The protection of your personal data during the collection, processing and use of personal data during your visit to our homepage is very important to us. Your data are protected as part of statutory regulations. Below, we would like to clarify the extent to which personal data are processed on our website in compliance with Article 13 of the General Data Protection Regulations (GDPR).
I. Identity of the Data Controller
1-3, Place Giovanni Da Verrazzano
69009 Lyon, France
Tel. +49 202 4791 406
II. Identity of the Data Protection Officer
If you have any queries about data protection, please contact our external data protection officer:
Mr. Arndt Halbach at GINDAT GmbH
Wetterauer Str. 6
42897 Remscheid, Germany
Tel.: +49 2191 909 430
III. Data processing through the website
Your visit to our website is logged. The following data are transferred by your browser to us:
- The IP address currently used by your PC or your router
- Date and time
- Browser type and version
- Your PC's operating system
- The pages you visit
- The names and sizes of the files you request
- The URL of the referring website, where this applies.
These data are only used for data security purposes, to improve our website and for error analysis based on Article 6 (1)f of the GDPR. For this purpose we collect the IP address of your computer in an anonymised form (truncated to remove the last three characters). You can visit our web pages without disclosing any personal information.
We would like to point out that data transmissions through the Internet (e.g. communication by email) can be subject to security intrusions. It is not possible to ensure seamless protection of data against interception by third parties. Any confidential data should be transmitted to us using a different means, e.g. by post.
Job applications can only be processed by us if submitted to "info(at)stahlwille.fr". If you send your application to a different email address in our company, it will not be recognised as such by our computer system and will not be processed. Please bear in mind that emails are not a secure way of transferring information. Once your application reaches our server using one of the above mentioned email addresses, we undertake to protect your application using a high standard of technical and organisational measures. As it passes through the public Internet on its way to us, we have no influence on your application and cannot guarantee any level of protection for your data. If your dispatching email server supports the STARTTLS protocol, our email server will recognise the STARTTLS protocol and offer transport encryption.
Personal data (e.g. your name, address details and contact details), transmitted to us by you voluntarily, e.g. in connection with an enquiry or for some other reason, are stored by us and used exclusively for corresponding with you and only for the purpose for which you transferred them. These data are processed on the basis of Article 6(1)a; 6(1)f GDPR. In our downloads section, we collect and store personal data for a longer period to ensure your access is maintained over time and we can respond if you have queries about our products.
Through our website it is possible to register for a newsletter. When you subscribe, we will collect your personal data. To confirm that the newsletter subscription was, in fact, sent from your email address, we will send you a confirmation mail. We will not add you to the newsletter distribution list or send you the newsletter until you click the confirmation link. We log the fact that you have subscribed to the newsletter (IP address, date, time). You are free to cancel your subscription to the newsletter by contacting us: you can, for example, click the link included at the end of every newsletter. This information is based on Article 6(1)a GDPR.
Safe data transfer
To protect the security of your data during transmission, we use encryption methods representing the state of the art (such as SSL) via HTTPS.
IV. Recipient of personal details
We sometimes commission external contractors to conduct or manage processes as part of our order management system.
In particular, we have commissioned external service providers to manage dispatch of the newsletters and to host our website.
The legal agreements reached with those service providers are in compliance with Article 28 GDPR, which defines data protection and data security provisions.
V. Data collection by Google Analytics
This website uses Google Analytics, which is a web analysis service from Google Inc. ("Google"). Google Analytics stores cookies, small text files, on your computer to collect information about the way you use our site. The information generated by the cookies relating to your use of the site is normally transferred to a Google server in the USA where it is stored. These data are processed on the basis of Article 6(1)f GDPR.
If the IP address has been rendered anonymous on the website, Google will truncate the address within the Member States of the European Union or other Contracting States in the Agreement on the European Economic Area. In exceptional circumstances, the complete IP address may be transferred to the Google servers in the USA and truncated there. We would like to point out that, on this website, the Google Analytics code has been modified to include "anonymizelp", which ensures the IP address is rendered anonymous.
On behalf of the data controller of this website, Google will use this information to evaluate how you used the site and compile reports on website activity and to render additional associated services to the data controller on website and Internet use. The IP address communicated by your browser in connection with Google Analytics will not be merged with any other data held by Google.
You can prevent cookies being stored on your computer by means of appropriate settings in your browser; however we would point out that this might result in your not being able to use all the functions that this website offers in full. You may also prevent the cookie generating information relating to your use of the website (incl. your IP address) and sending it to Google, thus preventing Google from processing the information, by installing the browser plug-in accessible through this link: http://tools.google.com/dlpage/gaoptout?hl=de
These data are processed on the basis of Article 6(1)f GDPR.
VI. Google Maps
This website uses Google Maps through an API. The provider of that software is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
In order to use Google Maps functionality, it is necessary to store your IP address. That information is normally transferred to a Google server in the USA, where it is stored. The controller of this site cannot influence this data transfer.
Use of Google Maps is in the interests of an attractive representation of our online offerings and helps you to locate the places mentioned by us on the site. This is a legitimate interest as defined in Article 6(1)f GDPR.
VII. Google Tag Manager
Tracking is carried out in accordance with Article 6(1) S. 1f GDPR.
VIII. Social media and plug-ins
Facebook-Plugins (Like & Share-Button)
Our website incorporates plug-ins from the Facebook social network, for which the organisation responsible is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook plug-ins are recognisable on our website by the Facebook logo or the "Like" button. An overview of Facebook plug-ins can be seen here: https://developers.facebook.com/docs/plugins/
If you do not want Facebook to associate your visit to our site with your Facebook user account, please log out of your Facebook user account first.
Our website uses plug-ins from the Instagram social network. The network is operated by Instagram Inc, 1601 Willow Road, Menlo Park, California, 94025, USA. The Instagram plug-in is identified by the Instagram button. If you click this button while logged in to your Instagram account, the STAHLWILLE website you are visiting will be linked to your Instagram profile. We would like to point out that we have no knowledge of the data that are transmitted to Instagram or the purpose for which they are transmitted. For more information about the purpose and scope of the collection, processing or use of the data, see Instagram's Privacy Notice: help.instagram.com/155833707900388
Some of the cookies are deleted immediately when you close your browser (session cookies).
Other cookies will remain on your computer or device and enable the website to recognise your browser again next time you visit the site (persistent cookies).
Data processing in connection with cookies whose sole purpose is to create the functionality of our online services is based on legitimate interest as defined in Article 6(1)f GDPR.
X. Your rights
In accordance with Articles 15 - 21 GDPR, you are entitled to take advantage of the following rights relating to any personal data processed by us, provided the preconditions given in those Articles exist.
Right of access
You are entitled to know whether your personal data are being processed by us and, if so, which.
Right to rectification
You are entitled to insist that incomplete or inaccurate personal data are rectified.
Right to erasure
You have the right to have your personal data erased, in particular where one of the following grounds applies:
- The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed
- You have withdrawn your consent to the processing of personal data
- You have objected to the processing of the personal dat
- Your personal data have been unlawfully processed.
However, there is no right to erasure if the controller has legitimate interests. These may be:
- Personal data for the establishment, exercise or defence of legal claims
- Erasure is not possible because the data must be stored for legal reasons.
Where data cannot be erased, the data subject may have the right to insist on restriction of processing
Right to restriction of processing
You will have the right to restriction of processing of your personal data where one of the following applies:
- You contest the accuracy of the personal data and we then have to verify the accuracy of the personal data
- The processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead
- We no longer need the data but you require them for the establishment, exercise or defence of legal claims
- You have objected to processing pending the verification whether our legitimate grounds as the controller override yours.
Right to data portability
You have the right to receive the personal data which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller without hindrance from us, provided the processing is based on consent or on a contract and the processing is carried out by automated means.
Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Artikel 6 (1), including profiling based on those provisions. Where the processing of your personal data is the result of consent given by you, you have the right to withdraw that consent at any time.
XI. Time limits for the deletion of the data
Where statutory provisions do not define a period of storage, data will be deleted or destroyed when they are no longer required for the purposes of data processing. There are various different storage periods prescribed for personal data, which means that data of relevance to Inland Revenue issues must be retained for 10 years as a rule, and other data subject to commercial law provisions for 6 years as a rule. The duration of storage may be subject to statute of limitations provisions, which may, as a rule, mean three years in compliance with Articles 195 et seq. of the German Civil Code (BGB) or, in certain cases, up to 30 years.
XII. Right to lodge a complaint with a supervisory authority
Under Art. 77 GDPR, each data subject has the right to lodge a complaint with the competent supervisory authority where he or she considers that the processing of his or her personal data is not in compliance with the GDPR. The responsible supervisory authority with regard to data protection issues is the Commissioner for Data Protection for the German state in which our company has its registered office.