos, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under section 3.2.3 of this privacy information is transmitted irrespective of whether you are logged in through a YouTube user account or whether no user account exists.
YouTube stores your data as user profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is also carried out for users who are not logged in to provide tailored advertising. You have a right of objection to the creation of these user profiles, but you must contact YouTube directly in order to exercise this right.
3.2.3
This use of YouTube and the associated data transmission are Justified. For further information on the purpose and scope of data collection and its processing by YouTube, please see their privacy policy. There you will also find further information on your rights and settings to protect your privacy: https://policies.google.com/privacy.
3.3
Links to third party websites
We link websites of other providers not affiliated with us (third parties), e.g. to our profiles on social networks like LinkedIn, Xing, Twitter, YouTube, Instagram and Facebook. Please note that we have no influence on which data is processed by these providers when you click on these links. Since the data processing by third parties is beyond our control, we cannot take responsibility for this. For further information on the processing of your data by these third parties, please refer to the privacy information of the respective provider.

4.Passing on and transmission of data

4.1
If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit or otherwise grant access to the data, this is only done on the basis of a legal permission, consent, a legal obligation to do so or on the basis of our legitimate interests, or otherwise Justified. In particular, we disclose personal information to third parties if it is necessary for the primary purpose of collecting the information, or for a related secondary purpose, if the disclosure could be reasonably expected. Where a disclosure to third parties is necessary, we will require that the third party undertake to treat the personal information in accordance with all applicable privacy laws to which we are bound.
4.2
The data provided by you during registration will be passed on within the DMG MORI Group to the extent necessary for internal administrative purposes in order to provide you the services, including joint customer service.
4.3
If there are indications of unlawful or mal usage of the DMG MORI customer portal, and if necessary for the clarification of such usage or for legal prosecution, personal data will be forwarded to law enforcement or other authorities and affected third parties or legal advisors. A transmission might also take place if it serves the enforcement of terms of use or other legal claims. We are also legally obliged to provide information to certain public bodies upon request, such as criminal prosecution authorities, authorities that pursue administrative offences including fines, and the tax authorities.
Any disclosure of personal data is lawful as (1) the processing is necessary for the fulfilment of a legal obligation which we are obliged to fulfil, as (2) we have a legitimate interest in disclosing the data to the aforementioned third parties if there are indications of misconduct or in order to enforce our terms of use, other conditions or legal claims of third parties your rights and interests in the protection of your personal data do not outweigh, or (3) otherwise Justified.
4.4
We are dependent for the provision of services in the DMG MORI customer portal on the services of the following external companies and external service providers:
  1. (a)Orbis SE, Nell-Breuning-Allee 3-5, 66115 Saarbrücken, Germany
  2. (b)GoSe Consulting LLC, 1550 East Royall Place Unit 709, Milwaukee, Wisconsin 53202, United States (concept and programming of serial interfaces);
  3. (c)diplexa GmbH, Osningstr. 25, 33605 Bielefeld, Germany (programming of serial interfaces);
  4. (d)Microsoft Ireland Operations Limited, The Atrium Building Block B, Carmanhall Road, Sandyford Business Estate, Dublin 18, Ireland (Azure Cloud Hosting);
  5. (e)Google LLC, ABC-Strasse 19, 20354 Hamburg, Germany (Google Maps location indicator);
  6. (f)Userlane GmbH, Rosenheimer Strasse143c, 81671 Munich, Germany (User tours).
  7. (g)Americaneagle.com, 20 N Upper Wacker Drive, Chicago, Illinoi 60606, United States
  8. (h)Bigcommerce, Inc., 11305 Four Points Drive Building ll, First Floor, Austin, TX 78726, United States
Any disclosure of personal data is lawful as (1) we have a legitimate interest in disclosing the data for administrative purposes within our group and your rights and interests in the protection of your personal data do not outweigh, or (2) we have carefully selected our external companies and external service providers as processors, re-examined them on a regular basis and contractually obliged them to process all personal data exclusively in accordance with our instructions.
4.5
In the course of the further development of our business, the structure of our company may be subject to change as regards legal form, the establishment, purchase or sale of subsidiaries, companies or parts thereof. In such transactions, customer information may be transmitted along with the company to be transferred. Whenever personal data is transferred to third parties to the extent described above, we safeguard that this is done in accordance with this privacy policy and the applicable data protection law.
Any disclosure of personal data is lawful (1) as we have a legitimate interest in adapting our corporate form to the economic and legal circumstances as required and as your rights and interests in the protection of your personal data do not outweigh the protection of your privacy, or (2) as otherwise Justified.

5.Data security

5.1
Personal information we collect is securely stored within our databases. We have physical, electronic and procedural safeguards in place for personal information and take reasonable steps to ensure that your personal information is protected from misuse, interference, loss and unauthorized access, modification and disclosure.
The steps we take to protect your personal information include the following:
  1. (a)access to data processing systems by unauthorized measures is protected by implementing access controls, implementing security measures, maintaining authorizations and other relevant measures;
  2. (b)access to IT systems by unauthorized persons is protected by technical measures regarding user ID, dedicated password protocols, information and data classification policies, secure deletion of data and other relevant measures;
  3. (c)in relation to personnel who are authorized to access the data subject to their access authorization, we implement access rights that are based on role requirements, dedicated authorization processes, information and data classification policies and other appropriate measures;
  4. (d)to ensure the adequate separation of data we implement physical separation of data based on the relevant purpose of collection, separate processing of personal data dependent upon intended function, encryption of personal data and other relevant measures;
  5. (e)we maintain the safety of personal data during electronic transmission by ensuring personal data can be verified, implementing an information and data classification policy, maintaining e-mail encryption and other relevant measures;
  6. (f)we maintain relevant systems and protocols that allow us to monitor access to personal data. We also implement further measures to protect data from accidental destruction or loss;
  7. (g)we ensure business continuity by maintaining contingency plans in our data centers and reviewing our recovery plans regularly; and
  8. (h)we have also implemented appropriate processes to respond to events and violations, including notification. The implementation and effectiveness of incident management is reviewed at regular intervals as part of internal audits and adjusted if necessary.
Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it.
You should bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via our customer portal whilst it is in transit over the internet and any such submission is at your own risk.

6.Data transfers to third countries

6.1
In addition to the data transmissions already described, the following applies: If the data is transferred, stored or processed overseas/abroad, in particular on our servers in Germany or in another countries of the European Union or the European Economic Area, or if this is done in the context of using the services of third parties or the disclosure or transmission of data to third parties, this is only done in order to fulfil our (pre-)contractual obligations, on the basis of consent, on the basis of a legal obligation, on the basis of our legitimate interests, or if otherwise Justified.
Subject to legal or contractual permissions, we will only process the data in a country or permit to be processed in a country if the special conditions are met. This means, for example, that the processing is carried out on the basis of special guarantees, such as a legally compliant level of data protection or in compliance with officially recognized special contractual obligations (so-called standard contractual clauses).

7.Change of purpose

7.1
Processing of your personal data for purposes other than those described above will only be carried out to the extent permitted by law or if you have consented to the changed purpose of the data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes before processing and provide you with all further relevant information.

8.Period of data storage

8.1
Amendments We will use secure methods to delete or permanently de-identify your personal data when it is no longer required for the purposes for which we have collected or used it in accordance with the preceding paragraphs. As a standard procedure, we store your personal data for the duration of the end user agreement relating to the DMG MORI customer portal plus a period of 6 months, during which we keep backup copies after deletion, provided that this data is no longer required for criminal prosecution or to secure, assert or enforce legal claims.
Specific details in this data privacy policy or legal requirements for the storage and deletion of personal data, in particular those which we must store for tax reasons, remain unaffected.

9.Your rights as a data subject

9.1
Right to information
You have the right to obtain from us, at any time and upon request, information on the personal data processed by us and relating to you (in accordance applicable law). To do so, please contact us at the addresses below. Please note that we may refuse access to the information in circumstances recognized under applicable law, such as when (i) the information is inseparable from the personal information of other individuals, (ii) the information is subject to attorney-client privilege, or (iii) the disclosure of the information would reveal confidential commercial information.
9.2
Right to correct incorrect data
You have the right to ask us to correct any personal data concerning you without delay if it is incomplete or inaccurate. To do so, please contact us at the addresses below.
9.3
Right to deletion
Under the conditions set forth in applicable law, you have the right to request us to delete the personal data concerning you. These conditions provide in particular for a right of deletion if the personal data is no longer necessary for the purposes for which they were collected or otherwise processed, as well as in cases of unlawful processing, the existence of an objection or withdrawal of consent, or the existence of an obligation to delete them. To exercise your right of deletion, please contact us at the addresses below.
9.4
Right to limit processing
You have the right to demand that we restrict processing in accordance with applicable law. This right exists in particular if the accuracy of the personal data is disputed between the user and us, for the period of time required to verify its accuracy, and in the event that the user requests limited processing instead of deletion in the case of an existing right to deletion; also in the event that the data is no longer required for the purposes pursued by us, but the user requires it for the assertion, exercise or defence of legal claims, and if the successful exercise of an objection is still disputed between us and you. In order to exercise your right to limit the processing, please contact us at the addresses below.
9.5
Right to data transferability
You have the right to receive from us the personal data concerning you that you have provided us with in a structured, common, machine-readable format in accordance with applicable law. To exercise your right to data transferability, please contact us at the contact addresses below.
9.6
Revocation of consent
If you have given us your consent to process your personal data, you can revoke this consent at any time, free of charge and free of disadvantages and with effect for the future. This by e-mail to disagree@dmgmori.com or by sending a message to the contact addresses given below. After revocation of your consent, your personal data will no longer be used for the aforementioned purposes and - subject to permissible processing for other purposes and compliance with applicable laws - will be deleted.

10.Right of objection

Furthermore, you have the right to object at any time, for reasons arising from your particular situation to the processing of personal data relating to you (which is carried out in the public interest, or based on a balancing of interests, all being justified by applicable law; this also applies to profiling. If you lodge an objection, we will only process your personal data if we can prove that there are compelling legitimate reasons for doing so which outweigh your interests, rights and freedoms or if the processing serves to assert, exercise or defend legal claims, and if appliable law provides for such overriding processing.

11.Right of complaint

You also have the right, in accordance with applicable law, to lodge a complaint to a data protection supervisory authority about the processing of your personal data by us.

12.Sensitive personal information

Unless we specifically request or invite it, we ask that you not send us, and you not disclose, any sensitive personal information under applicable laws and regulations (e.g., credit or debit card number, with our without any required security code, personal identification number, financial account number, driver’s license number, government-issued identification card number, information related to racial or ethnic origin, political opinions, religion or philosophical beliefs, health, sex life or sexual orientation, criminal background, or trade union membership, or biometric or genetic data for the purpose of uniquely identifying an individual) on or through the DMG MORI customer portal or otherwise to us. If you have accidentally sent or disclosed to us any sensitive personal information, please contact us at request deletion of such information.

13.Your questions and comments, our data protection officer

If you have any questions or comments about our handling of your personal data or if you wish to exercise the above rights as a data subject, please contact us.

14.Amendment of the data protection declaration

We always keep this privacy policy up to date. Therefore, we reserve the right to change it from time to time and to update it if there are changes in the collection, processing, storage or use of your data. The current version of the data protection declaration can always be found under "Data Protection" at https://us.mydmgmori.com.