Erne Fittings GmbH reserves the right to change these data protection regulations at any time in accordance with the valid statutory data protection requirements.

1.1 PERSONAL DATA

The personal data you submit voluntarily (in connection with a business relationship or as a prospective customer) is collected, stored and processed in accordance with the latest EU General Data Protection Regulation (EU GDPR).

Business relationships with persons such as customers and suppliers are not possible unless your personal data is collected, stored and processed. This is done exclusively for administration purposes and to carry out the necessary business processes. The third parties your data is disclosed to are persons who are directly involved in the particular processes, and only when the organisational measures render this necessary.

1.2 LINKS TO OTHER WEBSITES

Business relationships with persons such as customers and suppliers are not possible unless your personal data is collected, stored and processed. This is done exclusively for administration purposes and to carry out the necessary business processes. The third parties your data is disclosed to are persons who are directly involved in the particular processes, and only when the organisational measures render this necessary.

2. DUTY TO PROVIDE INFORMATION PURSUANT TO ARTICLES 12-14 EU GDPR

In the following, we gladly provide you with all information which describes the nature, purpose and extent of the processing operations concerning your personal data.

2.2 PURPOSES OF DATA PROCESSING

Depending on the business relationship with the data subject, their data is processed for one or more of the purposes listed below.

2.3 LEGAL BASES OF PURPOSES OF DATA PROCESSING

2.4 THIRD PARTY DATA RECIPIENTS – CATEGORIES

Recipients receive only necessary data pertaining to them, no full data sets. Your data is only transferred when organisational procedures make it necessary and when a valid legal basis is available.

2.5 LENGTH OF DATA STORAGE

All data shall be stored for 7 years, or according to a time period defined by law, to comply with the statutory retention period pursuant to the 1994 Umsatzsteuergesetz (German VAT Act).

3. RIGHTS OF THE DATA SUBJECT

It is our pleasure to inform you of your rights in accordance with the EU GDPR:

3.1 RIGHTS OF THE DATA SUBJECT PURSUANT TO ARTICLES 15-21 EU GDPR

• Right of access
• Right to rectification
• Right to erasure / “right to be forgotten”
• Right to restriction of processing
• Right to data portability
• Right to object (in case of legitimate interest of the controller)

Detailed descriptions can be found here:
http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679&from=DE
© European Union, http://eur-lex.europa.eu/ 1998-2018
https://www.wko.at/service/wirtschaftsrecht-gewerberecht/EU-Datenschutz-Grundverordnung:-Betroffenenrechte.html (German language version only)

3.2 RIGHT OF WITHDRAWAL PURSUANT TO ARTICLE 7 EU GDPR

Depending on our business relationship we would like to ask you for various declarations of consent. You will be asked these during contract initiation. The declarations of consent according to EU GDPR are not obligatory. Every data subject has the right to withdraw his given consent at any time. When consent is withdrawn, the legality of processing permitted until any such withdrawal of consent takes place by the data subject shall not be affected.

3.3 RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY PURSUANT TO ARTICLE 77 EU GDPR

Every data subject has the right to lodge a complaint with a supervisory authority when the data subject is of the opinion that the processing of the personal data pertaining to them is a violation of the EU GDPR.

4. DESCRIPTION OF OTHER PURPOSES

Legitimate interests of the controller pursuant to point (f) of Article 6 (1) EU GDPR

4.1 ADVERTISING / MARKETING

Processing of data subject’s personal data to inform them of business events or new products.

5. NOTE ON THE USE OF COOKIES

We would like to point out that we use cookies when you visit our website for advertising an communication purposes, and to avoid spam.
With regard to the type of data collected and the duration of storage, we refer to the corresponding sections in this data protection declaration.

6. PRIVACY POLICY FOR USAGE OF SOCIAL NETWORKS

6.1 FACEBOOK (LIKE BUTTON)

Our pages have incorporated plug-ins of the social network Facebook, provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook plug-ins are recognisable by the Facebook logo and the Like button on our site. An overview of Facebook plug-ins is available here: https://developers.facebook.com/docs/plugins. When you visit our pages, a direct link is established via the plug-in between your browser and Facebook’s server. In this way, Facebook receives the information that you have visited our site with your IP address. If you click the Facebook Like button whilst logged into your Facebook account, you can link the content of our pages to your Facebook profile, allowing Facebook to assign the visit to our pages to your user account. We would like to point out that as site operators we receive no information either of the content of the transmitted data or on its use by Facebook. Further information on this matter can be found in Facebook’s privacy policy under https://www.facebook.com/policy.php. If you do not want Facebook to link your use of our pages to your Facebook account, please log out of your Facebook user account.

6.2 LINKEDIN (SHARE BUTTON)

Privacy policy concerning use of a LinkedIn Share button: our pages have incorporated plug-ins of the social network LinkedIn of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter called “LinkedIn”). LinkedIn plug-ins are recognisable by the corresponding logo or the Recommend button. Please bear in mind that the plug-in establishes a link between your corresponding browser and LinkedIn’s server. In this way, LinkedIn receives the information that you have visited our site with your IP address. If you click LinkedIn’s Recommend button whilst logged into your LinkedIn account, you can link content from our pages to your profile page at LinkedIn, allowing LinkedIn to assign the visit to our pages to you or to your user account. We would like to remind you that we receive no information either of the content of the transmitted data or on its use by LinkedIn. Further information on the processing of data or on your legal rights as well as on the settings options can be found at LinkedIn, available to you under https://www.linkedin.com/legal/privacy_policy.

6.3 TWITTER

Our pages have incorporated plug-ins of the social network Twitter. These features are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use Twitter and the function “Re-Tweet”, the websites you have visited are linked to your Twitter account and disclosed to other users. At the same time, data is transferred to Twitter. We would like to point out that as site operators we receive no information either of the content of the transmitted data or on its use by Twitter. Further information on this matter can be found in Twitter’s privacy policy under http://twitter.com/privacy. You may change your data protection settings at Twitter in the account settings under http://twitter.com/account/settings.

6.4 YOUTUBE

Our website uses plug-ins from YouTube, which is managed by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you use a page of ours which includes a YouTube plug-in, a connection is established to the servers of YouTube. In doing so, the YouTube server is told which page of ours you have visited. When you log in to your YouTube account, you allow YouTube to assign your surfing behaviour directly to your personal profile, a feature you can prevent by logging out of your YouTube account. More information on the handling of user data can be found in YouTube’s privacy policy under https://policies.google.com/privacy.

DECLARATION OF CONSENT TO THE PROCESSING OF PERSONAL DATA

A business relationship is not possible without the collection, storage and processing of your personal data. This is done in accordance with the latest statutory regulations on data protection (EU GDPR, 2018). As a result, you consent in your own name that Erne Fittings GmbH may use your personal data, in particular:

• master data (surname, first name, address, email address, phone number),
• bank data
• data on the method of payment

for the following purposes:

• handling of necessary business processes
• invoices and debt collection
• maintaining contact

Furthermore, I consent to the submission of data to:

• Erne Fittings [marketing, accounts]
• banks around the world and authorities

and their vicarious agents.

All contacts and connected services, which you instruct Erne Fittings GmbH to perform in the future, ought to be as effective and time-saving as possible. In order to be able to continue carrying out your particular wishes, we require, for the purpose of optimum support, your consent concerning

• storage of all data of yours mentioned in this declaration beyond the duration of your business relationship with Erne Fittings GmbH and
• for a maximum of 3 years beyond the longest statutory retention period valid for Erne Fittings GmbH

You have the right to withdraw your consent at any time, partly or fully, vis-à-vis Erne Fittings GmbH. You may email us for this purpose (datenschutz@ernefittings.com) at any time.