数据保护声明
保护您的数据对我们很重要,而且我们知道,这对您也很重要
请仔细阅读我们的数据保护准则,以便了解Relyon Plasma GmbH如何使用、存储与保护您的个人数据。
我们的准则即将进行更改
2018年5月25日起有效
随着将在2018年5月25日生效的新的欧盟《数据保护一般条例》(英文:General Data Protection Regulation,缩写:GDPR ),我们必须添进新增的、现行数据保护规定所要求的必要讯息,因此也更新了我们的数据保护准则。
以下主题现在对您来说更透明:
- 收集和处理个人数据的理由
- 处理个人数据的法律基础
- 在欧盟的数据当事人依GDPR的权利以及行使这些权利的可能方式
- 数据保护专员的联系信息
“个人数据” 是指与一个已被验明或可验明的自然人相关的信息。
关于Relyon Plasma GmbH 所处理的个人数据
1- 处理向info-relyon@tdk.com或直接向网站上的联系人提出询问时的个人数据:
当您向上述地址 发出询问时, 您的业务联系信息,例如电子邮件地址、姓名、公司地址、电话与传真号码以及联络原因便被收录并存储在我们的数据库。
2- 目的与法律基础:
(a) Relyon Plasma GmbH 会处理您的业务联系信息以及发出询问的原因, 以便针对您所关切的问题与您取得联系并交换商业利益。为了这目的而处理业务数据的法律基础在于:您透过发送询便同意了进行联系。
(b) Relyon Plasma GmbH 处理您的电子邮件地址, 以便向您发送有关Relyon Plasma GmbH 重要产品的消息,例如重要的产品及安全资讯、产品变更与更新或数据保护准则的重大更改。为此这目的而处理您的电子邮件地址和姓名的法律基础在于:可以将关于您买的Relyon Plasma GmbH产品之重要的安全等资讯或本数据保护准则的重大更改告知您以及提供您与我们互动的机会,是Relyon Plasma GmbH的合法利益。
(c) 如果您同意接到Relyon Plasma GmbH的市场营销讯息, Relyon Plasma GmbH 会处理您的电子邮件地址, 以便向您发送有关Relyon Plasma GmbH产品的市场营销消息。为此目的处理您的电子邮件地址之法律基础是您的同意。您可以随时通过给我们发简短消息到info-relyon@tdk.com 撤回您的同意。您从Relyon Plasma GmbH 收到的市场营销电子邮件基于您的客户账户中设定的优先选项。为此这目的而处理这些数据的法律基础在于:将发送个别客户的市场营销电子邮件的数量降到最低是Relyon Plasma GmbH合法利益; 为此必须精确确定, 哪些客户收到某件市场营销电子邮件,而不是将它发给全部同意收到市场营销电子邮件的客户。
(d) Relyon Plasma GmbH 处理您的电子邮件地址, 以便您只要链接您的登录数据,就能 与我们的支持部门联系,从而为您提供远程维修的可能性。作此处理的法律基础是,提供高质量的支持是我们的合法利益。
3- 存储期限: 我们最长按照法定的保存期限存储全部数据。如果对合同履行或合同启动不再有必要、我方不再有继续存储的合法利益以及/或者当事人有权行使其干预权,个人数据将被消除。仅是来自客户询问而无合同关系的个人数据将在6个月之后消除。上次交易已结束2年,经常客户的个人数据予以消除。
关于个人数据接收者
我们可以将关于您个人的数据透露给他人:
(a) 如果我们取得您对此的有效同意;
(b) 为了遵循一项有效的传唤、法律制度、法院处分、法律途径或其他法律义务;
(c) 为了执行我们的条件或准则或
(d) 为了依需要而执行可用的法律补救措施或捍卫法律权利。此外,如果Relyon Plasma GmbH进行重组、合并、出售、合资、转让或出让其业务营运和企业资产的话,我们可以将您的全部或部分个人数据, 或许在破产或类似程序的相关情形下, 传达给联关公司、子公司或第三方, 前提是,我们向其传达个人数据的那一方不得未通知您而且依照适用法律有必要但未征求您的同意,便以不同于本数据保护准则所规定的方式处理您的个人数据。
个人数据的传输
Relyon Plasma GmbH 是一家全球企业。为了能够提供我们的产品与服务,我们有时必须将您的个人数据转移给在其他国家的Relyon Plasma GmbH经销合作伙伴 (请参见https://www.relyon-plasma.com/kontakt/ ) 。Relyon Plasma GmbH管理欧洲经济区的国家或瑞士或第三国的居民的个人数据,并以自身名义加以处理。所有Relyon Plasma GmbH 经销合作伙伴都必须遵守本数据保护声明中所规定的数据保护惯例。
当事人权利
如果您想了解我们存储关于您的哪些个人数据,或您要更正或删除这些数据,请随时联系我们。此外您拥有限制处理的权利 (GDPR第18条)、反对处理的权利 (GDPR第21条)和转移数据的权利 (GDPR第20条)。
若有这些情形,请您直接与我们联系。
本数据保护声明的更改
我们保留随时基于新技术或法律法规的需要更改我们的数据保护声明之权利。请注意您看到的是否为最新版本。如果对本数据保护声明将进行重大更改,我们会在我们的网站上发布消息。
所有对我们的网站感兴趣的人士和访客如有数据保护方面的问题,可联系我们的数据保护专员:
Simona Lerach
Relyon Plasma GmbH
Osterhofener Straße 6
93055 Regensburg
Tel.: +49 941 60098-190
Fax: +49 941 60098-100
E-Mail: s.lerach@relyon-plasma.com 如果我们的数据保护专员对您的问题答复无法让您满意,您可以向主管您联州邦的数据保护监督机关投诉。
Data Privacy
Your privacy is important to us and we know it is important to you
Please read our privacy policy for information on how relyon plasma GmbH uses, stores and protects your personal data.
Privacy at a glance
General information
The following information provides a basic overview of what happens to your personal data when visiting this website. Personal data is any data that can be used to identify you personally. See our Privacy Policy below for more detailed information about privacy.
Data collection on this website
Who is responsible for data collection on this website?
Data processing on this website is performed by the website operator. The contact information for the website operator can be found in the “Data controller information” section of this Privacy Policy.
How do we collect your data?
On the one hand, we collect your data when you send it to us. This could be information you enter in a contact form, for example.
Our IT systems collect other data automatically or with your consent when you visit the website. This is mainly technical data (e.g. internet browser, operating system or page access time). This data is collected automatically as soon as you access this website.
What do we use your data for?
Some of the data is collected to ensure that the website runs smoothly. Other data may be used to analyse your user behaviour.
What rights do you have in respect to your data?
You have the right to free information about the origin, recipient, and purpose of your stored personal data at any time. You also have the right to request that this data be corrected or deleted. If you have granted us consent to process your data, you may revoke your consent at any time with immediate effect for the future. You also have the right to request that the processing of your personal data be restricted in certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time about this or any other privacy-related questions you may have.
Third-party and analysis tools
When you visit this website, your surfing behaviour may be statistically analysed. This is primarily carried out via so-called analysis programmes. The following Privacy Policy contains more information about these analysis programmes.
2. Hosting
The following provider hosts the contents of our website:
External hosting
This website is hosted externally. The personal data collected on this website will be stored on the hosting provider’s servers. This may include, without being limited to, IP addresses, contact enquiries, meta and communication data, contract data, contact details, names, website access details, and other data generated via a website.
External hosting is performed for the purpose of contract fulfilment with our potential and existing customers (Art. 6 (1)(b) of the General Data Protection Regulation (GDPR)) and in the interest of a professional provider facilitating a secure, fast, and efficient provision of our website (Art. 6 (1)(f) GDPR). If corresponding consent has been requested, the processing will be carried out solely on the basis of Art. 6 (1)(a) GDPR and § 25 (1) of the German Telecommunications-Telemedia Data Protection Act (TTDSG), where said consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting) as defined by the TTDSG. This consent may be revoked at any time.
Our hosting provider(s) will only process your data as necessary to fulfil their service obligations and will adhere to our instructions regarding this data.
We use the following hosting provider(s):
weber.digital GmbH
Bahnhofstr. 16
72336 Balingen, Germany
Contract processing
We have concluded a contract processing agreement (CPA) for use of the aforementioned service. This is a contract required by data protection law which ensures that this service only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
3. General notes and required information
Privacy
The operators of these pages take the protection of your personal data extremely seriously. We treat your personal data confidentially and in compliance with the statutory data protection regulations and this Privacy Policy.
Various personal data is collected when you use this website. Personal data is data that can be used to identify you personally. This Privacy Policy explains what data we collect and how we use it. It also explains how this is done and for what purpose.
We wish to point out that data transfers over the internet (for example, when communicating via email) can present security risks. It is not possible to protect data completely from unauthorised access.
Data controller information
The data processing controller on this website is:
Relyon Plasma GmbH
Management: Simona Lerach and Florian Freund
Osterhofener Str. 6
93055 Regensburg, Germany
Phone: +49 941 600980
Email: info-relyon@tdk.com
The data controller is the natural person or legal entity who, alone or in collaboration with others, determines the purpose and means of the personal data processing (e.g., names, email addresses, etc.).
Storage period
Unless a different storage period is specified in this Privacy Policy, we will retain your personal data until the purpose for processing the data no longer applies. If you make a valid deletion request or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons to keep it (for example, tax or commercial law retention periods). In the latter scenario, the data will be deleted once these reasons no longer apply.
General information about the legal basis for data processing on this website
If you have given your consent to data processing, we will process your personal data on the basis of Art. 6 (1)(a) GDPR or Art. 9 (2)(a) GDPR if special categories of data are processed in accordance with Art. 9 (1) GDPR. Data processing is also carried out on the basis of Art. 49 (1)(a) GDPR if you have expressly consented to the transfer of personal data to third countries. If you have consented to the storage of cookies or access to information on your end device (e.g. via device fingerprinting), the data processing is also performed on the basis of § 25 (1) TTDSG. This consent may be revoked at any time. If your data is required for contract performance or the implementation of pre-contractual measures, we will process it on the basis of Art. 6 (1)(b) GDPR. Furthermore, if your data is required to fulfil a legal obligation, we will process it on the basis of Art. 6 (1)(c) GDPR. The data processing may also be carried out on the basis of our legitimate interest in accordance with Art. 6 (1)(f) GDPR. The following paragraphs of this Privacy Policy provide information on the relevant legal basis in each individual case.
Data Protection Officer
We have appointed a Data Protection Officer.
Simona Lerach
Osterhofener Strasse 6
93055 Regensburg, Germany
Phone: +49 941 60098 190
Email: s.lerach@awerkmann
Information about data transfers to the United States and other third countries
Among other things, we use tools from companies based in the USA or other third countries that are not secure in terms of data protection law. If these tools are enabled, your personal data may be transferred to and processed in these third countries. Please note that no comparable level of data protection to that found in the EU can be guaranteed in these countries. For example, US companies are required to hand over personal data to security authorities without your ability to take legal action against this as a data subject. As a result, the possibility of US authorities (e.g. intelligence services) processing, evaluating and permanently storing your data on US servers cannot be ruled out. We have no control over these processing activities.
Revoking your consent to data processing
Many data processing operations are only possible with your express consent. You may revoke previously granted consent at any time. This will not affect the legality of the data processing performed prior to the revocation.
Right to object to data collection in certain scenarios and to direct marketing (Art. 21 GDPR)
IF DATA PROCESSING IS PERFORMED ON THE BASIS OF ART. 6 (1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION. THIS ALSO APPLIES TO PROFILING BASED ON THOSE PROVISIONS. DETAILS OF THE RESPECTIVE LEGAL BASIS FOR DATA PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL STOP PROCESSING YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS OR WHERE THE PROCESSING IS NECESSARY FOR THE PURPOSE OF ASSERTING, EXERCISING, OR DEFENDING LEGAL CLAIMS (OBJECTION UNDER ART. 21 (1) GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF THE PERSONAL DATA IN QUESTION FOR THE PURPOSES OF SUCH MARKETING AT ANY TIME. THIS ALSO APPLIES TO PROFILING WHERE IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21 (2) GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of a GDPR breach, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the member state where they live or work or where the alleged breach occurred. The right to lodge a complaint does not affect any other administrative or judicial remedy.
Right to data portability
You have the right to have data that we automatically process on the basis of your consent or in the performance of a contract transferred to you or a third party in a common, machine-readable format. If you request a direct transfer of the data to another controller, this will only be done if it is technically feasible.
Information, deletion and rectification
Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipients, and the purpose of the data processing, as well as the right to correct or delete this data, where applicable, at any time. You can contact us at any time with this or any other questions you may have about personal data.
Right to restriction of processing
You have the right to request that the processing of your personal data be restricted. You can contact us at any time to do so. The right to restrict processing applies in the following circumstances:
- We usually need time to investigate if you dispute the accuracy of the personal data that we have stored. You have the right to request that the processing of your personal data be restricted during the verification process.
- If your personal data is being processed unlawfully, you may request data processing restriction rather than erasure.
- If we no longer need your personal data but you require it to exercise, defend, or assert legal claims, you have the right to request restriction of processing rather than erasure.If you have objected in accordance with Art. 21(1) GDPR, a balancing of your and our interests must be carried out. You have the right to request that the processing of your personal data be restricted until it is determined whose interests prevail.
If you have restricted the processing of your personal data, apart from being stored, this data may only be processed with your consent, to assert, exercise, or defend legal claims, for the protection of another natural or legal person’s rights or for reasons of an important public interest of the European Union or a Member State.
SSL and TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries you send to us as the site operator. You will recognise that the connection is encrypted because the browser address line changes from “http://” to “https://” and from the lock icon in your browser line.
When SSL or TLS encryption is enabled, third parties cannot read the data you send to us.
Encrypted payment transactions on this website
If there is an obligation to transmit your payment data to us after concluding a contract with costs (e.g., account number for direct debit authorisation), this data is required for payment processing.
Payment transactions using common payment methods (Visa/MasterCard, direct debit) are conducted exclusively over an encrypted SSL or TLS connection. You will recognise that the connection is encrypted because the browser address line changes from “http://” to “https://” and from the lock icon in your browser line.
Third parties cannot read the payment data you transmit to us using encrypted communication.
4. Data collection on this website
Cookies
Our websites use so-called “cookies”. Cookies are small data packages that do not harm your end device. They are stored on your end device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies are stored on your end device until you delete them or your web browser deletes them automatically.
When you visit our site, cookies from third-party companies (third-party cookies) may sometimes be stored on your end device. These allow us or you to use certain third-party company services (e.g. cookies for processing payment services).
Cookies have a variety of functions. Many cookies are technically necessary because certain website functions would not work without them (e.g. the shopping basket function or video playback). Other cookies are used to evaluate user behaviour or show advertising.
Cookies required for electronic communications or to provide certain features required by you (e.g. the shopping basket function) or to optimise the website (e.g. web audience measurement cookies) (necessary cookies) are stored on the basis of Art. 6 (1)(f) GDPR unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically flawless and optimised provision of its services. If consent to the storage of cookies and similar recognition technologies has been requested, processing will be carried out solely on the basis of this consent (Art. 6 (1)(a) GDPR and § 25 (1) TTDSG). Said consent may be revoked at any time.
You can configure your browser to notify you when cookies are set, only allow cookies in specific cases, exclude cookie acceptance in specific cases or in general, and enable automatic cookie deletion when you close your browser. However, the functionality of this website may be limited if you disable cookies.
If cookies are used by third-party companies or for analysis purposes, we will notify you of this separately within this Privacy Policy and, if necessary, request your consent.
Borlabs Cookie consent
Our website uses Borlabs Cookie consent technology to obtain your consent to the storage of certain cookies in your browser or the use of certain technologies and to document this in accordance with data protection law. Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany, is the provider of this technology (hereinafter referred to as Borlabs).
When you visit our website, a Borlabs cookie is saved on your browser, which stores your granted consents or the revocation of such consents. This data is not shared with the Borlabs Cookie provider.
The collected data will be kept until you ask us to delete it, you delete the Borlabs cookie, or the purpose for storing the data no longer applies. Mandatory statutory retention periods will remain unaffected. Borlabs Cookie data processing details can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.
Borlabs Cookie consent technology is used to obtain the legally required cookie consent. The legal basis for this is Art. 6(1)(c) GDPR.
Server log files
The website provider automatically collects and stores information in so-called server log files, which your browser automatically sends to us. This information includes:
- browser type and browser version
- operating system
- referrer URL
- host name of the accessing computer
- time of the server request
- IP address
This data is not combined with data from other sources.
This data is collected on the basis of Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in the technically flawless presentation and optimisation of its website, and server log files must be collected for this purpose.
Contact form
If you send us enquiries via the contact form, we will store your details from the form, including the contact information you provided, for the purpose of processing your enquiry and for any follow-up questions. We will not share this data without your consent.
If your enquiry relates to the fulfilment of a contract or is required to implement pre-contractual measures, this data will be processed on the basis of Art. 6 (1)(b) GDPR. In all other cases, the processing will be based on our legitimate interest in the effective processing of enquiries directed to us (Art. 6 (1)(f) GDPR) or, if requested, with your consent (Art. 6 (1)(a) GDPR). This consent may be revoked at any time.
We will keep the data you enter on the contact form until you ask us to delete it, revoke your consent to store it, or until the purpose for storing the data no longer applies (e.g. after we have finished processing your enquiry). Mandatory statutory provisions, in particular retention periods, will remain unaffected.
Email, telephone or fax enquiries
If you contact us by email, phone, or fax, your enquiry and any personal data resulting from it (name, enquiry) will be saved and processed by us for the purpose of processing your request. We will not share this data without your consent.
If your enquiry relates to the fulfilment of a contract or is required to implement pre-contractual measures, this data will be processed on the basis of Art. 6 (1)(b) GDPR. In all other cases, the processing will be based on our legitimate interest in the effective processing of enquiries directed to us (Art. 6 (1)(f) GDPR) or, if requested, with your consent (Art. 6 (1)(a) GDPR). This consent may be revoked at any time.
We will keep the data you send us via contact requests until you ask us to delete it, revoke your consent to store it, or until the purpose for storing the data no longer applies (e.g. after we have finished processing your request). Mandatory statutory provisions, in particular statutory retention periods, will remain unaffected.
5. Analysis tools and advertising
Google Analytics
This website uses Google Analytics web analysis functions. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics allows the website operator to analyse the behaviour of visitors to its website. The website operator receives various usage data as a result, including page views, length of stay, operating systems used, and user origin. This data is compiled into a user ID and assigned to the website visitor’s end device.
Furthermore, Google Analytics allows us to track your mouse, scroll, and click movements, among other things. Google Analytics also supplements the data records collected using various modelling approaches and employs machine learning technologies for data analysis.
Google Analytics uses technologies that enable user recognition to analyse user behaviour (e.g. cookies or device fingerprinting). The information generated by Google about the use of this website is usually transmitted to a Google server in the USA and stored there.
The use of this service is based on your consent in accordance with Art. 6 (1)(a) GDPR and § 25 (1) TTDSG.
This consent may be revoked at any time.
Data transfers to the United States are based on the EU Commission’s standard contractual clauses.
Details can be found at https://privacy.google.com/businesses/controllerterms/mccs/.
Browser plug-in
You can prevent Google from collecting and processing your data by downloading and installing the browser plug-in available at: https://tools.google.com/dlpage/gaoptout?hl=en-GB.
You can find more information about how user data is handled with Google Analytics in Google’s Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=en.
Google Signals
We use Google Signals. When you visit our website, Google Analytics collects information such as your location, search history, and YouTube history, as well as demographic data (visitor data). With the help of Google Signals, this information can be used for personalised advertising. If you have a Google account, the visitor data from Google Signals will be linked to it and used to send you personalised advertising. The data is also used to compile anonymous statistics on our users’ behaviour.
Contract processing
We have concluded a contract processing agreement with Google and fully implement the German data protection authorities’ strict requirements when using Google Analytics.
Google Analytics e-commerce tracking
This website uses the Google Analytics “e-commerce tracking” function. The website operator can use e-commerce tracking to analyse the purchasing habits of website visitors to improve its online marketing campaigns. This involves collecting information, for example, orders placed, average order value, shipping costs and the time it takes from viewing to purchasing a product. Google can compile this information into a transaction ID assigned to the user or their device.
6. Plug-ins and tools
YouTube
This website incorporates videos from the YouTube website. The website is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. When you visit one of our websites with YouTube embedded, a connection is established to the YouTube servers. This tells the YouTube server which of our pages you visited. YouTube may also store various cookies on your end device or use similar technologies for recognition (e.g. device fingerprinting). YouTube can obtain information about visitors to this website in this manner. This information is used to collect video statistics, improve the user experience, and prevent fraud attempts, among other things. If you are logged in to your YouTube account, you allow YouTube to link your surfing behaviour to your personal profile directly. You can prevent this by logging out of your YouTube account. YouTube is used to present our website in an appealing manner. This constitutes a legitimate interest as defined by Art. 6 (1)(f) GDPR. If corresponding consent has been requested, the processing will be carried out solely on the basis of Art. 6 (1)(a) GDPR and § 25 (1) of the German Telecommunications-Telemedia Data Protection Act (TTDSG), where said consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting) as defined by the TTDSG. This consent may be revoked at any time.
More information on how YouTube handles user data can be found in its privacy policy at: https://policies.google.com/privacy? hl=de.
Google Fonts (local hosting)
To display fonts consistently, this Page uses so-called Google fonts, which are provided by Google. Google Fonts are installed locally. There is no connection to Google’s servers.
You can find more information about Google Fonts at https://developers.google.com/fonts/faq and in Google’s Privacy Policy: https://policies.google.com/privacy?hl=en-GB.
OpenStreetMap
We use the OpenStreetMap (OSM) map service.
We embed OpenStreetMap map content on the OpenStreetMap Foundation server, St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom. The United Kingdom is considered a secure third country under data protection law. This means that the United Kingdom has the same level of data protection as the European Union. When you use the OpenStreetMap maps, a connection is established with the OpenStreetMap Foundation servers. Among other things, your IP address and other information about your behaviour on this website may be forwarded to the OSMF as part of this process. OpenStreetMap may store cookies in your browser or use similar recognition technologies for this purpose.
The use of OpenStreetMap is in the interest of presenting our website in an appealing manner and making it easy to locate the places we refer to on it. This constitutes a legitimate interest as defined by Art. 6 (1)(f) GDPR. If corresponding consent has been requested, the processing will be carried out solely on the basis of Art. 6 (1)(a) GDPR and § 25 (1) of the German Telecommunications-Telemedia Data Protection Act (TTDSG), where said consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting) as defined by the TTDSG. This consent may be revoked at any time.
7. e-Commerce and payment providers
Customer and contract data processing
We collect, process, and use personal customer and contract data to establish, draft the content of, and amend our contractual relationships. We collect, process, and use personal data about use of this website (usage data) only to the extent required to enable the user to use the service or to bill the user. The legal basis for this is Art. 6 (1)(b) GDPR.
The collected customer data will be deleted following completion of the order or termination of the business relationship and expiry of any existing statutory retention periods. Statutory retention periods will not be affected.
Data transfer upon contract conclusion for online shops, retailers, and goods shipment
When you order goods from us, we send your personal data to the transport company in charge of delivery and the payment service provider in charge of payment processing. Only the data required by the respective service provider to complete its task will be disclosed. The legal basis for this is Art. 6 (1)(b) GDPR, which allows data processing to fulfil a contract or pre-contractual measures. If you have granted the necessary consent in accordance with Art. 6 (1)(a) GDPR, we will provide your email address to the transport company entrusted with the delivery so they can notify you via email about the shipping status of your order. You may revoke your consent at any time.
Data transfer when concluding contracts for services and digital content
We only transmit personal data to third parties if necessary within the framework of the contract processing, for example, to the credit institution responsible for payment processing.
There will be no further transmission of data or only where you have expressly consented to the same. Your data will not be passed onto third parties without your express consent, for example, for advertising purposes.
The basis for the data processing is Art. 6(1)(b) GDPR which allows data processing to fulfil a contract or pre-contractual measures.
Payment services
Third-party payment services are integrated into our website. When you make a purchase from us, the payment service provider processes your payment data (e.g., name, payment amount, account details, credit card number) for the purpose of processing the payment. These transactions are subject to the respective providers’ contractual and data protection provisions. The payment service providers are used on the basis of Art. 6 (1)(b) GDPR (contract processing) and in the interest of providing a smooth, convenient and secure payment process (Art. 6 (1)(f) GDPR). Where your consent is requested for certain actions, Art. 6 (1)(a) GDPR will be the legal basis for the data processing. Consent can be revoked at any time with immediate effect for the future.
We use the following payment services/payment service providers on this website:
PayPal
The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”).
Data transfers to the United States are based on the EU Commission’s standard contractual clauses. Details can be found at https://www.paypal.com/uk/webapps/mpp/ua/pocpsa-full?locale.x=en_GB
Please see PayPal’s Privacy Statement for details: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full?locale.x=en_GB.
Stripe
The provider for customers within the EU is Stripe Payments Europe, Ltd,1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter “Stripe”).
Data transfers to the United States are based on the EU Commission’s standard contractual clauses. Details can be found at https://stripe.com/de/privacy and https://stripe.com/de/guides/general-data-protection-regulation.
You can read Stripe’s Privacy Policy at the following link for more information: https://stripe.com/de/privacy.
8. Audio and video conferencing
Data processing
Among other methods, we use online conferencing tools to communicate with our customers. The specific tools we use are listed below. If you communicate with us via video or audio conference over the internet, we and the provider of the relevant conference tool will collect and process your personal data.
The conferencing tools collect all data that you provide/enter to use the tools (email address and/or phone number). The conference tools also process the duration of the conference, the start and end (time) of conference participation, the number of participants, and other “contextual information” related to the communication process (metadata).
Furthermore, the tool’s provider processes all technical data required to handle the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the connection type.
If content is exchanged, uploaded, or otherwise made available within the tool, it will also be stored on the tool providers’ servers. Such content includes, without being limited to, cloud recordings, chat/instant messages, voice mails, uploaded photos and videos, files, whiteboards and other information shared while using the service.
Please note that we do not have complete control over the tools’ data processing operations. The respective provider’s company policy largely determines our options in this respect. Please refer to the privacy policies of the respective tools used, as listed below, for more information on data processing by the conference tools.
Purpose and legal basis
The conference tools are used to communicate with prospective or existing contractual partners and provide specific services to our customers (Art. 6 (1)(b) GDPR). Furthermore, the use of the tools serves to simplify and accelerate communication with us or our company (legitimate interest as defined by Art. 6 (1)(f) GDPR). If consent has been requested, the tools in question are used on that basis. Consent can be revoked at any time with immediate effect for the future.
Storage period
The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you ask us to revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies will remain on your end device until you delete them. Mandatory statutory retention periods will remain unaffected.
We have no control over the length of time your data is stored by the conference tool operators for their own purposes. For more information, please contact the conference tool operators directly.
Conference tools used
We use the following conference tools:
Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Please see the Microsoft Teams privacy policy for more information on data processing: https://privacy.microsoft.com/en-gb/privacystatement.
Contract processing
We have concluded a contract processing agreement (CPA) for use of the aforementioned service. This is a contract required by data protection law which ensures that this service only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
9. Internal services
Handling of applicant data
We provide you the opportunity to apply for a job with us (e.g. by email, post or via an online application form). We tell you about the scope, purpose and use of your personal data collected during the application process below. We assure you that your data will be collected, processed, and used in accordance with applicable data protection law and all other statutory provisions and that your data will be treated as strictly confidential.
Scope and purpose of the data collection
When you submit an application to us, we process your associated personal data (e.g., contact and communication information, application documents, notes taken during interviews, etc.) to the extent required to decide whether to establish an employment relationship. The legal basis for this is § 26 of the German Federal Data Protection Act (BDSG) (initiation of an employment relationship), Art. 6 (1)(b) GDPR (general contract initiation) and, if you granted consent, Art. 6 (1)(a) GDPR. This consent may be revoked at any time. Your personal information will only be shared within our company with those involved in processing your application.
If your application is successful, the information you provided will be stored in our data processing systems on the basis of § 26 BDSG and Art. 6 (1)(b) GDPR for the purpose of implementing the employment relationship.
Data sources/sourcing
In addition to the information you provide directly through your application, we also gather data on potential applicants through research on relevant platforms such as Xing, LinkedIn, Stepstone, or Monster. We only use data that users of these platforms have made publicly available.
Data retention period
If we are unable to make you a job offer, if you reject a job offer, or if you withdraw your application, we reserve the right to retain the data you have submitted for up to six months from the end of the application process (rejection or withdrawal of the application) on the basis of our legitimate interests (Art. 6 (1)(f) GDPR). After that, the data will be deleted, and the physical application documents will be destroyed. This storage services primarily as evidence in the event of a legal dispute. If it is clear that the data will be needed after the six-month period expires (for example, due to a threatened or pending legal dispute), the data will be deleted only when the reason for further storage no longer applies.
Longer storage may also occur if you have given your consent to the same (Art. 6 (1)(a) GDPR) or if statutory retention obligations prevent deletion of the same.
Inclusion in the applicant pool
You may be added to our applicant pool if we do not make you a job offer. If you are accepted, all documents and information from your application will be transferred to the applicant pool so that we can contact you if suitable vacancies become available.
Inclusion in the applicant pool is based exclusively on your express consent (Art. 6 (1)(a) GDPR). Consent is granted voluntarily and has no relation to the current application process. The data subject may revoke their consent at any time. In this scenario, the data from the applicant pool will be permanently deleted unless there are legal grounds to retain it.
The applicant pool data will be permanently deleted no later than two years after consent is granted.