Privacy Policy

Privacy Notice for mtu Go

Last amended: July 2024

This notice is to inform you as the User of how Rolls-Royce Power Systems AG, located at Maybachplatz 1, 88045 Friedrichshafen (hereinafter “RRPS”, “we” or “us”) collects and processes your personal data in connection with the system monitoring Service “mtu Go”. This Privacy Policy shall also apply to included functional modules that can be accessed through “mtu Go”.

The application “mtu Go” is web-based Software Product that is connected to a cloud platform in the background. The application is under continuous development and improvement; therefore, these terms of use also apply to additional modules, even if not mentioned explicitly in this introduction. Unless stated otherwise, the wording of Application always includes “mtu Go” with all included modules.

The Services require a registration; therefore, it is not possible to use the Services anonymously.

    1. Controller
  1. Controller

    2. The Controller in the sense of Art. 4 (7) General Data Protection Regulation ((EU) 2016/679) is Rolls-Royce Solutions GmbH, located at Maybachplatz 1, 88045 Friedrichshafen.

    Email Contact: info@ps.rolls-royce.com

    2. Contact
  2. Contact

    3. Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to:


    Rolls-Royce Solutions GmbH
    Maybachplatz 1
    88045 Friedrichshafen
    Germany

    Contact Group Data Protection Officer:
    Tel.: +49 7541 9091
    Email Contact: dataprotection@ps.rolls-royce.com

    3. Collection and processing of personal data
  3. Collection and processing of personal data
    1. Purposes of Processing and Legal Basis for the Processing

      2. We process your personal data for the following purposes, based on the legal bases listed:

      1. Provision of the Services; for details see the Terms of Use.

        2. (Legal basis: Performance of a contract, for the App also consent for the processing of access to the User's address book, location data, pictures and for sending push notifications)

      2. For security and operating reasons, log files are created. These files contain technical information to operate the system and allow proper trouble shooting. This data contains also the anonymous User-ID..

        3. (Legal basis: Legitimate interest in complying with security obligations and preventing/ pursuing unlawful attacks)

      3. For analysis of how the services are used in order to improve its functionalities and enhance user-friendliness (statistics only).

        4. (Legal basis: Legitimate interests in processing anonymized data for statistical purposes)

    2. Registration

      3. In case you wish to use the Services, we will ask you to register. Within the scope of registering, we collect personal data necessary to execute of the contract (e.g., first and last name, company email address, company mobile phone number, company name and address) as well as, if applicable, further data on a voluntary basis. Mandatory fields are labeled with an *.

    3. Use of the Services

      4. If you use the Services you may provide us with further information (amongst other things, technical information about assets, alarms, operating hours on an engine, pictures of the asset, notes) in order to make use of the functionalities of the Services. The legal basis for this to provide you with the expressly requested service is § 25 para. 2 no. 2 of the Telecommunications and Telemedia Data Protection Act (TTDSG).

    4. Feedback

      5. At any time a User may choose to submit feedback or suggestions within mtu Go regarding the products and services experiences, including potential improvements or changes. From time to time, RRPS may ask a User to provide feedback to RRPS via survey or in any other way. Such feedback is voluntarily and is not considered to be confidential information. All feedback provided by any User is provided “AS IS” and without any warranty or representation of any kind. Nothing in these Terms of Use limits RRPS’s right to independently use, copy, disclose, distribute, evaluate and exploit any feedback or develop and market products or services based on such feedback free of charge and without any obligation to any User.

    5. Data Transfer to Third Parties, Service Providers

      6. Data Transfer to Third Parties

      Your personal data will generally only be transferred to third parties as far as this is necessary to execute of the contract, if we or the third party have legitimate interests in transferring or if you have consented to this. If data is transferred to third parties based on legitimate interests, this will be explained in this privacy notice. Beyond or in addition to this, data may be transferred to third parties as far as we are obligated to do so under statutory provisions, or an enforceable decision made by an authority or a court.

      Service Providers

      We reserve the right to use service providers in processing data. Service providers are only given personal data that is necessary for their concrete task. Service providers are mostly involved as so-called processors which may only process users' personal data based on our instructions.

      The following categories of service providers are used:

      • 3rd party identity provider (These are not processors but independent controllers. If you log in with your LinkedIn, Google or Microsoft account, the privacy policy of the respective provider applies.)
      • Cloud provider
      • 3rd party developers
      • Survey provider
    6. Data Transfer to Non-EEA Countries

      7. In the context of mtu Go, your personal data may be transferred or disclosed to third party companies. These may also be located outside the European Economic Area (EEA), i.e. in third countries. Such processing will only take place on the basis of your consent or to provide the service.

      The European Commission certifies data protection comparable to the EEA standard in some third countries by means of so-called adequacy decisions (a list of these countries and a copy of the adequacy decisions can be obtained here: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en). However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. Where this is the case, we ensure that data protection is sufficiently guaranteed. We generally use the standard contractual clauses of the European Commission and, if necessary, take further measures to protect your personal data.

    4. Information for the Platform
  4. Information for the Platform
    1. Log Files

      2. Every time you use the internet via your internet browser, your internet browser automatically transmits certain information which is then saved by us in log files. We save log files for the purposes of determining disruptions and for security reasons (e.g., to elucidate attack attempts).

      Log files contain especially following information:

      • Browser type
      • IP address
      • Start application
      • Call page and dwell time
      • Loading times

      We also use some of the above listed data (but not the full IP address) for web analysis purposes.

    2. Cookies

      3. The Service uses cookies. Cookies are small text files that are saved on your terminal device. In case you access the Service at another time, your browser sends the cookies' content back to us and, thus, allows the re-identification of your terminal device. Cookies allow us to enhance the security and user- friendliness of this Platform and make it easier for you to use the Service.

      In case you decide to block cookies, an opt-out cookie is set in your browser. This cookie exclusively serves the purpose of assigning your objection. Deactivating cookies may disable individual functions of the Platform. Please note that an opt- out cookie may, for technical reasons, only be set for the browser that was used to set it. In case you delete cookies or use a different browser or a different terminal device, you must opt-out again.

      Your browser also allows you to delete all cookies at all times. To do so, please consult your browser's help functions. Deleting cookies may also disable individual functions of this Platform.

      Overview of cookies used by us:

      • Absolutely necessary cookies. Certain cookies are necessary so we can securely render our Online Offers. The legal basis for cookies that are absolutely necessary to provide you with the expressly requested service is § 25 para. 2 no. 2 TTDSG. This category includes, e.g.,
        • Cookies that identify or authenticate our users;
        • Cookies that temporarily save certain user input (e.g., content of an online form);
        • Cookies that store certain user preferences (e.g., language settings);
    5. Duration of Storage; Retention Periods
  5. Duration of Storage; Retention Periods

    6. We store your data as long as it is necessary to provide our online offer and the services connected with it, as long as it is technically required or as long as we have a legitimate interest in continued storage. In all other cases, we delete your personal data with the exception of such data that we are required to retain for the purpose of contractual or statutory (e.g., taxation or commercial law) retention periods (e.g., invoices). At this point, contractual retention periods may also result from contracts with third parties (e.g., those holding copyrights or IP rights).

    Data that is only retained because it is subject to a retention period is restricted from processing until the period expires and will then be deleted.

    6. Your rights
  6. Your rights

    7. Data subjects have the following rights:

    • the right to information
    • the right to correction or erasure
    • the right to restriction of processing
    • the right to object to processing
    • the right to data portability
    • Data subjects may object to the processing of data for reasons arising from their particular situation if such data processing is being carried out on the basis of our legitimate interests. Should such data processing take place for the purpose of direct marketing, an objection thereto may be raised at any time with effect for the future.

    In case you consented to the processing of your data, you can withdraw this consent at any time. The lawfulness of processing based on consent before its withdrawal remains unaffected.

    To enforce your rights, please use the details provided in the contact section. When doing so, please ensure that it is possible to clearly and unambiguously identify you.

    7. Right to complain with a supervisory authority
  7. Right to complain with a supervisory authority

    8. You have the right to file a complaint with a data protection authority. You can appeal, i.a., to the data protection authority, which is competent for your place of residence or your state or to the data protection authority which is competent for us.

    Competent for Germany is:
    Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg

    Postfach 10 29 32
    70025 Stuttgart
    Tel.: 0711/615541-0
    Fax: 0711/615541-15
    Email: poststelle@lfdi.bwl.de (mailto:poststelle@lfdi.bwl.de)

    For usage in all other countries please refer to the designated data protection authority

    8. Data security
  8. Data security

    9. We undertake all necessary technical measures to ensure security of personal data:

    1. To protect your personal data from risks during transfer and from falling into the hands of third parties. These are each maintained at state-of-the-art levels.
    2. Data traffic between mtu Go Platform and RRPS’s corporate network (back-end) system is encrypted.
    9. Changes to our privacy policy
  9. Changes to our privacy policy

    10. Any changes we may make to our privacy policy in the future will be published on the mtu Go Platform.

Privacy policy Terms of use Imprint