Privacy Policy

Data Privacy Notice

Rolls-Royce Power Systems AG (“RRPS”) is pleased to welcome you to our websites and appreciates your interest in our company and its products and services. In addition to Rolls-Royce products, our portfolio also includes products marketed under the brand name mtu   – a Rolls-Royce Solution (Rolls-Royce Solutions GmbH , hereinafter “mtu”).

This data privacy notice is to inform you of the way we will handle your personal data. It sets out how personal data is processed in the context of communications both via our websites and away from our websites, for example in the way contracts are executed.

1. Controller

Rolls-Royce Power Systems AG (“RRPS”) processes your personal data in its capacity as controller.  

Contact details: Rolls-Royce Power Systems AG, Maybachplatz 1, 88045 Friedrichshafen, Germany  
E-mail:  info@ps.rolls-royce.com

Represented by the Board of Management:

Dr. Jörg Stratmann, Chairman
Dr. Thelse Godewerth, CPO
Dr. Andreas Strecker, CFO

Register Court Ulm HRB 721 056
VAT registration number DE 253916018

2. Data Protection Officer

Contact details of our Group Data Protection Officer:

Rolls-Royce Power Systems AG, Maybachplatz 1, 88045 Friedrichshafen, Germany
E-mail:  dataprotection@ps.rolls-royce.com
Phone: +49-7541-9091

3. Visiting our websites

When you visit our websites without actively contacting us, all instances of access are recorded in a log file on our web servers. The following data is captured: IP address of your client, date and time of access, name and URL of the file retrieved, pages visited, amount of data transferred, whether the retrieval was successful, video/audio viewed or listened to, clicks on individual links, search words or search phrases. The log file is stored for two months.

This data is processed for the purpose of presenting our web pages securely and to best effect from a technical point of view. The legal basis for processing the data here corresponds to our legitimate interest, article 6, paragraph 1, point (f), of the General Data Protection Regulation (GDPR). No person-related evaluations or reports are undertaken or produced.

3.1. Establishing contact using our contact forms

We only collect personal data pertaining to you – i.e. information that can be associated with you as an individual – if you provide us with this data yourself and enter into contact with us. This is the case if you enter your data in the input fields of the contact forms on our websites and send us inquiries.

Information that we absolutely need to process your inquiry is marked with an asterisk. You may also provide the remaining information voluntarily in order to make it easier for us to classify your inquiry.

We use your personal data only for communication with you and for processing your inquiry. The data will then be erased. The legal basis for processing the data is our legitimate interest in communicating with you at your request, article 6, paragraph 1, point (f), of the GDPR.

You may at any time object to the further storage and use of your personal data collected in the course of contacting us or revoke your request to be included in the press distribution list at any time. To do this, an e-mail to  

pr@ps.rolls-royce.com

or a letter to

Rolls-Royce Power Systems AG
Department VMC
Maybachstrasse 16
88045 Friedrichshafen

will suffice. If you object or revoke your request, your data will be erased immediately. However, your inquiries can then no longer be processed.

3.2. Receipt of the mtu Report customer magazine and the mtu eReport newsletter

When you order our free customer magazine mtu Report or subscribe to the electronic newsletter mtu eReport, we process the data you provide to us.

In order to process your order and forward it to service providers who are involved by us as contractually bound data processors for this purpose, e.g. the customer magazine print shop.

We obtain your consent to this in advance. It is the legal basis for this data processing (article 6, paragraph 1, point (a), of the GDPR).

Your personal data will not be used in any other way or passed on to third parties. You may unsubscribe from the customer magazine or withdraw your consent at any time, by sending an informal message to

report@ps.rolls-royce.com  

or by writing to  

Rolls-Royce Power Systems AG
Department VMC
Maybachstrasse  16
88045 Friedrichshafen

To unsubscribe from the newsletter you can use the unsubscribe link in the newsletters themselves. Once your withdrawal of consent has been received, your data collected during the ordering process is deleted immediately and will no longer be used. The customer magazine or newsletter will no longer be sent to you.

3.3. Personalized marketing communications

Based on your prior consent, we also process your personal data in order to provide you with relevant personalized marketing communications regarding topics of interest relating to mtu products and solutions, including technical articles, case studies, white papers, news articles, webinars, and videos. We provide these communications via e-mail; if you also provide us with your telephone number for this purpose, we or our local subsidiaries in your respective area may also call you to inform you about mtu products or mtu solutions via telephone.

The legal basis for this is article 6, paragraph 1, point (a), of the GDPR. We receive your consent particularly in the context of registering for gratuitous downloads of material on our websites or in the context of the registration for gratuitous webinars offered by third-party providers for which we deliver the content.

In order to tailor these marketing communications to your interests and preferences concerning our products and solutions, we use marketing tools to analyze data gathered by cookies and similar technologies when you use this website, as well as other information about your interests and preferences regarding mtu products and solutions which we collect due to your download of materials on our website, your registration for webinars or when you take notice of our marketing e-mails.

In particular, we use Pardot, a B2B marketing automation solution from Salesforce (based in the US), to 1) provide our prospective customers (known as ‘prospects’) with customized marketing communications and 2) qualify them as potential sales leads. We only collect and process data that has been provided to us on the basis of consent.

RRPS has agreed on corresponding EU standard contractual clauses with Salesforce. However, we would like to point out that an appropriate state level of data protection in the USA cannot be ensured and therefore access by US authorities cannot be ruled out (see ECJ ruling 16.07.2020 - C-311/18). Your data will therefore only be processed or passed on based on your consent.  

The following data is collected by us:

  • Information provided by prospects via forms on our landing pages.  
  • First name, last name, e-mail address, telephone number, company name, profession, solution requirements, , power requirements, facility/vessel/equipment types, project stage, etc.

The storage and processing of this data requires that all of the following conditions are met:

  • The prospect provides his data on the basis of consent.
  • This consent is obtained by clicking the "Informed consent" checkbox on the relevant landing page. For more information on "Informed Consent", please click on the link: Informed Consent.
  • The consent process is completed via the double opt-in procedure (clicking on a link in a confirmation e-mail). If confirmation is not received, the previously collected data will be deleted.

You may at any time revoke this consent via e-mail  dataprivacy.sales@mtu-online.com  –  you can also do this partly, specifically with regard to marketing communications via telephone – or by clicking on the unsubscribe links, which are provided at the bottom of each marketing e-mail. If you revoke your consent, your data will promptly be deleted, and we will stop providing you with the respective marketing communications. You can also object to the processing of your data for marketing purposes. We will then delete your data (except your e-mail address and the reason for your objection, in order to take account of your objection at any time) and stop sending you marketing communications.  

3.4. Applications

You may apply to our company online or by electronic means. We process your applicant data exclusively for the purpose of the application procedure and delete it, if rejected, after completion. The legal basis is article 26, paragraph 1, sentence 1, of the German Federal Data Protection Act. Please note that e-mails which are sent in unencrypted form are not transmitted with access protection. We therefore strongly recommend that you send us your application documents either by encrypted e-mail or via the contact form on our career portal. Further details of the way applicant data is handled may be found in our separate data privacy notice on the career portal.

3.5. Cookies and similar technologies

We use cookies and similar technologies for the purpose of tailoring our website to your needs. Most of the cookies and similar technologies we use lose their validity at the end of the browser session (so-called session cookies). Other cookies remain and similar technologies on your device and enable us to recognize your browser the next time you visit us (persistent cookies). Permanent cookies are not usually stored forever, but are deleted after two years. This data will not be used to personally identify the visitor to this website, except when you have given us express consent for analyzing your interests for marketing communications, as set out in Clause 5 (see above). You can revoke this consent at any time, as described above.

Any use of cookies or similar technologies that is not absolutely technically necessary constitutes data processing that is only permitted with your express and active consent in accordance with article 6, paragraph 1, sentence 1, point (a), of the GDPR. This applies in particular to the use of advertising, targeting or analysis cookies or similar technologies (see section 9. –12.).

To find out which cookies or similar technologies we use and how you can manage your cookie settings and deactivate certain types of tracking, go to our cookie settings, which you can access via “Cookie settings” at the bottom of each page.

If you do not give your consent to the use of cookies, we would like to point out that under certain circumstances this may result in a functional restriction of the use of our web pages and also those of other service providers.

Detailed information on all cookies used can be found here.

Pardot Cookies on  mtu-solutions.com and Pardot Landing Pages:

Pardot cookies are only used when a visitor or prospect allows Pardot cookies to be tracked on mtu-solutions.com or one of our Pardot landing pages, which are identifiable by one of the following subdomains in the website URL:

  • https://power.mtu-solutions.com/...
  • https://marine.mtu-solutions.com/...
  • https://industrial.mtu-solutions.com/...

For additional information regarding Pardot cookies, please click the link Pardot Cookies and Activity Tracking.

Pardot Cookie Opt-in Settings:

Opt-in is requested from all visitors to  mtu-solutions.com or Pardot landing pages, regardless of their location. Tracking requires consent, so if visitors ignore the banner, no cookies will be used to track their activities. See Pardot reference page: Control Tracking Opt-In Preferences.

3.6. Social Media

We are also present on the platforms of the social networks Facebook, Twitter, LinkedIn and Xing. If you click on the respective icon on our website, you will be forwarded to our profiles there without personal data being collected by us. For personal data collected on the respective platform, the provider is the controller in terms of data protection.

3.7.  Use of the GeoIP2 Country Database for Geolocation

This website uses the GeoIP2 Country database, which is provided by the provider MaxMind Inc. and hosted by a third-party provider of Rolls-Royce Power Systems. Maxmind GeoIP2 Country database is hosted within the European Union. In the GeoIP2 Country database, approximate location/geolocation data is assigned to the IP addresses used based on the country of origin of the IP address. In order to improve search results, to provide you with more relevant information and to pre-set certain website configurations tailored to you to make your visit to our sites more enjoyable (e.g. language settings), your IP address is used to determine your country of origin via the GeoIP2 Country database. Rolls-Royce Power Systems does not share these IP addresses with third parties.   The geolocalisation is based solely on anonymised IP addresses. The precise location of visitors to the website is excluded. The data processing is based on our corporate interests resulting from the purpose of the processing and based on article 6, paragraph 1, point f) of the GDPR.

4. Processing of your data outside of these websites

4.1 General  

We also process your personal data outside of these websites if you contact us in writing, by telephone or by e-mail with a request or inquiry and provide us with personal data (e.g. your contact details). Furthermore, we process personal data of yours if you or your company is a business partner, customer or service provider of ours, i.e. in a contractual relationship with us, for purposes of executing this contract, or if data processing is necessary for another reason, e.g. in the context of an application in response to an invitation to tender.

Depending on the context, your data will be processed on different legal bases within the meaning of article 6 of the GDPR. Depending on the context, this is in particular

1. your expression of consent pursuant to article 6, paragraph 1, point (a), of the GDPR (e.g. when requesting our customer magazine); or

2. where the processing is necessary for fulfilling a contractual relationship with us or for implementing precontractual measures which occur at your request, article 6, paragraph 1, point (b), of the GDPR (e.g. upon telephone request for the purpose of ordering a product); or

3. where the processing is necessary to comply with a legal obligation to which we are subject, article 6, paragraph 1, point (c), of the GDPR (e.g. compliance with legal obligations to retain records or obligations to provide information to authorities); or

4. where the processing is necessary to safeguard an overriding legitimate interest within the meaning of article 6, paragraph 1, point (f), of the GDPR (e.g. when asserting legal claims, in conducting internal and external investigations to identify, resolve and prosecute breaches of internal policies and/or legal requirements or for the video surveillance of our operating facilities to protect against unauthorized access).  

4.2 Use of Microsoft Teams  

  • For better collaboration, we use Microsoft Teams to hold online meetings, telephone and video conferences or to invite you to team collaboration. Microsoft Teams is part of Microsoft 365.In this context, we process the following data.          
  • User details: first and last name, display name, email address, company, (voluntary) profile picture and information             
  • Log files, protocol data, telephone number (if dialling in via telephone)
  • Event metadata: IP address, location, date, time, event, meeting ID, device/hardware information     
  • Text, audio and video data: If you switch on the microphone and/or the video camera during an event, this data is processed.

If you use the optional chat function, this data is also processed.  In most cases, the above-mentioned data are processed in order to initiate or fulfil a contractual relationship, Art. 6 par. 1 b) GDPR. In individual cases, the legal basis is our legitimate interest in more effective communication and in providing and conducting online meetings, telephone and video conferences, Art. 6 para. 1 f) GDPR. If you have given us your consent to process data for specific purposes (e.g. recording events), this consent is the basis for this data processing, Art. 6 para. 1 a) GDPR. You may withdraw your consent at any time without giving reasons.  Data processing with Microsoft 365 is carried out by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland, in a separate area for us, on servers in data centres within the EU. We have concluded a Data Processing Agreement with Microsoft in accordance with Art. 28 GDPR.

However, Microsoft Ireland Operations Ltd. reserves the right to process customer data for its own legitimate business purposes and to transfer such data to Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Please note that we have no control over this processing by Microsoft. To the extent that Microsoft processes the data in connection with legitimate business purposes, Microsoft is its own controller and is therefore responsible for compliance with applicable data protection regulations. Further information about processing by Microsoft can be found at https://privacy.microsoft.com/en-us/privacystatement

5.  General

5.1. Recipients

RRPS and other affiliated companies house central functions of the RRPS Group – e.g. Marketing & Communications, Sales, Purchasing and central admin functions such as Legal, etc. – which act on behalf of the entire group and may process your personal data within this context. The processing of personal data by these central functions is also undertaken on the basis of the aforementioned bases in law. If, for example, when carrying out procurement processes or processing contracts, affiliated companies other than RRPS must also be involved because they perform central functions within the group, personal data is exchanged between the affiliated companies involved to the extent necessary. The legal basis for this is the overriding legitimate interest of the company in organizing internal administrative procedures efficiently – article 6, paragraph 1, point (f), of the GDPR.

The following categories of recipients may also receive your personal data:

  • Service providers for the operation of our website and the processing of data stored or transmitted by the systems (e.g. for data processing centre services, payment processing, IT security). These are usually processors with whom we have concluded corresponding data processing agreements.  
  • Print service providers (processors) in the context of sending e.g. information and newsletters in print form.  
  • Business partners (e.g. suppliers, distributors and service partners). The data transfer takes place on the basis of our legitimate interest (article 6, paragraph 1, point (f), of the GDPR) in the context of contract fulfilment in regard to our customers or for sales purposes on the basis of your consent (article 6, paragraph 1, point (a), of the GDPR).
  • Service providers or persons used to carry out our business operations (e.g. auditors, banks, payment service providers, shipping service providers, insurance companies, legal advisors, parties involved in company acquisitions or the establishment of joint ventures). The legal basis here is article 6, paragraph 1, point (f), of the GDPR.

Government agencies/authorities, insofar as this is necessary to fulfil a legal obligation. The legal basis for the disclosure is then article 6, paragraph 1, point (c), of the GDPR.

5.2. Conditions for the transfer of personal data to third countries

In the context of your website visit and our business relationships, your personal data may be transferred or disclosed to third party companies. These may also be located outside the European Economic Area (EEA), i.e. in third countries. Such processing will only take place on the basis of your consent or to fulfil our contractual and business obligations and to maintain your business relationship with us.  

The European Commission certifies data protection comparable to the EEA standard in some third countries by means of so-called adequacy decisions (a list of these countries and a copy of the adequacy decisions can be obtained here: http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.html). However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. Where this is the case, we ensure that data protection is sufficiently guaranteed. We generally use the standard contractual clauses of the European Commission and, if necessary, take further measures to protect your personal data.

5.3. Data security

We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our security procedures are regularly reviewed and adapted in line with technological progress.

When you use our contact form, you also provide us with personal information about yourself. In order to prevent this data from falling into the wrong hands, we use end-to-end encryption for your personal data using the TLS method for data transmission (transport layer security). This is a proven, highly secure procedure for transmitting data over the Internet, provided that it is used – as is the case here – in line with state-of-the-art practice.

5.4. Storage of your data

Your personal data will always be stored as long as it is necessary for the respective purpose (e.g. fulfilment of contract), and shall then be erased in compliance with the statutory retention periods or, after the purpose has been achieved (e.g. fulfilment of the contract by both parties), restricted (blocked) for the necessary retention period in terms of processing, and then erased.

Your rights under Clause 15 are to be asserted in each instance against RRPS or against such other affiliated company as be responsible under data protection legislation. In any event, you may use the contact address given in Clause 1 above for this purpose.

5.5. Your rights

You have the right to request details of which personal data about you is stored.

You may request correction or amendment, erasure or restriction of processing (blocking) of your stored personal data as long as this is legally permissible and possible within the framework of an existing contractual relationship. Should statutory provisions not permit erasure, your data will instead be blocked (subjected to processing restrictions) in such a way as to make it accessible only for the purpose of complying with mandatory statutory provisions.

You may object to the processing of data for reasons arising from your particular situation if such data processing is carried out on the basis of our legitimate interests.

Should we process your data in order to conduct direct advertising, you may object to this advertising or promotion at any time with future effect (right to object to processing of personal data for marketing purposes). Please see the contact details in Clause 3.3 in this regard.

You are entitled to lodge a complaint with a supervisory authority. The following supervisory authority is responsible for RRPS: The Baden-Württemberg State Office for Data Protection and  
Freedom of Information, P.O. Box 10 29 32, 70025 Stuttgart. E-mail: poststelle@lfdi.bwl.de; Online complaints form:  https://www.baden-wuerttemberg.datenschutz.de/online-beschwerde/.

For complaints relating to data processing activities of our subsidiaries abroad, you can also submit a complaint to the relevant competent national supervisory authority.

You have the right to transfer the data you have provided to us on the basis of an expression of consent or a contract (data portability).

If you have given us an expression of consent to process your data, you may revoke this at any time in the same manner in which you gave it. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the time of withdrawal.

If you have any questions regarding the processing of your data or would like to assert your rights, please contact us by post or e-mail at the contact address given above (Clause 1).

5.6. Changes to this data privacy notice

The provisions of this data privacy notice in the version valid at the time on the homepage apply (cf. status and version of data privacy notice).

We reserve the right to amend and change the content of this data privacy notice. The updated data privacy notice shall apply from its date of validity (cf. status and version of the data privacy notice).

Version dated: November 2024