HENSOLDT Holding Germany GmbH and its subsidiaries (“HENSOLDT” or “HENSOLDT Group”) appreciate your interest in our products and services and your visit to our website. Your privacy is important to us, and we are committed to respect and protect your privacy to make you feel comfortable when visiting our website. Our Policy for Personal Data Protection covers also the processing of customer and partner data and applies for HENSOLDT as a whole. Our website may include links to other websites which are not covered by this Data Privacy Statement.
This Data Privacy Statement serves to inform you about how we process and secure your personal data subject to the EU General Data Protection Regulation (GDPR) and the new German Federal Data Protection Act (Bundesdatenschutzgesetz).
The data protection declaration of HENSOLDT is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be easy to read and understand for the general public as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.
In this data protection declaration, we use, inter alia, the following terms:
a) Personal data
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
Data subject means any identified or identifiable natural person whose personal data is processed by the controller responsible for processing.
Processing means any operation or set of operations which is performed for personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or other data provision, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data will not be attributed to an identified or identifiable natural person.
g) Controller or controller responsible for processing
Controller or controller responsible for processing means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency or another body, to which the personal data is disclosed, whether a third party or not. However, public authorities which may receive personal data in the context of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of that data by those public authorities shall be in compliance with the applicable data protection rules depending on the purposes of processing.
j) Third party
Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, is authorised to process personal data.
Consent of the data subject means any freely given, specific and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signals his or her agreement to the processing of personal data relating to him or her while being fully informed of all aspects.
2. Name and address of the controller and data protection officer
The operator of our website (and controller of your personal data) is:
Hensoldt Holding Germany GmbH
DE- 82024 Taufkirchen
Phone: +49 (0)89 - 51518 - 0
Should you have any questions regarding the processing of your personal data or this Data Privacy Statement, you can contact our Data Protection Officer.
HENSOLDT Data Protection Officer
Graf-von-Soden Strasse 1
3. Collection and processing of personal data
If you use the HENSOLDT e-Recruiting tool to create a CV in order to put in the jobseekers’ CV database, we will process, for example, your name, telephone number, email address and other personal information provided in your CV based on your consent (Art. 6 para. 1 lit. a) GDPR). We strongly suggest that your CV should not contain any data relating to your (i) racial or ethnic origin, (ii) political beliefs, (iii) philosophical or religious beliefs, (iv) membership of a trade union or political party, (v) physical or mental health or sexual life or (vi) the commission of criminal offences or proceedings. If your CV does contain such data, then you agree that we may retain this information and use it in accordance with your consent.
If you decide to contact us via email or by using our contact form provided on our website, any personal data you insert in the correspondence will be collected, such as name, email address, contact details etc. based on the performance of, or entering into a contract (Art. 6 para. 1 lit. b) GDPR), or our legitimate interests (Art. 6 para. 1 lit. f) GDPR), depending on the reason of your inquiry.
4. Use and disclosure of personal data and specification of the purpose
HENSOLDT will use your personal data for the technical operation of the website, customer relation management, potential product surveys and for marketing purposes and only to the extent necessary in each specific case.
HENSOLDT will further use your personal data for the purposes of administrating and managing your registration, responding to any queries you may have, operating and improving the website, fostering a positive user experience, contacting you and responding to your inquiries, including on our products and services and to your job application, as well as sending you an e-mail or other communications regarding updates on the website, such as new opportunities and additional listings which may be of interest to you.
We will disclose your personal data to third parties including governmental authorities only where required or permitted by law. Our employees, agencies and retailers are obliged to respect confidentiality and to observe secrecy.
5. Contact possibility via the website
HENSOLDT’s website contains information that enables a quick electronic contact to our enterprise as well as direct communication with us, including via email. If you contact us via e-mail [or via our website’s contact form], the personal data you transmitted will be stored for a period of not more than  months. Your personal data will be processed for contacting you and responding to your inquiries. If your inquiry is concerned to another entity of the HENSOLDT Group, we will forward your request to that entity. Legal basis for the data processing is Art. 6 para. 1 lit. b) GDPR or, alternatively, Art. 6 para. 1 lit. f) GDPR (if the request is not related to the performance of a contract or entering into a contract with the Controller).
6. Data storage and erasure
We process and store your personal data only for the period necessary and we routinely block or erase your personal data in accordance with legal requirements.
HENSOLDT uses technical and organizational security measures to protect your personal data against accidental or intentional manipulation, loss, destruction and against access by unauthorized persons. We continuously enhance our security procedures as new technology becomes available.
However, internet-based data transmission may in principle be not entirely secure which is why absolute protection may not be guaranteed. For this reason, you should always use caution when transmitting personal data via the internet.
Most browsers automatically accept cookies, but you can prevent cookies from being stored on your hard drive by setting your browser to not accept cookies. The exact instructions can be found in the manual for your browser. You can delete cookies already on your hard drive at any time. However, if you choose not to accept cookies, this may result in a reduced availability and functionality of our website.
An opt-out cookie will be set on the computer, which prevents the future collection of your data when visiting this website: Disable Google Analytics
Further information concerning the terms and conditions of use and data privacy can be found at http://www.google.com/analytics/terms/gb.html or at https://www.google.de/intl/en_uk/policies/ or https://support.google.com/analytics/answer/6004245?hl=en. Please note that at this website, Google Analytics code is supplemented by “anonymizelp” to ensure an anonymized collection of IP addresses (so-called IP masking).
10. Your Rights
You have the right to receive information about your personal data and to require rectification or erasure of your personal data or restriction of processing to the extent permitted by applicable law. You have the right to object to any of the data processing outlined below under section 4. and to receive your personal data in a structured, commonly used and machine-readable format (data portability) in accordance with applicable law. You are also entitled to lodge a complaint with a supervisory authority. Where the data processing is based on your consent, you have the right to withdraw your consent at any time by contacting us our Data Protection Officer (firstname.lastname@example.org).