Privacy Policy ams

ams values your right to privacy highly. The information you entrust to us will be treated responsibly and consistent with the uses we define when we ask for it and those which you consent.

1. Definitions

The data protection declaration of ams-OSRAM AG is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners.


2. Name and Address of the controller

Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

Tobelbader Strasse 30
8141 Premstaetten

Any data subject may, at any time, contact our Data Protection Officer via email directly with all questions and suggestions concerning data protection.


3. Cookies

The Internet pages of ams-OSRAM AG use cookies. Through the use of cookies, ams-OSRAM AG can provide the users of this website with more user-friendly services that would not be possible without the cookie setting.

You can find further information in our Cookie Policy.

It also describes how you can object to the use of cookies and use of the data collected by cookies in anonymized or pseudonymized user profiles.


4. Collection of general data and information

The website of ams-OSRAM AG collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be

  1. the browser types and versions used,
  2. the operating system used by the accessing system,
  3. the website from which an accessing system reaches our website (so-called referrers),
  4. the sub-websites,
  5. the date and time of access to the Internet site,
  6. an Internet protocol address (IP address),
  7.  the Internet service provider of the accessing system, and
  8. any other similar data and information that may be used in the event of attacks on our information technology systems.


When using these general data and information, ams-OSRAM AG does not draw any conclusions about the data subject. Rather, this information is needed to

  1. deliver the content of our website correctly,
  2. optimize the content of our website
  3. ensure the long-term viability of our information technology systems and website technology, and
  4. provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack.

Therefore, ams-OSRAM AG analyzes anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

If you decide to contact us via the options provided on the website, we will store your details so that we can refer to them when processing and responding to your inquiry. We do not pass this data on to third parties. Once the purpose for which the details have been collected no longer applies, we will erase the data.

Please be aware that this website may contain links to other sites that are not governed by this policy. Please review the privacy policy of each website visited before disclosing any personal information.


5. Registration on our website

The data subject has the possibility to register on the website of the controller with the indication of personal data. Which personal data are transmitted to the controller is determined by the respective input mask used for the registration. The personal data entered by the data subject are collected and stored exclusively for internal use by the controller, and for his own purposes. The controller may request transfer to one or more processors (e.g. a parcel service) that also uses personal data for an internal purpose which is attributable to the controller.

By registering on the website of the controller, the IP address—assigned by the Internet service provider (ISP) and used by the data subject—date, and time of the registration are also stored. The storage of this data takes place against the background that this is the only way to prevent the misuse of our services, and, if necessary, to make it possible to investigate committed offenses. Insofar, the storage of this data is necessary to secure the controller. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.

The registration of the data subject, with the voluntary indication of personal data, is intended to enable the controller to offer the data subject contents or services that may only be offered to registered users due to the nature of the matter in question. Registered persons are free to change the personal data specified during the registration at any time, or to have them completely deleted from the data stock of the controller.

The data controller shall, at any time, provide information upon request to each data subject as to what personal data are stored about the data subject. In addition, the data controller shall correct or erase personal data at the request or indication of the data subject, insofar as there are no statutory storage obligations. 


6. Subscription to our newsletter

On the website of ams-OSRAM AG, users are given the opportunity to subscribe to our enterprise's newsletter. The input mask used for this purpose determines what personal data are transmitted, as well as when the newsletter is ordered from the controller.

ams-OSRAM AG informs its customers and business partners regularly by means of a newsletter about enterprise offers. The enterprise's newsletter may only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers for the newsletter shipping. A confirmation e-mail will be sent to the e-mail address registered by a data subject for the first time for newsletter shipping, for legal reasons, in the double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address as the data subject is authorized to receive the newsletter.

During the registration for the newsletter, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the data subject at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of a data subject at a later date, and it therefore serves the aim of the legal protection of the controller.

The personal data collected as part of a registration for the newsletter will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by e-mail, as long as this is necessary for the operation of the newsletter service or a registration in question, as this could be the case in the event of modifications to the newsletter offer, or in the event of a change in technical circumstances. There will be no transfer of personal data collected by the newsletter service to third parties. The subscription to our newsletter may be terminated by the data subject at any time. The consent to the storage of personal data, which the data subject has given for shipping the newsletter, may be revoked at any time. For the purpose of revocation of consent, a corresponding link is found in each newsletter. It is also possible to unsubscribe from the newsletter at any time directly on the website of the controller, or to communicate this to the controller in a different way.


7. Newsletter tracking

The newsletter of ams-OSRAM AG contains so-called tracking pixels. A tracking pixel is a miniature graphic embedded in such e-mails, which are sent in HTML format to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, ams-OSRAM AG may see if and when an e-mail was opened by a data subject, and which links in the e-mail were called up by data subjects. Each user has to give his consent to the use of this tracking pixels.   

Such personal data collected in the tracking pixels contained in the newsletters are stored and analyzed by the controller in order to optimize the shipping of the newsletter, as well as to adapt the content of future newsletters even better to the interests of the data subject. These personal data will not be passed on to third parties. Data subjects are at any time entitled to revoke the respective separate declaration of consent issued by means of the double-opt-in procedure. After a revocation, these personal data will be deleted by the controller. ams-OSRAM AG automatically regards a withdrawal from the receipt of the newsletter as a revocation.


8. Contact possibility via website

The ams-OSRAM AG website contains information that enables an electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.


9. Rights of the data subject

a) Right of confirmation

b) Right of access

c) Right to rectification

d) Right to erasure (Right to be forgotten)

e) Right of restriction of processing

f) Right to data portability

g) Right to object

h) Right to withdraw data protection consent


10. Data protection provisions about the application and use of Social Media

ams may use social media sites such as Facebook, LinkedIn and Twitter. If you use these services, you should review their privacy policy for more information on how they deal with your personal information.

US providers

Various cookies on our websites are operated by Google LLC and YouTube LLC, which process data in the USA. (Google Analytics, Google AdWords). By agreeing to the use of cookies from these providers, you consent to the processing of your data in the USA (Art 49(1) (a) GDPR). USA is not certified by the ECJ as having an adequate level of data protection (C-311/18, Schrems II). Access by US authorities to this data is not limited by law to a mandatory level. Moreover, no judicial authorization is required for such access, and EU citizens have no effective legal remedy against such access.


Within our online offer, the so-called "Facebook pixel" of the social network Facebook is used, which is operated by Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are a resident of the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook").

With the Facebook pixel, Facebook is able to determine you as a visitor to our online offering as a target group for the placement of ads (so-called "Facebook Ads"). We will inform you before you call up a website if it contains Facebook Pixel functions. If you call up the corresponding website after receiving this information, a connection to Facebook will be established. 

We use the Facebook pixel to display the Facebook ads we place only to those Facebook users who have also shown interest in our online offering or who have certain characteristics (e.g. interest in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called "Custom Audiences"). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of users and are not disruptive. The Facebook pixel also allows us to track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users are redirected to our website after clicking on a Facebook ad (so-called "conversion").

The processing of data by Facebook takes place within the framework of Facebook's data usage guidelines.

Joint processing of personal data (Joint-Controller Agreement)

In order to meet the requirements of the DSGVO, Facebook describes here that the respective page operator, in our case ams-OSRAM AG, is jointly responsible with Facebook Ireland. Furthermore, it is confirmed that Facebook Ireland assumes primary responsibility for data processing in accordance with the DSGVO and also takes care of the rights of the data subjects. ams has taken note of the information regarding this agreement and has made it part of the contract between ams and Facebook. 

The responsibility of ams-OSRAM AG is limited to the collection of the relevant data and its disclosure by way of transmission (see also ECJ judgment, ref.: C-40/17 "FashionID").

Objection to Facebook

Settings and objections against the use of data for advertising purposes are possible in the Facebook profile settings.


11. Legal basis for the processing

Art. 6 (1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Article 6(1) lit. b GDPR. The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services. Is our company subject to a legal obligation by which processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1) lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured in our company and his name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6(1) lit. d GDPR. Finally, processing operations could be based on Article 6(1) lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47 Sentence 2 GDPR).


12. The legitimate interests pursued by the controller or by a third party

Where the processing of personal data is based on Article 6(1) lit. f GDPR our legitimate interest is to carry out our business in favor of the well-being of all our employees and the shareholders.


13. Period for which the personal data will be stored

The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract or the initiation of a contract.


14. Existence of automated decision-making

As a responsible company, we do not use automatic decision-making or profiling.

Any data subject may, at any time, contact our Data Protection Officer via email directly with all questions and suggestions concerning data protection.

Join our Newsletter