Honda Research Institute Europe GmbH
The Honda Research Institute Europe GmbH (“Honda”, “we”, “us/our/our”) is the operator of this website. The purpose of this privacy notice is to inform you about the basis on which, and the purposes for which, we process personal data that we collect from you or that you provide to us. We would also like to inform you about your data protection rights, including your right to object to personal data processings carried out by Honda.
Supplementary data protection notices may apply to certain data processing operations. You will find some of them linked below.
- Privacy notice for users of this website
- Privacy notice for attendees of our videoconferences
- Privacy notice for video recordings of public space by our test vehicles
- Privacy notice for video recordings of public space for other research purposes
We may provide you with additional information when we collect personal data, where we think it would be helpful to provide relevant and timely information.
Please contact us if you have any questions, comments or concerns about this statement or our processing of your personal data.
1 General data protection notice
1.1 Who is responsible for data processing and whom can I contact?
Responsible in the meaning of the EU General Data Protection Regulation (GDPR) is:
Honda Research Institute Europe GmbH
You can reach our data protection officer (for the attention of the data protection officer) at the aforementioned contact details and by e-mail at firstname.lastname@example.org
1.2 Which data do we collect?
We process the following categories of personal data, among others:
- master data: name, address
- contact details: e.g. telephone number, e-mail address, any company affiliations
- contact preferences: e.g. preferred channel of contact
- inquiries: e.g. correspondence, contracts, order, meeting minutes
- financial and payment data: g. bank details, invoice addresses, payments
- application data: e.g. CV’s, references, covering letter, previous jobs and positions in other organisations, education, professional qualifications, reference contact information, position preferences, salary expectations, interests and aspirations, gender, marital status, age, information from publicly available sources such as professional social media networks
- any other information you share with us in the process and, where applicable, sensitive data such as origin, religion, health data and level of disability, criminal convictions, sanctions from regulatory or professional bodies
- device data: g. information about the end devices with which you visit our website, such
as the operating system used, browser type, language-set, IP address.
1.3 For what purposes do we collect, use and store this personal data?
We collect, use and store or process your personal data:
1.3.1 insofar as you have given us your consent (Art. 6 Para.1 lit.a GDPR)
- for example, certain digital services directed at guests, such as our visitor book
1.3.2 as far as necessary, for the fulfilment of (pre-)contractual measures (Art. 6 para.1 lit.b GDPR)
- processing your enquiries and contacting you in this regard, for example for specific, contractually binding offers
- to decide on the establishment of an employment relationship in the case of applications (the legal basis for this is Section 26 (1) BDSG). In particular, we process the data that you have sent us in connection with your application in order to check your suitability for the position (or, if applicable, other open positions in our companies) and to carry out the application procedure
- for example, to perform a service contract and billing, or to contact you for these purposes by mail, telephone, e-mail
1.3.3 as far as our legitimate interests or of third parties require it and are not overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data (Art. 6 para.1 lit.f GDPR)
- for purposes of maintenance, care and improvement of our IT systems and services, data protection control and data security
- to respond to other enquiries and complaints
- for internal administrative purposes
- to secure our premises by video surveillance
- photographing or filming events for the purposes of documentation and reporting as well as the possible publication of the recordings on our website, if applicable
- to detect, prevent or otherwise address fraud, security or technical issues
- to provide law enforcement authorities with the information necessary for prosecution in the event of a suspected criminal offence
- to protect and safeguard our legitimate business interests, business conditions and legal rights and obligations. This includes, but is not limited to, the use of any personal information in connection with compliance, regulatory, audit and legal claims (including the disclosure of such information in connection with legal proceedings or litigation)
1.3.4 in case necessary to comply with a legal obligation (Art. 6 para.1 lit.c GDPR)
- such as visitor registration in accordance with applicable Corona regulations
- for example, to store the data collected for the processing of the contract until the expiry of the statutory retention periods
1.4 Who receives your data?
1.4.1 Transfers to companies that provide services for us as processors
Your personal data is shared with companies that provide services on our behalf as instructed. These are companies in the categories of IT services, including software as a service provider, website hosts, video conferencing system providers and cloud service providers (Microsoft Corp.), document processing, data destruction, purchasing/procurement, printing services, telecommunications, billing.
1.4.2 Transfers to third parties
We will disclose your information to third parties if we are required to disclose your personal information by law or if we believe it is necessary to protect the rights, property or safety of us, our clients or third parties.
Transfers to public authorities and/or law enforcement agencies will be made where required by law or where necessary to protect our legitimate interests in accordance with applicable laws.
We will inform you separately about these transfers to third parties in accordance with Art. 13, 14 GDPR if necessary, for example in the context of a consent given to us.
1.4.3 Transfers to third countries
When you communicate with us via email, it is processed on cloud-based servers of our e-mail service provider Microsoft Corp. by our parent company Honda Motor Co, Ltd. This also applies to any files containing your personal data that we process in the linked cloud storage.
The transfer of personal data to so-called unsafe third countries outside the EEA cannot be ruled out. Such third countries do not have such a high level of data protection comparable to that of the EU.
With Microsoft Corp., we have therefore provided appropriate safeguards by means of standard contractual clauses adopted by the EU Commission as well as additional safeguards, which provide you with enforceable rights and effective remedies.
1.5 Is there an obligation for me to provide data?
Within the scope of our business relationship, you must provide the personal data that is required for its initiation, implementation and fulfilment of the associated contractual obligations or which we are legally obliged to collect. Without this data, we will usually have to refuse to conclude the contract or will no longer be able to perform an existing contract and may have to terminate it.
1.6 How long do we store your data?
As a matter of principle, we process and store personal data of the person concerned only as long as the purpose pursued requires it or is required by law. For example, retention periods under com-mercial and tax law may prevent deletion. The periods specified there for storage or documentation are up to ten years. If the purpose of storage no longer applies or if a legally prescribed storage period expires, the personal data will be routinely deleted in accordance with the statutory provisions, unless it is used as evidence.
We process applicant data for the duration of the application process. If your application was not successful, we store applicant data after notification of the rejection decision for as long as we need the data to clarify inquiries or disputes. As a rule, we delete your application data no later than 5 months after the end of the application process. If you have expressly consented that we should also consider your application in future job advertisements, your data may also be stored for a correspondingly longer period.
1.7 What data protection rights do you have?
Every person affected by our personal data processing has the right to information according to Article 15 of the GDPR, the right to correction according to Article 16 of the GDPR, the right to deletion according to Article 17 of the GDPR, the right to restriction of processing according to Article 18 of the GDPR, the right to object from Article 21 of the GDPR and the right to data portability from Article 20 of the GDPR. With regard to the right to information and the right to erasure, the restrictions pursuant to Sections 34 and 35 BDSG apply. In addition, you have the right to lodge a complaint with the supervisory authority for data protection, e.g. the data protection authority responsible for your place of residence, your workplace or for the location of the data protection breach. If you have any questions about this privacy notice or would like to contact us for any other reason regarding the processing of personal data, please contact us using the contact details provided at the beginning of this notice.
1.7.1 Information about your right to object according to Article 21 GDPR
188.8.131.52 Right to object on a case-by-case basis
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6(1)(e) or (f) GDPR (processing of data on the basis of a legal obligation or balancing of interests); this also applies, where applicable, to profiling based on this provision within the meaning of Article 4(4) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
184.108.40.206 Revocation of consent given
You may revoke any consent given to us at any time with effect for the future.
1.8 Updates to this privacy notice
This privacy notice may be updated periodically. We will update the date at the top of this Website accordingly and encourage you to check it for changes.
2 Supplementary privacy notice for users of this website
This separate privacy notice applies to users of this Website and supplements Honda’s general privacy notice above.
2.1 What additional data is collected, processed and shared with your use of this website?
2.1.1 Collection of usage and device data and processing in logfiles
On the basis of our legitimate interests (Art. 6 para. 1 lit.f GDPR) in the elimination of faults, the guarantee of system security and the detection and tracking of unauthorized access or access at- tempts, we collect data on every access to the server on which the website is located (so-called server logfiles). The access data includes the address of the website accessed. File, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the re- questing provider. Logfile information is stored for security reasons (e.g. to clarify acts of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is necessary for evidentiary purposes is excluded from deletion until the final clarification of the respective incident.
2.2 Links to third-party websites
Our website may contain links to third parties. Honda takes no responsibility for the content of websites linked to its website. When you visit a third-party website, it is your responsibility to ensure that you read the privacy notice and terms and conditions that apply to that website.
3 Supplementary privacy notice for attending videoconferencing by us
This separate privacy notice applies to users who attend videoconferences set up by us. It supplements Honda’s general privacy notice above
3.1 What additional data is collected, processed and shared with your use of our video conferencing software?
3.1.1 Processing of content, usage and device data
In addition to image and sound, the following data is typically processed: name and IP address of the participant, name of the room, data on the end device used. In addition, depending on the use, content from shared screens, chats, whiteboard contributions or status may be processed. Where applicable, telephone dial-in data may be processed: all voice communication as well as traffic data (phone number, dial-in number, PIN, call duration). In the event of technical errors, the error ID and the device data affected by it are also stored.
The storage period is 90 days.
During such a videoconference, all participants can see, read and hear data from screen shares, chats, videos, audios and whiteboard contributions.
By participating in videoconferences and activating your device camera, you agree to the processing of your data.
Please note that Microsoft may also transfer data to the USA if you use the Microsoft Teams Software.
3.2 Who receives your data?
3.2.1 Transfers to companies that provide services for us as processors
Your personal information is shared with companies that provide video conferencing systems on our behalf as instructed. The provider of our video conferencing system Microsoft Teams is Microsoft Corp.
3.2.2 Transfers to third countries
If you use our video conferencing service Microsoft Teams together with us, certain connection data will be processed on cloud-based servers of service provider Microsoft Corp.
The transfer of personal data to so-called unsafe third countries outside the EEA cannot be excluded. Such third countries do not have a high level of data protection comparable to that of the EU.
With Microsoft, we have therefore provided appropriate safeguards by means of standard contrac tual clauses issued by the EU commission as well as additional safeguards, which provide you with enforceable rights and effective legal remedies. Furthermore, we try to enable you to use such software in a data-saving manner (e.g. participation in a videoconference without registering your e-mail address in MS Teams).
4 Supplementary privacy notice on video recordings of public space by our test vehicles
This separate privacy notice applies to data subjects captured by video cameras in public spaces installed in our test vehicles.
This privacy notice supplements the above general data protection notice.
4.1 What personal data do we collect, for what purposes and on what legal basis?
As part of our legitimate interest in research and development, e.g. of driver assistance systems, we collect video footage of the vehicle environment of our test vehicles, for example in order to be able to compare this with the results of the sensors.
In the process
- vehicle registration
- land and buildings
are captured and recorded by the video cameras.
4.2 Who receives your data?
4.2.1 Other Honda companies
We may share some of your personally identifiable information with other Honda companies within the Honda Group for internal management purposes.
For the above purposes, your personal data may also be processed by Honda companies located in countries outside the European Union that do not have data protection laws comparable to those of the EU. In these cases, we base our data processing within the Honda group of companies on the so-called standard contractual clauses issued by the EU Commission, which provide you with enforceable rights and effective remedies, in addition to additional safeguards.
4.2.2 Service providers who support us
We may also disclose data to service providers used by us to fulfil the aforementioned purposes if they meet special confidentiality requirements and have been contractually obligated to do so. These are, for example, companies in the categories of maintenance and care of IT systems and suppliers. In all of the aforementioned cases, we ensure that the recipients only receive access to your personal data to the extent necessary for the provision of contractual services.
4.2.3 Transmissions to authorities
Personal data will be disclosed to public authorities and / or law enforcement agencies if required or required by law, or necessary to protect our legitimate interests in compliance with applicable laws.
4.3 How long do we store this data?
We process and store your personal data as long as it is necessary for the fulfilment of the afore-mentioned purpose, after which your data will be deleted or anonymised.
5 Supplementary data protection notice on video recordings of public spaces for other research purposes
This separate data protection notice applies to data subjects who have been recorded by our test set-ups with video cameras in public spaces as part of research projects. This data protection notice supplements the general data protection notice above. Video camera-based processing by our test vehicles is excluded from this. Information on this is provided in a data protection notice under point 4.
5.1 What personal data do we collect, for what purposes and on what legal basis?
Within the framework of our legitimate interest in research and development, we film the public space for certain research projects, for example in order to be able to evaluate the interaction of our test set-ups in it.
In the process
– vehicle registration plates
– land and buildings
be captured and recorded by the video cameras.
5.2 Who receives your data?
5.2.1 Other Honda companies
We share some of your personal data, if any, with other Honda companies within the Honda Group for internal management purposes.
For the above purposes, your personal data may also be processed by Honda companies located in countries outside the European Union that do not have data protection laws comparable to those in the EU. In these cases, we base our processing within the Honda group of companies on the so-called standard contractual clauses adopted by the EU Commission, which provide you with enforceable rights and effective remedies, in addition to additional safeguards.
5.2.2 Service providers who assist us
We may also disclose data to service providers we use to fulfil the above purposes if they meet specific confidentiality requirements and have been contractually obliged to do so. These are, for example, companies in the categories of maintenance and care of IT systems.
In all of the aforementioned cases, we ensure that the recipients only have access to your personal data to the extent necessary for the provision of contractual services.
5.2.3 Transfers to authorities
Personal data will be disclosed to public authorities and / or law enforcement agencies in exceptional cases if this is required or prescribed by law or is necessary to protect our legitimate interests in compliance with applicable laws.
5.2.4 How long do we store this data?
We process and store your personal data as long as it is necessary for the fulfilment of the aforementioned purposes, after which your data will be deleted or anonymised.