Privacy policy

The following Privacy Policy informs you about the collection of personal data (hereinafter referred to as “Data”) when using our website. Personal data is all data that can be related to you personally, such as name, address, email addresses or user behaviour.

Our Privacy Policy is structured as follows:

1. Information about us as the controller
2. Your rights

III.        Information on data collection

1. Information about us as the controller

The data controller pursuant to Art. 4 para. 7 of the EU General Data Protection Regulation (GDPR) is

Elkaderm GmbH

Annabergstrasse 105-107

Gewerbepark Mersch

45721 Haltern am See, Germany

Managing Director: Günter Irmen

Phone: +49 (0)2364 50238-0

Fax: +49 (0)2364 50238-29

Email: info@elkaderm.com

Data protection officer:

You can reach our data protection officer at datenschutz@elkaderm.com or our postal address by including the line “the data protection officer” in your mail.

1. Your rights
2. You have the right:

• Under Art. 15 of the GDPR to request information about your personal data processed by us. In particular, you may request information about the purposes of the processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right of rectification, erasure, restriction of processing or to object, the existence of a right of appeal, the origin of your data if it has not been collected by us, as well as the existence of an automated decision-making process including profiling and, if applicable, meaningful information on its details;
• Pursuant to Art. 16 of the GDPR, to demand immediate correction of incorrect or incomplete personal data stored by us;
• Pursuant to Art. 17 of the GDPR, you have the right to demand the deletion of your personal data stored by us, unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation for reasons of public interest or for the assertion, exercise or defence of legal claims;
• Pursuant to Art. 18 of the GDPR, you have the right to request the restriction of the processing of your personal data insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse its deletion, and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing pursuant to Art. 21 of the GDPR;
• Pursuant to Art. 20 of the GDPR, you to receive the personal data you have provided to us in a structured, common and machine-readable format or to request transmission to another responsible party;
• Pursuant to Art. 7 (3) of the GDPR, to revoke your consent to us at any time. As a result, we may no longer continue processing the data based on this consent in the future and,
• pursuant to Art. 77 DSGVO, complain to a data protection supervisory authority about the processing of your personal data by us.

  The competent supervisory authority is:
  Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen

Kavalleriestr. 2–4

40213 Düsseldorf, Germany

Phone: +49 (0)211 38424-0

Fax: +49 (0)211 38424-999

Email: poststelle@ldi.nrw.de

2. Right to object

Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if, in particular, the processing is not necessary for the performance of a contract with you, as set out by us in the following part of the Privacy Policy. When exercising such an objection, we will ask you to explain the reasons why we should not process your personal data. In the event of your justified objection, we will examine the merits of the case and either discontinue or adapt the data processing or show you our compelling legitimate grounds on the basis of which we will continue the processing.

 

3. Cancellation

Should you have given us consent to process your data, you may revoke this consent at any time. Such a revocation will affect the permissibility of processing your personal data after you have communicated said revocation to us.

 

 

 

III. Information on data collection

 

1. Collection of personal data when visiting our website
2. a) When simply using our website, we only collect the personal data that your browser transmits to our server. For this purpose, we use the services of the web hosting provider Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4-6, 32339 Espelkamp, in order to be able to provide our website securely and efficiently. A data processing agreement was concluded for this purpose. If you wish to view our website, we collect the following data, which are technically necessary for us to display our website to you and to guarantee stability and security:

• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status/HTTP status code
• Amount of data transferred in each case
• Website from which the request comes
• Browser
• Operating system and its interface
• Language and version of the browser software.

1. b) Once you have left our website, your IP address will be stored for a maximum of seven days for the purpose of recognising and warding off attacks; all other data listed under c) will be stored in anonymised form and deleted after 6 weeks at the latest.

1. c) Art. 6 (1)1 lit. f of the GDPR serve as the legal basis.

2. The use of cookies

Our website does not store cookies.

3. Order form

(1) Should you order the sample set for a fee using the order form, the data you provide will be used to process your order. The data provided is necessary for processing your order.

(2) The purpose of the order form is to process the order for the sample set. Your personal data from the order will be passed on to our shipping service provider for the purpose of delivery and to our tax advisor and, if applicable, auditor for accounting purposes (legal basis is Art. 6 (1)1 lit. b of the GDPR). If required for legal reasons, we will forward any and all necessary data to debt collection agencies or solicitors (legal basis is 6 (1)1 lit. f of the GDPR). In the event that your data is stored on our servers, our IT service providers may have access to it should this be necessary for technical reasons. (Art. 6 (1)1 lit. f of the GDPR serve as the legal basis. We have concluded an agreement for the processing of data with our service providers.

(3) We store personal data that we process with regard to contracts and payments and accounting purposes within the framework of the retention periods under tax law and commercial law.

4. Contact requests

(1) If you contact us via the contact form or email, the data you provide will be used to process your enquiry. The information provided is necessary for processing and answering your request.

(2) The purpose of the contact form is to process customer enquiries. Your data will be deleted as soon as your enquiry has been finally answered and there are no legal obligations to retain the data, e.g. in the case of subsequent contract processing.

(3) Art. 6 (1) 1 lit. b of the GDPR serve as the legal basis for this type of data processing.