For Zwick Roell Polska Sp. z o.o. Sp. K., compliance with the data protection laws is not only a statutory obligation, it is also a vital factor in terms of confidence. This is why, with the following regulations concerning the protection of the privacy of personal data, we wish to provide you with transparency about the type, scope and purpose of your collated and processed personal data as part of this Internet presentation, while also informing you of your rights.
Responsibility for data processing
Zwick Roell Polska Sp. z o.o. Sp. K. ul. Muchoborska 16, 54-424 Wrocław, (known hereinafter as: “We”) in its roles as operator of the https://www.zwickroell.pl/ website, is the controller as per Art. 4 No. 7 of the EU General Data Protection Regulation (GDPR). Please address any queries to firstname.lastname@example.org
Your rights as the data subject
In your role as the data subject you enjoy the following rights with regard to your personal data. You have:
- A Right to Access Information concerning the categories of processed data, the purposes of the processing, the storage period and any recipients. (Art. 15 GDPR)
- A Right to Rectification or Erasure of incorrect or incomplete data. (Art. 17 GDPR)
- A Right to Restriction of Processing, where erasure is not possible or where it is contested. (Art. 18 GDPR)
- A Right to Object to the processing, insofar as the data processing has already been conducted because of a legitimate interest to do so. (Art. 21 Par. 1 GDPR)
- A Right to Object to a given consent that takes effect in the future. (Art. 7 Par. 3 GDPR)
- A Right to Data Portability in a customary format. (Art. 20 GDPR)
- You also have the right to lodge a complaint with a Data Protection Supervisory Authority with regard to our processing of your personal data, in particular, in the member state of your normal place of residence, your workplace or the location of the suspected infringement. (Art. 77 GDPR)
Data protection measures
We secure our website and other systems – and therefore also your data – through technical and organizational measures against loss, destruction, access, modification or distribution through unauthorized persons. Your personal data, in particular, are transmitted over the Internet in encrypted form. To do so, we use here the TLS (Transport Layer Security) coding system.
However, transmitting information over the Internet is never fully secure, which is why we are unable to issue a 100% guarantee about the security of data transmitted over our website.
There are several places on our website where you can contact us directly. By sending the contact form or an email to us, you agree to the processing and storage of your entered data (in particular your email address as well as city and postcode for the purpose of a local allocation). We will only process the data you provide to us until the respective purpose of your contact has been achieved, but for a maximum of 7 days after the purpose has been achieved. You can object to this processing at any time with effect for the future. Please use our contact details in the legal notice. The legal basis for the use of the data transmitted to us by you by contacting us is Art. 6 (1) (1) (a) GDPR (consent of the data subject). You can revoke your consent at any time with effect for the future.
If the contact is directed towards the implementation of precontractual measures pursuant to Art. 6 (1) (1) (b) GDPR, the processing and transmission of personal data will take place only to the extent necessary for implementing the measures.
Data communication to non-EU states
All the information that we receive from you or about you, is processed solely on servers located within the European Union. Any transfer of your data to or the processing of your data in non-EU states only takes place without your given consent insofar as this is specified by law, and the non-EU state in question operates a suitable level of data protection for this purpose.
Transferring data, job data processing
We never transfer your personal data to third parties, unless,
1. you have consented to the data transfer or
2. for reasons of
1. statutory regulations or
2. administrative or judicial directives
we are authorized or obliged to transfer the data. This can refer here, in particular, to issuing information for the purpose of criminal prosecution, for averting of a danger or for the enforcement of intellectual property rights.
Under certain circumstances we will also transfer your data to external service providers (processors), to simplify our own data processing procedures. In such an instance, this processor shall be contractually obliged as per Art. 28 GDPR, in other words, the processor, in particular, shall provide sufficient guarantees that its suitable technical and organizational measures shall be conducted such that the processing complies with the requirements of the GDPR, and that the protection of your rights as data subject shall be assured. Despite the delegation of processors, we are still the position responsible for the processing of your personal data as per the laws concerning the protection of the privacy of personal data.
Types, purpose and storage period of data, legal basis
Server log files
Each time our website is accessed the following general information is automatically sent by your browser to our server (so-called server log files): IP address, product and version information about the browser used and the operating system, the Internet site from which you accessed our site (so-called referrer), date and time of request and, in certain circumstances, your Internet service provider. The status and the transferred data volume are also recorded as part of this request.
The IP address of your computer is only stored for the period of time that you use the website and it is then deleted immediately after this or truncated such that it is rendered unrecognizable. The remaining data are stored for a limited period (maximum 7 days).
The legal basis for using the server log files is Art. 6 Par. 1 Clause 1 Letter f) GDPR (legitimate interest in data processing). The legitimate interest results from the necessity for operating our website, in particular, to locate and rectify any faults on the website, to determine the level of utilization of the website, to make adaptations or improvements, and to assure the security of the system.
We use so-called “cookies” to help us improve the level of user friendliness on our website. Put simply, a cookie is a small text file that stores data about sites that have been visited. Cookies store a type of “user profile”, in other words, things such as your preferred language and other site settings that are required by our website to provide you with specific services. This file is stored by our website on your computer and it helps to identify you when you visit our website again. Cookies also provide us with information about your preferred activities on our website and they can help us to align our website to your individual interests thereby speeding up the handling of your requests.
You can manually delete the cookies in your browser security settings at any given time. You can also prevent cookies from being stored on your computer right from the start using a specific browser setting. Please note however, that by doing so, you may not then be able to use all the functions to their full extent on our website. If you only wish to accept our cookies, but not those from our processor, you can prevent the storage of these cookies using the corresponding “Block all third-party cookies” setting.
The legal basis for using the cookies is generally Art. 6 Par. 1 Clause 1 Letter f) GDPR (legitimate interest in data processing). The legitimate interest results from our requirement to provide you with a user-friendly website.
Our website uses services from the Google LLC company (“Google”), 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Google complies with the requirements of the “EU Privacy Shield” (in German: EU-Datenschutzschild). The Privacy Shield Agreement governs the protection of personal data that are transferred from a Member State of the European Union to the USA. It ensures that the transferred data are also subject there to a data protection level comparable with the European Union level. The list of certified companies is available here: https://www.privacyshield.gov/list. More information on handling user data is available in the Google Data Privacy Statement: https://www.google.de/intl/de/policies/privacy/.
In detail we use the following
Our website uses the external map service “Google Maps” from Google. Google Maps is designed to provide an interactive map on our website that shows you how to find us. This service allows us to present our website in an appealing way by loading maps from an external server. The required data are usually requested from a Google server in the USA. This request usually transfers the following information to a Google server in the USA and stores it there for several months: Those of our internet pages that you have visited and the IP address of your device. The legal basis for the processing of your data in relation to the “Google Maps” service is Art. 6 (1) (1) (f) GDPR (legitimate interest in data processing). The justified interest results from our need for an appealing presentation of our online offer and the ease of finding the places indicated on our homepage.
Our website uses the video service “YouTube” from Google. YouTube serves to integrate videos into our website in various places. When videos are played back, the following information is usually transferred to a Google server in the USA and stored there for several months: Those of our internet pages that you have visited and the IP address of your device. YouTube uses these data, among other things, to collect statistics and to improve the service. Playing a video may also lead to a connection to Google’s own advertising network “DoubleClick” (see above). We have therefore embedded our videos in advanced privacy mode to ensure that a connection to the servers is not established until playback.
The legal basis for the processing of your data in relation to the “YouTube” service is Art. 6 (1) (1) (f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need for an appealing presentation of our online offering.
Data Privacy Statement status: 24.5.2018
Source: Süddeutsche Datenschutzgesellschaft mbH