Privacy Statement

Kemitron GmbH, Updated: May 2018

We consider the protection and security of your personal data as the operator of the Internet pages and online shop, available at www.kemitron.de or www.kemitron.com and www.kemitron.eu (hereinafter also “Website”) to be of great importance. In the collection, processing and use of your personal data, the protection of your privacy and compliance with the requirements of data protection is of particular concern to us. Your personal data will therefore be processed exclusively in compliance with the data protection regulations, in particular the provisions of the General Data Protection Regulation (DSGVO) and the German Federal Data Protection Act (BDSG).

In the following, we inform about the collection of personal data, when using our website and the online shop there. Personal data is all data that is personally associable to you, e.g., name, address, e-mail addresses and user behavior.

With regard to the terminology used, e.g. “Processing” or “Responsible”, we refer to the legal definitions in Article 4 of the General Data Protection Regulation (DSGVO).

Our privacy policy must be read in conjunction with other legal notices and terms of use provided on other pages of our website.

  1. Name and contact details of the person responsible for processing

Responsible person, according to Article 4 (7) DSGVO, with respect to the personal data collected on this website is:

Kemitron GmbH
An den Kiesgruben 14
73240 Wendlingen, Germany

Tel: +49 (0) 7024/95060
Fax: +49 (0) 7024/950630
E-Mail: info@kemitron.de
www.kemitron.de

  1. Collection and storage of personal data, as well as purpose and legal basis for its processing

a) When visiting our website

In the case of merely informative use of our website, if you do not register or otherwise provide us with information, we will collect only the personal data that your browser transmits to our server (server log files). If you wish to view our website, we collect the following data that is technically necessary for us to display our website, to ensure its stability and security, and to perform other administrative tasks. The legal basis for this is Article 6 (1) f) DSGVO. The following information is collected without any action and is stored temporarily in a so-called log file: IP address, date and time of the request, content of the request (name and URL of the retrieved file), access status/HTTP status code, website from which the request comes (referrer URL), browser used and possibly the operating system of your computer, the name of your access provider and the amount of data transferred. In addition, we use cookies, as well as certain services and analysis services, when visiting our website. Further details can be found in sections 6 to 10 of this Privacy Policy.

b) Using our electronic contact options

When you contact us by e-mail or through a contact form provided on our website, we will store the information you have provided in order to answer your questions or to process requests. It is hereby necessary to provide a valid e-mail address, so we know from whom the request came and to be able to answer it. Further information can be provided voluntarily. The processing of data for the purpose of establishing contact and starting a business with us is generally based on your voluntarily granted consent (Article 6 (1) a) DSGVO). We delete the data that arises in this context after the storage is no longer required or limit the processing, if there are statutory retention requirements.

c) Orders via our webshop

You can place orders either as a guest through our website without registering permanently or by registering in our webshop by creating a customer account for future orders.

Creating a customer account:
If you decide to set up a personal account, the registration process will collect various data and voluntarily provided information (such as name, address, company, telephone number, e-mail address, as well as payment information, such as bank- or credit-card details and delivery modalities, such as delivery addresses and order information) through the designated form and use it to manage your customer account and provide related additional functions (such as delivery address management and order-status verification). By creating a customer account, you agree to a revocable storage of the data entered by you, so that, in case of a future order, you can log in directly with your e-mail address and password in our shop, without having to enter your contact information again. However, you can also place orders in our online shop without a personal customer account.

Order without creation of a personal customer account: During the ordering process, various data and voluntarily provided data (such as name, address, company, telephone number, e-mail address and payment information, such as bank details or credit-card information and delivery conditions, such as delivery addresses and order information) will be collected via the provided form.

Purposes of the data processing:

The collection of this data takes place,

  • to identify you as our customer;
  • to process, fulfill and handle your order;
  • for correspondence with you;
  • for advising;
  • for invoicing;
  • for the settlement of possible liability claims, as well as the assertion of any claims against you;
  • to ensure the technical administration of our website;
  • to manage our customer data;
  • to provide you with additional features, when creating a customer account, such as the management of delivery addresses and the ability to check the order status.

Legal basis:
As part of the ordering process, you accept the validity of this Privacy Policy and hereby consent to the processing of the personal data provided by you in the context of the order/creation of the customer account for the aforementioned purposes (consent Article 6 (1) a) DSGVO). In addition, processing for the stated purposes is necessary for the proper processing of your order and for the reciprocal fulfillment of obligations under the purchase contract (requirement for fulfillment of the contract Article 6 (1) b) DSGVO). If necessary, we process your data beyond the actual performance of the contract for the protection of legitimate interests of us or third parties, unless outweighed by the interests or fundamental rights and freedoms, which require the protection of personal data, of the affected person. (Protection of legitimate interests Article 6 (1) f) DSGVO)

Examples:

– examination and optimization of procedures for needs analysis and direct customer approach, including customer segmentation

– advertising or market and opinion research, as long as you have not objected to the use of your data

– assertion of legal claims and defense in legal disputes

– ensuring the IT security and IT operations of our company

– preventing crime

– building and facility security measures (e.g., access control)

– real-property law enforcement measures

– measures for business control, as well as services and products development

– risk control

If you have given us a consent for the processing of personal data for specific purposes, the legality of this processing on the basis of your consent is given (consent under Article 6 (1) a) DSGVO).

  1. Duration of data storage

We process and store your personal data as long as and to the extent necessary to fulfill our contractual and legal obligations. If the data is no longer required for the fulfillment of contractual or legal obligations, it is deleted on a regular basis, unless you have entered into further storage pursuant to Article 6 (1) sentence 1 a) DSGVO consent or its–limited–further processing is required for the following purposes:

– Compliance with commercial and tax retention periods: In particular, the German Commercial Code, the German Tax Code, the German Criminal Code and the German Money Laundering Act. The deadlines there for storage and documentation are two to ten years.

– Preservation of evidence under the statute of limitations. According to paragraphs 195 et seq. of the German Civil Code (BGB), these limitation periods can be up to 30 years, whereby the regular limitation period is three years.

  1. Recipients of the data

Within our organization, those entities gain access to your data, which they need to fulfill our contractual and legal obligations. If, in the course of our processing, we disclose data to other persons and companies (contract processors or third parties), transmit them or otherwise grant access to the data, this will be done only if and insofar as
(i) legal provisions permit this (e.g., transmission of the data to third parties pursuant to Article 6 (1) b) DSGVO for the purpose of fulfilling the contract or safeguarding our legitimate interests, pursuant to Article 6 (1) f), is necessary, such as the use of external delivery services, payment processing banks and other agents, the use of webhosters, etc.),
(ii) there is a legal obligation,
(iii) you have consented,
(iv) and/or a processor commissioned by us guarantees the compliance with the provisions of the EU General Data Protection Regulation/the German Federal Data Protection Act (Article 28 DSGVO) in a parallel way. Data transmission to countries outside the EU/EEA (so-called third countries) or to international organizations only takes place as far as this is necessary for the processing of your orders, legally required (e.g., tax reporting obligations), you have given us consent or part of a data-processing order. Subject to legal or contractual permissions, we process or have the data processed in a third country only in the presence of the special conditions of Article 44 et seq. DSGVO. That is, the processing occurs, for example, on the basis of specific guarantees, such as the officially recognized data-protection level corresponding to the EU (e.g., for the US through the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called “EU standard contractual clauses”). The current EU standard contract clauses are available at www.eur-lex.europa.eu. Depending on a payment option offered by us, in the course of the ordering process, we will obtain your consent to the transfer of your data to third parties, in particular to the following payment-service providers. When paying by means of a payment method offered by PayPal, the payment is processed via the payment service PayPal (Europe). We give your contact and payment details in the context of the payment to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”). The personal data transmitted to PayPal is usually first name, last name, address, telephone number, IP address, e-mail address or other data required for order processing, as well as data related to the order, such as the number of articles, article number, invoice amount and taxes in percent, billing information, etc. This transfer is required to process your order, using the payment method you have selected, in particular to confirm your identity, and to administer your payment and customer relationship. Regarding the types of payment credit card via PayPal, direct debit via PayPal or “purchase on account” via PayPal, PayPal reserves the right to carry out a credit check. The result of the credit check with respect to the statistical probability of default is used by PayPal for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). Insofar as score values are included in the results of the credit rating, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of score values includes, among other things, address data. The PayPal Terms of Use are available at https://www.paypal.com/en/webapps/mpp/ua/useragreement-full or – if the customer does not have a PayPal account and payment processing is without a PayPal account – at https://www.paypal.com/de/webapps/mpp/ua/privacywax-full. If you choose the “amazon-pay” payment method, payment will be processed via the payment service provider Amazon Payments Europe s.c.a., 5 Rue Plaetis, L-2338 Luxembourg (hereinafter “Amazon”), subject to the Amazon Payments Europe User Agreement, available at https://payments.amazon.de/help/201751590. If the customer selects “amazon-pay” as the payment method in the online order process, he also issues a payment order to Amazon by clicking on the button that concludes the order process.

  1. Your complainant rights

Each affected person has the right to information under Article 15 DSGVO, the right to correction under Article 16 DSGVO, the right to deletion under Article 17 DSGVO, the right to restriction of processing under Article 18 DSGVO, the right to object under Article 21 DSGVO and the right to data portability under Article 20 DSGVO. With regard to the right to information and the right to deletion, the restrictions under sections 34 and 35 BDSG apply. In addition, there is a right of appeal to a data protection supervisory authority (Article 77 DSGVO in conjunction with section 19 BDSG). You may revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent that were given to us before the effectiveness of the EU General Data Protection Regulation, i.e., before 25 May 2018. Please note that the revocation applies only for the future. Processing that occurred before the revocation is not affected. If you would like to exercise your right of revocation, it is possible in any form; for example, an e-mail to info@kemitron.de is sufficient.

  1. Cookies

We use cookies on our website. These are small files that your browser automatically creates and are stored on your device (laptop, tablet, smartphone, etc.), when you visit our website. Cookies do not harm your device, do not contain viruses, Trojans or other malicious software. In the cookie, information is stored that results in connection with the specific end device used. However, this does not mean that we are immediately aware of your identity. On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our page. In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our site again to take advantage of our services, it will automatically recognize that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them. On the other hand, we use temporary cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer. These cookies allow us to automatically recognize that you have already visited us when you visit our site again. These cookies are also automatically deleted after a defined time. The data processed by cookies are required for the purposes mentioned in order to safeguard legitimate interests, according to Article 6 (1) f) DSGVO. You can configure your browser setting according to your wishes. For example, you may delete the cookies in your browser’s security settings or decline to accept third-party cookies or all cookies. Please be aware that you may not be able to use all features of this site.

  1. Google Maps

We include maps of the “Google Maps” service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (hereafter “Google”). Each time Google Maps is called, Google sets a cookie to process user settings and data, when viewing the page that has the Google Maps component integrated. This cookie is usually not deleted by closing the browser but will expire after a certain amount of time, unless it is manually deleted by you. If you disagree with the processing of your data, you may disable the “Google Maps” service and prevent the transmission of data to Google in this way. To do this, you must disable the Java Script function in your browser. However, please note that in this case you will not be able to use “Google Maps” or only to a limited extent. Use of “Google Maps” and information obtained through “Google Maps” is governed by the Google Terms of Use http://www.google.com/intl/en/policies/terms/regional.html and the additional terms and conditions for “Google Maps” https://www.google.com/intl/en_uk/help/terms_maps.html. Privacy Policy: https://www.google.com/policies/privacy/

  1. Google Analytics

For the statistical recording and evaluation of the use of our website and for the purpose of its needs-based design and continuous optimization, we use, on the basis of Article 6 (1) sentence 1 f) DSGVO Google Analytics, a web analytics service provided by Google Inc. (https://www.google.com/intl/en/about/) (1600 Amphitheater Parkway, Mountain View, CA 94043, USA, hereafter “Google”). In this context, pseudonymized usage profiles are created, and cookies (see No. 6) are used. The information generated by the cookie about your use of this website, in particular (i) browser type/version, (ii) the operating system used, (iii) the referrer URL (the previously visited page), (iv) the host name of the accessing computer (IP address) and (v) time of the server request are usually transmitted to a Google server in the US and stored there. The information is used to evaluate the use of the website, to compile reports on website activity, and to provide other services related to website activity and Internet usage for the purpose of market research and customization of these websites. This information may also be transferred to third parties, if required by law, or if third parties process this data under order. Under no circumstances will your IP address be merged with other data provided by Google. The IP addresses are always anonymized, so that an assignment is not possible (IP masking). For this, we use Google Analytics with the extension “_anonymizeIp()”. Thereby, IP addresses are processed shortened, and a person-relatedness can be excluded. Insofar as the data collected about you is assigned a personal reference, it will be immediately excluded and the personal data will be deleted immediately. In the exceptional cases in which personal information is transferred to the US, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US Framework. You can prevent the installation of cookies by setting the browser software accordingly; however, we point out that in this case not all features of this website may be fully used. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en). As an alternative to the browser add-on, especially for browsers on mobile devices, you can prevent the collection by Google Analytics by clicking on this link. An opt-out cookie will be set that will prevent the future collection of your data when you visit this website. The opt-out cookie is valid only in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. For more information about privacy related to Google Analytics, see the Google Analytics Help Center (https://support.google.com/analytics/answer/6004245?hl=en).

  1. Google Web Fonts

This site uses so-called web fonts, provided by Google, for the uniform representation of fonts. When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. To do this, the browser you use must connect to Google’s servers. As a result, Google learns that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a consistent and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Article 6 section (1) f) DSGVO. If your browser does not support web fonts, a default font will be used by your computer. More information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s Privacy Policy: https://www.google.com/policies/privacy/.

  1. Social Media Plugins

We rely on our website on the basis of Article 6 (1) sentence 1 f) DSGVO Social Plugins of social networks (e.g., Facebook, Twitter, Google+, Instagram, Xing, LinkedIn, Pinterest) to make our company better known. The underlying commercial purpose is to be regarded as a legitimate interest within the meaning of the DSGVO. Responsibility for the operation compliant with data protection is to be guaranteed by their respective providers. The integration of these plugins by us takes place by way of the so-called two-click method to protect visitors of our website in the best possible way.

a) Facebook

On our website, social media plugins from Facebook are used to personalize its use. For this we use the “LIKE” or “SHARE” button. This is an offer from Facebook. If you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and incorporated by it into the website. By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are currently not logged into Facebook. This information (including your IP address) is transmitted from your browser directly to a Facebook server in the US and stored there. If you are logged into Facebook, Facebook can assign the visit to our website directly to your Facebook account. If you interact with the plugins, for example by pressing the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information will also be published on Facebook, visible to anyone. Facebook can use this information for the purpose of advertising, market research and tailor-made Facebook pages. For this purpose, Facebook uses user-, interest- and relationship-profiles to, for example, evaluate your use of our website in relation to the advertisements displayed on Facebook, to inform other Facebook users about your activities on our website, and to provide other services related to the use of Facebook. If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website. For the purpose and scope of the data collection and further processing and use of the data by Facebook, as well as your related rights and settings options for the protection of your privacy, please refer to the privacy policy, in particular the data policy of Facebook, which you can view at the following link: https://www.facebook.com/about/privacy/

b) Twitter

On our website, plugins of the short-message network of Twitter Inc. (Twitter) are integrated. The Twitter plugins (tweet button) can be recognized by the Twitter logo on our site. An overview of tweet buttons can be found at this link on Twitter: https://dev.twitter.com/web/tweet-button. If you visit a page of our website that contains such a plugin, a direct link between your browser and the Twitter server is established. Twitter hereby receives the information that you have visited our site with your IP address. If you click on the Twitter “tweet button”, while logged into your Twitter account, you can link the contents of our pages to your Twitter profile. This allows Twitter to associate your visit to our pages with your user account. We point out that we, as the provider of the pages, are not aware of the content of the transmitted data and their use by Twitter. If you do not want Twitter to associate your visit to our pages, please log out of your Twitter account. More information can be found in the privacy policy of Twitter, which you can see here: https://twitter.com/privacy

c) Google “+1” button

We use on our site the “+1” button of the Google+ provider of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, hereafter “Google”. Each time you visit our website, which has such a “+1” component, this component causes the browser you are using to download a corresponding representation of the component from Google. Through this process, Google is informed about which specific page of our website is currently being visited. According to Google, your visit will not be further evaluated if you are not logged into your Google Account. When you visit our site and you’re logged into Google, when you confirm the “+1” button, Google may collect information about your Google Account, the website you recommend, your IP address, and other browser-related information. This way, your “+1” recommendation can be saved and made public. Your hereby given Google “+1” recommendation can then be displayed as a reference along with your account name and, if applicable, your photo stored on Google in Google services, such as search results or in your Google account or in other places, such as, for example, on websites and in advertisements in the Internet. Further, Google can associate your visit to our site with your data stored on Google. Google records this information also to further improve Google services. Therefore, if you want to prevent the aforementioned collection by Google in the best possible way, you must sign out of your Google Account, when visiting our website. You can access Google’s “+1” button privacy policy with all other information about Google’s collection, disclosure and use of data, your related rights, and profile setting options here: https://developers.google.com/+/web/buttons-policy

d) Instagram

Our website also uses Instagram social plugins operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are marked with an Instagram logo, for example, in the form of an “Instagram camera”. When you visit a page of our website that contains such a plugin, your browser connects directly to Instagram’s servers. The content of the plugin is transmitted directly to your browser by Instagram and integrated into the site. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are currently not logged into Instagram. This information (including your IP address) is sent from your browser directly to an Instagram server in the US and stored there. If you are logged into Instagram, Instagram can instantly associate your visit to our website with your Instagram account. If you interact with the plugins, for example, press the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there. The information will also be posted on your Instagram account and displayed there to your contacts. If you do not want Instagram to directly associate the data collected through our website to your Instagram account, you need to log out of Instagram before visiting our website. For more information, please see the privacy policy (https://help.instagram.com/155833707900388) of Instagram.

e) Xing

We use components of the network XING.com on our site. These components are a service of XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany. Each time you visit our website, which has such a component, this component causes the browser you are using to download a corresponding representation of the XING component. To the best of our knowledge, XING does not store any personal data of the user by visiting our website. Likewise, XING does not store IP addresses. In addition, there is no evaluation of the usage behavior via the use of cookies in connection with the “XING Share Button”. Further information can be found in the privacy policy for the XING Share button at: https://www.xing.com/app/share?op=data_protection

f) LinkedIn

We use components of the LinkedIn network on our site. LinkedIn is a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time you visit our website that has such a component, this component causes the browser you are using to download a corresponding representation of the LinkedIn component. Through this process, LinkedIn is informed about which specific page of our website is currently being visited. If you click the LinkedIn “Recommend Button”, while logged into your LinkedIn account, you can link the contents of our pages to your LinkedIn profile. As a result, LinkedIn is able to associate your visit to our pages with your LinkedIn user account. We have no control over the information that LinkedIn collects or the extent of the information collected by LinkedIn. We also have no knowledge of the content of the data submitted to LinkedIn. For details about LinkedIn’s data collection, as well as your rights and settings options, please refer to the LinkedIn privacy notices. These notices can be found at http://www.linkedin.com/legal/privacy-policy

g) Pinterest

We use the social network Pinterest, Pinterest, Inc., 808 Brannan St., San Francisco, CA 94103, USA (hereinafter referred to as “Pinterest”). By clicking the “Pin it” button, Pinterest receives the information that you have accessed the corresponding page of our website. If you are logged into your Pinterest account during this time, Pinterest will also be able to associate your visit with your Pinterest account. Clicking on the “Pin it” button transmits data to Pinterest, which is stored on servers (in the USA). If you wanted to prevent this, you would have to log out of your Pinterest account before clicking on the “Pin it” button. For the scope and purpose of the data collection and further processing and use of the data by Pinterest, as well as your rights and exercisable rights to protect your privacy, please refer to the privacy policy of Pinterest: http://pinterest.com/about/privacy/

  1. Updating and changing the privacy policy

This Privacy Policy was updated in May 2018. Due to the development of our website, our offers or due to changed legal or regulatory requirements, it may be necessary to change this Privacy Policy. The current Privacy Policy can be viewed and printed by you at any time on our website at https://www.kemitron.com/privacy-statement.

Information about your right to object under Article 21 of the EU General Data Protection Regulation (DSGVO)

  1. Case-specific right of objection

You have the right to object at any time for reasons arising from your particular situation against the processing of personal data relating to you, which takes place on the basis of Article 6 (1) e) DSGVO (data processing in the public interest) and Article 6 (1) f) DSGVO (data processing on the basis of a balance of interests); this also applies to a profiling based on this provision within the meaning of Article 4 (4) DSGVO. If you object, we will no longer process your personal information, unless we can establish compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.

  1. Right to object to the processing of data for advertising purposes

In individual cases, we may process your personal data in order to conduct direct mail. You have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising; this applies also to profiling, insofar as it is associated with such direct mail. If you object to the processing for direct-marketing purposes, we will no longer process your personal data for these purposes. The objection can be form-free and should preferably be sent by e-mail to: info@kemitron.de

Note about your own information requirements

As far as we process personal data of your employees, legal bodies or other contact persons/third parties mentioned by you, the data processing takes place basically for the protection of legitimate interests and is allowed under Article 6 (1) sentence 1 f) DSGVO. You, as the responsible person, may have information obligations toward these persons, according to Articles 13, 14 DSGVO, which you may have to fulfill independently.