Data Protection Information




I. The responsible for the processing of personal dataII. Our Data Protection PrinciplesIII. Our Internet-TochpointsIV. CommunicationV. Analytics, Marketing andTrackingVI. Events and Contests, Trade-fairsVII. Customer ServiceVIII. Safety ActionsIX. Business PartnersX. ApplicantsXI. Data Protection AuthorityXII. List of the Third party providers and their use

I. The responsible for the processing of personal data

We, the inducio GmbH are the provider of the services described below (hereinafter “We” or “Provider”) including the respective processing of personal data. This Data Protection Information provides to you, the user of the services (hereinafter “You”), information about the relevant processing of personal data for all touchpoints where you interact with us.


II. Our Data Protection Principles


In the context of provision of the services described herein and the operation of websites and other touchpoints, we process your personal data in different ways. We are informing you about all of such processing of personal data as well as the principles under which this processing takes place.

We take the protection of your personal data very seriously. Therefore, we process your data with great care and in strict compliance with applicable data protection laws and the individual permissions you may have given to us. We have taken organisational and technical security measures to protect all of our websites, apps and other (digital) touchpoints against the potential risks present in processing personal data. Our partners who support us in the provision of the services must also comply with these provisions.

Please use the contact information provided in this Data Protection Information to contact us either generally or with specific data protection questions and/or enquiries.

There are different laws that regulate Data Protection depending on the country in which you are located. Based on the principles of the European General Data Protection Regulation[1] (“GDPR”), we defined the following basic principles guidelines on how we process and protect your personal data when providing our websites and services :


[1] VERORDNUNG (EU) 2016/679 DES EUROPÄISCHEN PARLAMENTS UND DES RATES vom 27. April 2016 zum Schutz natürlicher Personen bei der Verarbeitung personenbezogener Daten, zum freien Datenverkehr und zur Aufhebung der Richtlinie 95/46/EG


1.       Lawfulness

We only use personal data if such use is lawful, which is the case only if and to the extent that at least one of the following applies:

  • You have given your consent.
  • The use of personal data is necessary for the performance of a contract to which you are party.
  • The use of personal data is necessary for compliance with a legal obligation, e.g., in cases of product safety actions, where we are obliged to inform all our customers.
  • The use of personal data is necessary to protect the vital interests of the person, e.g., in cases where we inform individual customers about product safety issues.
  • The use of personal data is based on a legitimate interest in using personal data and our usage does not adversely affect your data protection rights.

For all processing of personal data, we describe herein, we will also provide the legal reason the processing is based on at the end of each major section as well as in the description of specific third party providers of services we use in Section XII of this data protection information.

2.       Fairness and Transparency

We will inform you about the personal data we collect and why we collect it in a fair and transparent manner in this Data Protection Information. You can access the Data Protection Information directly or via a link when you register and/or at any touchpoint where you interact with us.

Users below the age of 16 should only transmit personal data to us with the consent of their parent or legal guardian. The data protection law that applies in your country may result in different age limits in this regard.

3.       Purpose limitation and data minimization

We only collect and use personal data that we really need and for the purpose that you provided the personal data to us. If we can achieve the purpose with less personal data, we will only use the minimum data required. Nevertheless, at any time, you are free to provide additional personal data, if this would enhance your experience with the services provided.

4.       Types of processing including third parties

IIn cases in which we do not process your personal data directly as data controller (e.g. website hosting, technical services etc.) we contract with third parties who deliver these services on our behalf as data processors. These contracts bind them for the processing of your personal data to secure the lawfulness and security of the processing. This is named a Controller to Processor relationship and is defined in Art. 28 GDPR, where we are the Controller and the respective third party is the Processor. You will find a list of the data processors we engage at the end of this Data Protection Information.

Joint Controllership describes the situation, when multiple parties, we are being one of them, work together to decide how data will be used and managed (Joint Controllers, see Art. 26 GDPR). Joint Controllers need to inform clearly about who is processing which personal data and what obligations each party has taken over regarding the applicable data protection rules. As Joint Controllers agree on their roles and make sure the data subjects (people the data is about) are informed about these roles, we will inform you about these roles and your individual rights for each of the Joint Controllership situations described herein. When we use a third-party service or partner, who is processing personal data as a Joint Controller, we will inform you about the rights and roles accordingly in the third-party providers listing in Section XII at the very end of this document.

Sometimes there is a need to transfer personal data to a third party acting as independent controller who acts in their own name and own account, e.g., using a shipping company to send home appliances to you. In these instances, we agreed with those independent controllers’ minimum data protection standards to protect your personal data.

Our website may also contain links to third party websites, the content of which is not provided or controlled by us. In these cases, we have no control over the processing of your data on these websites or their compliance with data protection regulations, but we will inform you when leaving e.g. our website. Please refer to any privacy information these third parties may provide.

5.       Trans-border processing EU and non-EU

As some of the third parties providing services for us (as described in this document) are not located in your country, the processing of your personal data may also include a trans-border transfer of your personal data. Our aim is only to process personal data within the European Union, so most of the third-party services providers process personal data in European data centres.

If this is technically not possible or if there is another reason, why a processing of personal data may also take place out of the European Union, we follow the principles set out in Art. 44 et seq. GDPR and secure such transfers via contracts (based on specific legal transfer mechanisms), we conclude with such providers or based on an adequacy decision of the Commission of the European Union including the EU-US Data Privacy Framework “DPF”). The information if a provider is participating in the DPF and actively fulfilling the prerequisites, you will also find searchable under:

https://www.dataprivacyframework.gov/s/participant-search 

6.       Security

We will process your data in a manner, which ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. If we use a third party for processing of personal data, we also agree on an appropriate level of technical or organisational measures these providers must adhere to.

7.       User Rights

You have the following rights against us which we comply with in a timely and adequate manner upon receipt of your respective request as outlined below:

  • Your right to request access to your personal data according to Art 15 GDPR: We will inform you whether we hold personal data on you and if so, provide you access to and information about such data.
  • Your right to request rectification of your data according to Art. 16 GDPR: We will correct inaccurate information or complete incomplete personal data, provided this data is necessary for the intended purpose of processing your data.
  • Your right to request deletion of your data according to Art. 17 GDPR: We will delete the personal data we hold abo​ut you. Unless such data are subject to retention periods or retention rights, for example because we need to retain your data to fulfilour contractual obligations or as required by law.
  • Your right to request restricting processing of your data according to Art 18 GDPR: In cases as outlined in Art. 18 (1) GDPR you may request us to block your data. We will process blocked data only further to a very limited extent and if necessary to provide such services or obligations, which performance is necessary after the blocking of your data requested by you.
  • Your right to withdraw consent according to Art. 7 (3) GDPR: For those data processing’s requiring your consent, you can withdraw your consent at any time to prevent future processing of your data. Data Processing’s based on your consent prior to your withdrawal remain valid and lawful.
  • Your right to object to the processing of your data according to Art. 21 GDPR: You can object to future processing of your data, if we are processing your data based on one of the legal justifications set out in article 6 (1e or 1f) GDPR. If you object, we will cease processing your data, unless we have compelling legitimate grounds for further processing which override your interests and rights or for the establishment, exercise or defence of legal claims. The processing of your data for the purposes of direct marketing never constitutes compelling and legitimate grounds for us.
  • Your right to data portability according to Art. 20 GDPR: Where data processing is carried out by automated means and based on consent or contract, we can provide you your data you provided to us in a structured, commonly used and machine-readable format.
  • Your right to appeal to a regulatory authority: You can lodge an appeal pertaining to data protection with a Data Protection Authority. To do so, contact the relevant Data Protection Authority that is responsible for your place of residence or the data protection authority under whose jurisdiction we fall (see Section XI).

If you wish to execute your rights, please use the following e-mail address: datenschutz@inducio.de

8.       Deletion principles

We process your personal data only for defined necessary purposes. Once the purpose(s) of the processing activity elapsed, we will delete your personal data, unless there is a retention requirement or right to retain it for a longer period. This applies to all personal data regardless of how and where it is stored.

There are various local laws, such as tax or commercial laws, which outline the legal requirements for data retention. Additionally, we may retain personal data based on legitimate interests, such as complying with product safety laws to protect customers. We may also retain personal data for business purposes, if the GDPR acknowledges these purposes as justifications for retention, such as keeping customer records to defend against legal claims.

Access to personal data that is held solely for the purpose of fulfilling legal retention periods or rights, after the original purpose for collecting the data no longer applies, will be restricted. This ensures that the personal data is no longer actively used in our business operations.

9.       Data Protection Officer

If you have any questions regarding data protection or if you would like to exercise your rights, our Data Protection Officer (DPO) is here to assist you. You can easily get in touch with our DPO directly by sending a letter or an email using the contact information provided below. They will be happy to address any concerns you may have and guide you through the process of exercising your rights under data protection laws. Please contact:

inducio GmbH

z. Hd. Datenschutz

Kotzingerstr. 21,

D-83278 Traunstein, Deutschland

Email: datenschutz@inducio.de

Telefon: +49 (0)861/901190-72

Fax: +49 (0) 861/901190-79

10.     Changes to this Data Protection Information

This Data Protection Information reflects the current state of data processing on our website/and other touchpoints (e.g. administration, ticket system, social media accounts etc.). In the event of changes to data processing, this Data Protection Information will be updated accordingly. We always provide the latest version of this Data Protection Information on our website so that you can be informed about the scope of data processing via this website.


III. Our Internet-Tochpoints

1.       Websites

a)       Provision of the Website(s) itself

To display the website correctly in your internet browser, we use various technical means to ensure that all content (text, images, videos, etc.) is up to date and displayed properly. The website content is provided directly from our own servers without the use of external Content Delivery Networks (CDN). This ensures that all data processing related to the presentation of the website takes place exclusively within our controlled infrastructure. The data generated in connection with the provision of the website is used solely to display the content in your browser and is deleted immediately after temporary storage necessary for delivery.

b)       Categories of data

For technical reasons, each time your internet browser accesses our website it automatically sends information to our web server (i.e. log data). We store some of this information in log files, such as:

  • Date and time of the access,
  • URL and files of the website accessed, including volume of data transferred,
  • Version of the HTTP protocol used including the type of the operating system,
  • Type and version of the internet browser, and
  • IP address.

The aforementioned log data does not contain personal data. We only analyse log data when required, for example to remedy faults in the operation of our website or to manage security incidents..

In addition, it may be necessary for us to collect the full IP address of the device as well as log data to remedy faults or preserve evidence relating to security incidents.

We delete this data on remediation of the fault, full clarification of the security incident or if the original purpose of the processing is no longer required. In the event of a security incident, we will transmit log data to the investigating authorities on a case-by-case basis, to the extent permitted and necessary.

2.       Our Social Media Pages

a)       General

The protection of your privacy when processing personal data is important to us. We process personal data transmitted to us, which is collected during your visit to our respective social media page (e.g. LinkedIn), confidentially and only in accordance with the statutory provisions.

b)       Categories of data

The social media service processes your personal data as soon as you use our respective social media site. Processing is linked, for example, to the following usage processes:

  • View a page or post or video from a page,
  • Subscribe or unsubscribe to a page,
  • Mark a page or post with "I like" or "I don't like anymore" or similar functions,
  • Recommend a page in a post or comment,
  • Comment on, share or respond to a page post (including the type of response),
  • Hide a page contribution or report as spam,
  • From another site, click on the social media provider or from a Web page outside the social media provider on a link that leads to the page,
  • Move the mouse over the name or profile picture of a page to see a preview of the page contents,
  • Use functions of the social media provider, such as the website, phone number, "plan route" button or any other button on a page,
  • The information whether the login is made via a computer or a mobile device.

c)      Recipients / Categories of recipients

Responsible for the processing of your data via our social media site is the respective operator of the social media site (see examples below) together with us. As far as the processing of these data takes place within our area of responsibility, we are available to you in all questions concerning data protection and the exercise of your rights in accordance with the information in this data protection information. You can find out which personal data is collected by the social media provider, how it is processed and which data protection rights you have vis-à-vis the social media provider in the following data protection guidelines of the social media provider. We have no influence on the data processing by the social media provider.

d)     Data processing by us

On the website provided by us via the social media provider, the social media provider grants us access to the following data categories:

  • The social media provider grants us access to statistical analyses that provide information about the use of our social media website. The analyses visible to us do not allow us to individually analyse the usage behaviour of individuals. We can only view aggregated data (such as number of hits, likes, followers, region of origin, age group, gender, etc.) that tells us about our audience and the use of our social media site. The data of the respective user on which the analyses are based are not transmitted to us.
  • We can set the target group to be reached for the social media website or for individual published articles. The setting is based on general parameters (e.g. age group, language, region, interests) that can be used to align our content with specific groups. It is not possible for us to address or identify individual persons on the basis of the data provided to us by the social media provider.
  • If you contact us directly via the social media provider or interact with us in any other way and consciously transmit personal data (e.g. direct networking with our social media website), we store and process this personal data for the purposes for which you transmitted it to us.
  • We process this data exclusively for the purpose of making content on our social media website known to the target group and to better understand and optimise the use of our social media website.

In addition, we cannot influence the data processing (for the provision of this data upstream) by the social media provider in their area of responsibility.

Please refer to the relevant third-party service provider to find out which personal data is collected by them in detail, how these are processed and which data protection rights you have vis-à-vis the respective social media provider (see Section XII):

3.       Social-Media-Plugins as Hyperlinks

Some content from our website can be shared on social networks as e.g. LinkedIn using integrated social media buttons. All social media buttons that facilitate the sharing of content are integrated using simple hyperlinks rather than social plugins developed by social network providers. This ensures that your details are not automatically transmitted to social network servers as soon as you access our website. In addition, when you share content from our website, we only transmit the information to the social network that is required to share the relevant content (e.g., the link to the content you want to share). We do not transfer personal data in this context.

At the same time, simple links to our websites on social networks can be found as well. If you follow a link from our website to a social network, or if you log in to your social network in order to share content from our website, your data is processed by the provider of the social network in question.

If you are registered and signed in other networks or services that require registration while using our website or individual functions, the respective network/service may collect information about your use or adopt settings, such as videos played/playing status. However, this data is collected solely by the respective network/service in its own data protection responsibility and processed by the respective provider.

For information about the purpose and scope of data collection, further processing and use by the respective network provider, as well as your associated rights and settings options for protecting your privacy, please refer to the Data Protection Information made available at the website of the respective provider.

4.       User-Generated Content (UGC) from Social Media

UGC from social media allows us to share content created by customers and published on social media or other channels, such as text, images, videos, and reviews, with our social networks. We will obtain rights to your content through a separate licence agreement. When using such UGC, various types of personal data can be connected with the UGC. This data may include:

  • Profile information: this may include the username, profile picture, and any other details you directly have provided onyour social media profile.
  • Posts and comments: content that you have posted or commented on, including text, photos, videos, and links, may beprocessed.
  • Location data: if you have enabled location services on your social media account, the location information may be processed when you post or engage with content.
  • Friends/followers data: user's connections or followers on social media may be processed if it is relevant to the user-generated content being utilized.​

Please note that the specific personal data processed can vary depending on the social media platform and the privacy settings chosen by you.

5.       Legal Basis for data handling

We base the above data processing operations on a legal permit in accordance with Art. 6 para. 1 lit. f) GDPR with the exception of UGC which is based on a legal permit in accordance with Art. 6 para. 1 lit. b) GDPR.


IV. Communication


1.       Contacting US

If you contact us outside of a specific contractual relationship (e.g. for the provision of information) or a registration, we provide various, also purely technical contact possibilities via our websites.

In order to be able to process your specific request when making such contact, we may ask you to provide personal data. This includes, for example, your name and email address and other information such as the subject of your request and your message. Optional postal address and/or telephone number can be given. We collect the information requested in order to be able to deal with your request in an appropriate way.

The personal data transmitted to us in this way are used exclusively for the purpose for which you provide them to us when contacting us - in particular the processing of your request. The data will not be used for other purposes or passed on to third parties without your express consent. Excluded from this are - insofar as it is necessary to fulfil your request - the persons and companies (e.g. local service company) involved in carrying out the communication and answering the request.

If there are no legal storage obligations, your personal data will be deleted after the request has been processed.

2.       Telephone contact

You can contact us by telephone. We do not operate a call centre and do not use external call-centre services. Your call is always handled directly by our own employees.

When you call us, we may create a ticket in our internal ticketing system in order to document and process your request. How this is done depends on the type of call:

2.1 Direct calls to employees (no automatic ticket creation)

If you call one of our employees directly (e.g. via their extension or direct-dial number), no ticket is created automatically in our internal ticketing system.

  • A ticket is only created if necessary for processing your request, and then exclusively manually by the employee handling your call.
  • In this case, the employee may enter your personal data in the ticketing system, such as:
    • name,
    • contact details,
    • date and time of the call,
    • reason for the call,
    • relevant details discussed (e.g. technical issues, agreements, notes on further steps).

This serves to document and efficiently process your request.

2.2 Priority calls (PRIO) with automatic ticket creation

In certain priority cases (“PRIO”), our telephony system (TK system) automatically creates a priority ticket in our internal ticketing system as soon as the call is received..

  • This applies in particular if your call is classified as a priority call (e.g. via a specially designated priority number or a corresponding configuration of our TK system).
  • In these cases, the TK system automatically creates a PRIO ticket, which is then processed by our employees with the corresponding priority.

For this purpose, the following data in particular may be processed and stored in the ticket:

  • technical call data (e.g. caller number, time and duration of the call),
  • classification as a priority call (PRIO),
  • where applicable, manually added information by the caller (e.g. name, reason for the call, details of the incident) as a voice attachement.

Further processing in both cases (direct and PRIO calls)

  • Ticket and call logging:
    Where a ticket is created (manually or automatically), we log information such as your name (if provided), contact details, the date and time of the call, the reason for your call and relevant details discussed. This information is stored in the internal ticketing system to process your request and to ensure efficient handling of your enquiry.
  • Call recording (optional):
    With your prior consent, we may record calls for quality assurance or training purposes. In this case, audio data will be processed, which may contain personal information shared during the call. Where a recording is made, it can be linked to the corresponding ticket.
  • Internal routing and forwarding:
    Personal data may be processed to assign your ticket or enquiry to the appropriate employee or department based on the nature of your request or your preferences. For this purpose, we may also use technical systems, including artificial intelligence (AI), to categorise enquiries and assign them to the responsible team.
  • Identity verification:
    Our employees may need to process personal data (e.g. name, customer number, contact data) to verify your identity before providing account-specific information or making changes to your data or contracts.
  • Issue resolution and support: 
    To assist you, resolve issues or answer your questions, our employees may access customer records or internal databases. In doing so, your personal data is processed as required to handle your request and to document the outcome in the ticket.

For the technical provision and maintenance of our telephony and internal ticketing systems, we may use IT service providers who act as processors on our behalf. However, these service providers do not operate a call centre and do not conduct customer communication on their own; communication with you takes place exclusively through our own employees.

3.       Chat-Bot

Chat function (if available) allows us to answer your questions about our products and services simultaneously. If you ask a question in the chat, an application will try to answer your questions. By using potentially artificial intelligence (AI), the system may send you relevant links or escalate your concern to a customer service representative in live chat. We use chat-bot to process your request and to improve our business and services. We receive services from a technical service provider to enable chat-bot function on our websites and via other touchpoints.

As part of chat functionality, the following personal data may be processed:

  • Mandatory information to initiate a chat
  • Chat history as a transcript ("transcript")
  • IP address, approximate location, browser type and version, device type, visitor path
  • Usage data (e.g. times of chat start, chat end, chat duration, chat performance data)
  • Other content processed within the chat (e.g. telephone number, email address)

4.       Surveys

We conduct surveys on your satisfaction with our products and services. We may ask you for feedback e.g., via a form on our websites, or send you an email. If we ask you to rate our products and services via email, you may rate them on a scale up to ten points. Further, you may leave comments in a free text field or – as the case may be – leave your phone number to receive call backs concerning your rating and comments. Taking part in these surveys is completely voluntary. We store the data you provide to us in such survey together with your contact details and transactional data related to the product or service we provided to you. We use this data to improve our products and services. Your personal data will be anonymized after 12 months.

If we conduct surveys on our website,-. in general, these surveys are carried out anonymously. If we as an exception do collect your data in the course of a survey, the paragraph above applies.

5.       Newsletter

Our website provides the option of subscribing to our newsletter. We use a double opt-in process to verify whether the owner of an email address has actually registered to receive the newsletter. The newsletter is only successfully subscribed to if the owner of the email address has expressly confirmed the activation of the newsletter by clicking on the link in the confirmation email. We log the completion of the individual stages of the double opt-in process for evidence purposes.

For this purpose, we collect and process data about your use of our email newsletter. When you open an email newsletter from us, a file contained in the email (so-called web beacon) connects to our servers. This enables us to determine whether an email newsletter has been opened and, if so, which content has been clicked. In addition, we collect technical information about your end device with which the contents of the email newsletter are retrieved (e.g. time of retrieval, browser type and operating system). We use this data exclusively for statistical analysis of our newsletter campaigns. If you subscribe to receive our newsletter, and therefore consent to it being sent to you, your details are used to send you the newsletter and analyse your use of the email newsletter. You can withdraw this consent at any time. The relevant link is included in each copy of our newsletter. We will make a note of the fact that you have unsubscribed from the newsletter in our database.

6.       Legal Basis for data handling

Depending on the type of contact you make with us, we base the above data processing operations on a legal permit in accordance with

  • Article 6 para. 1 lit. a) GDPR based on your consent for e.g. telephone contact recordings, and newsletters and surveys without connection to a contractual relationship as well as surveys, where you actively opted in for participation;
  • Art. 6 para. 1 lit. b) GDPR for (pre-)contractual communication e.g. using our telephone contact or chat bots, questions about deliver or returning products;
  • Art. 6 para. 1 lit. f) GDPR in case of contacting us e.g. for the performance of surveys.

V. Analytics, Marketing and Tracking


1.       Analytics

Analytics refers to the process of collecting, processing, and analysing data to gain insights and make decisions. For us, it's like examining trends to better understand how our products and services are used by you. This insight allow us to make our products and services more user-friendly. It also enables us to identify areas for improvement and innovation in our products and services. Our websites integrate with analytics platforms. These platforms provide JavaScript code that is added to the website. This code interacts with cookies or similar technologies to collect data when users interact with our website. As users navigate the website, the analytics code collects data from the cookies/pixels. This data we collect includes information on page views, clicks, time spent on pages, and other relevant metrics.

Analytics platforms aggregate the collected data, providing us with insights into user behaviour and website performance. This aggregated data is used for understanding audience demographics, popular content, and areas that may need improvement.

2.       Marketing and Tracking (including Re-Marketing)

We may collect and use your personal data to send you relevant marketing communications. These communications could include product updates, promotional offers, and newsletters. You can easily manage your communication preferences and opt out if desired.

We also carry out digital marketing activities including retargeting. Retargeting, also known as remarketing, means showing targeting ads to users who have previously interacted with our website or digital content but did not complete an action.

We also carry out digital marketing activities including retargeting. Retargeting, also known as remarketing, means showing targeting ads to users who have previously interacted with our website or digital content but did not complete an action.

Please see Section XII for more information on the providers including information about the specific usage and additional information on provider-specific data protection aspects

3.       Cookies and similar Technologies

Cookies

4.       Legal Basis for data handling

All processing described above, in particular the setting of pixels and cookies for reading out information on the end device used, will only be carried out if you have given us your consent to do so. You can revoke your consent at any time with effect for the future by as described in “Cookie Handling” above. Alternatively, you can use the deactivation page for EU customers at:  http://www.aboutads.info/choices or http://www.youronlinechoices.eu/

We base the above data processing operations on:​

a) Your consent pursuant to Art. 6 para. 1 lit. a) GDPR:

  • Web Analytics & Marketing via Cookies and/or similar technologies

b) a legal permit in accordance with Art. 6 para. 1 lit. b) GDPR:

  • Registration on our website​
  • Comfort registration (Social Sign-On Option)

c) a legal permit in accordance with Art. 6 para. 1 lit. f) GDPR:

  • Technical cookies, which are necessary for the provision of the website
  • Interactive Digital Assistants
  • Technical providing for the presentation of the website (e.g. security functions)
  • Additional website functions (e.g. product videos)
  • log data​
  • Session cookies and persistent cookies for convenience features


VI. Events and Contests, Trade-fairs

1.       Participation in events

When you register for an event, we store and use the information you provide in order to run the event including follow-ups. The data we collect for this purpose depends on the registration form on the specific websites, where you register. Your information is deleted once it is no longer required to run the event or complete any follow-ups. Usually, such registration process will include a confirmation email of your participation, additional email(s) about the organisation/any changes and a follow-up email, which may also include the possibility to provide us feedback..

Some events require to pay the participation fee directly or are completely or partially supervised and carried out by our partners. In such a case you may be redirected to the website of the respective partner. In this case, the relevant payment details (last name, first name, postal address, number of participants, and means of payment) are transmitted to our partner to carry out the event/payment process, provided you have already provided it.

2.       Participation in raffles/contests

When you sign up for a raffle or contest, we store and utilize the information you provide for the sole purpose of organizing and managing the raffle or contest, as well as any necessary follow-ups. The specific data we collect depends on the registration form you fill out on the raffles or contests page.

Rest assured that once the raffle or contest has concluded and any required follow-ups have been completed, we promptly delete your information. We only retain your data for as long as it is necessary to fulfil the purpose of running the raffle or contest and any related activities.

3.       Trade Fairs and similar Events

We participate in both on-site and digital trade fairs. In this context, data processing especially of your contact details occurs in case of:

  • Your wish to receive further information from us subsequently by email or post,
  • The initiation of a business relationship,
  • Your participation in raffles,
  • Your request for newsletters and advertisements,
  • Answering questions related to our products,
  • • Your placement of an order.

Please find additional information in the section “Communication”, “Business Partners” and “Customer Service” in this information, how in detail we may process your personal data depends on the type of context you provide your data.

4.       Legal Basis for data handling

We base the above data processing operations on a legal permit in accordance with Art. 6 para. 1 lit. b) GDPR.

VII. Customer Service

We provide you touchpoints where you can purchase products or services directly via e.g. our websites, technicians and telephone contact. In regard to the processing of personal data, the following interactions may take place when you are using these touchpoints.

1.       Typical Interactions

  • Browsing and product selection: Customers browse through various products or services, comparing features, prices, andreviews before making a decision.
  • Payment and order confirmation: Customers complete the payment process and receive confirmation of their order, including an order number and estimated delivery date.
  • Inquiries and support: Customers may have questions or need assistance regarding products, orders, shipping, returns, or other issues. They can reach out to support through various channels like phone, email or chat.
  • Issue resolution: Support representatives help resolve any problems or concerns raised by customers, such as addressing product defects, order delays, or billing discrepancies
  • Returns and exchanges: Customers may request returns or exchanges for products that have arrived damaged. Support assists in initiating the return process and providing necessary instructions.

2.       Contract

In order to realize your orders and conclude a contract with you, we process the following personal data;

  • Companyname
  • Title
  • First and last name, Department, Full postal address
  • Telephone number
  • E-Mail address
  • Billing information

3.       Payment and Creditworthiness Checks

Your payment data will be transmitted to the respective payment service provider for realizing payment. If you make use of chargeable services, billing data will be processed. Your personal data may in addition be processed for the investigation and prevention of fraud, abuse, security-related incidents and other harmful activities, e.g., for anti-money laundering and criminal prosecution. This is based on compliance with applicable laws (e.g., money laundering prevention) as well as our legitimate interest in limiting the risk of non-payment.

We involve external service providers with tasks connected with payment handling, programming and data hosting. We have carefully selected these service providers and monitor them on a regular basis, especially regarding their diligent handling of and protection of the data that they store. All service providers are obliged by us to maintain confidentiality and to comply with legal requirements. Service providers can also be other companies of the Trianis Holding GmbH.

During check out process, we may initiate creditworthiness checks depending on your selected payment method. We work with creditworthiness check tool provider(s) / agencies and we transmit your order information in order to receive information on such checks. Before we initiate creditworthiness checks, we will provide you a specific information on how we deal with your data on the relevant touchpoint.

4.      Delivery, Withdrawal of an Order and Returns

As part of the delivery process, we use logistic service providers, and your contact details are transferred to our logistic service providers so that they can perform the delivery as well as contact you to arrange deliveries and inform you about delivery problems as they occur. We may also use your order information to plan delivery routes.

You may also be offered to choose a convenient day and time frame you prefer to deliver your orders. In such a case our logistic service providers and suppliers receive your order information to offer you the available date and time. In some cases you can also track status of your products via the tracking link we sent you

The information needed for returns my be a combination of your order ID/order information, company information (e.g. company name / department / addressor email address information) . After you drop off your return parcel at the logistic service provider partner you will receive emails regarding the status of your return and your refund.

5.       Insurance/Warranty Extension​

We collect your company information and optional personal information to facilitate the insurance service you opt for, enhancing your overall customer experience. This includes information necessary for policy creation, claims processing, and communication regarding your insurance coverage.

We may collect details such as your name, contact information, address, and information specific to your purchased product. We will transfer this data to our partners providing the insurance or warranty extension. This ensures that our partners can tailor insurance solutions to meet your individual needs.

6.       Collection Agents

In certain circumstances, it may be necessary to disclose relevant information to a collection agency to facilitate the resolution of outstanding payments.

The disclosure of data to a collection agency is specifically for the purpose of recovering outstanding payments related to our products or services. This ensures the fair and lawful handling of financial transactions.

The information disclosed to the collection agency may include details such as your company name, contact information, billing information, and details of the outstanding payment. This information is limited to what is necessary for the collection agency to perform its services effectively.

7.       Registering on our website / Customer Plattform

You can register on our website to use our helpdesk-services. We collect and process the following details as part of the registration process:

Required details: Company name, company address, VAT-ID, company telephone number, company email address. title, first and last name, , work telephone number (mobile or landline), work email address, Password.

We store registered users' data until the user requests to delete the account or the account is not longer necessary for the working partnership.

8.       Legal Basis for data handling

We base the above data processing operations on:​

a) A legal permit (performance of a contract) in accordance with Art. 6 para. 1 lit. b) GDPR:

  • Registration on our website​
  • Insurance/Warranty extension
  • Delivery (including delivery arrangements, tracking and returns)
  • Customer Service
  • Product/service-information by email
  • Data processing for address verification
  • Collection Agents

b) A legal permit (legitimate interest) in accordance with Art. 6 para. 1 lit. f GDPR:

  • Creditworthiness Checks



VIII. Safety Actions


1.       Product recall

In the event of a product recall, we take proactive measures to ensure the safety of our customers. If you are affected by a product recall, we will notify you via contact information you provided to us, e.g. via email, to provide you with important information. To facilitate this communication, we utilize the contact data and assigned product information stored in our customer database

It's important to note that such a recall will be a one-time data processing activity specifically for the purpose of informing you about the product recall. We prioritize the security and confidentiality of your data throughout this process. Rest assured that your information is used solely for the purpose of addressing the product recall and will not be shared or used for any other purposes.

By promptly notifying you about product recalls, we aim to protect your safety and ensure that you have the necessary information to take appropriate action.

2.       Security updates

We prioritize data protection and security, and we are committed to continuously improving the security features of our products. To address any potential vulnerabilities that may emerge over time, we regularly offer security updates. These updates are crucial for maintaining the integrity and security of your products.

We strongly recommend that you regularly appoint us to install these security updates. By doing so, you can ensure that your appliances remain safeguarded against potential security threats. Neglecting to install these updates may expose your personal data and connected devices to unauthorized access or compromise.

3.       Specific deletion period

Personal data relevant for product safety actions will be subject to a centrally applied, specific deletion period of 30 years. After the standard deletion period has expired, this data will be transferred to a separate access-restricted archive for further storage. If you place a deletion request via our website (see Section I above), your data will also be deleted from this safety archive on a regular timely basis.

4.       Legal Basis for data handling

We base the above data processing operations on:

a) Your consent pursuant to Art. 6 para. 1 lit. b) GDPR:

  • Security updates.

b)  A legal permit in accordance with Art. 6 para. 1 lit. c) GDPR:

  • Obligatory product recall.

c)  A legal permit in accordance with Art. 6 para. 1 lit. d) GDPR:

  • Voluntary product recall.



IX. Business Partners


1.       General

a)       Contractual relationship with business partners

The following data protection information applies to you if you are our business partner or a legal representative, employee, shareholder or economic beneficiary of a business partner. Business partners are legal or natural persons who are in negotiations with us to establish a business relationship or who are already party to a corresponding business relationship with us. Contracts relating to employment or training relationships are expressly excluded.

b)       Categories of data

Which data is processed in detail depends largely on the agreed services and the subject of our business relationship. Therefore, not all parts of this information will be relevant to you.

As a rule, we collect your data from you. However, in certain constellations it may also be necessary, due to legal regulations or legitimate interests (e.g. in the context of business partner compliance checks), to process personal data that we receive from other companies, tax offices, authorities, credit agencies, insolvency registers, publicly accessible sources (internet research) or other third parties. Relevant personal data may include:

  • Personal data (e.g. first name/last name, address and other contact data, date and place of birth and nationality)
  • legitimation and authentication data (e.g. excerpts from the commercial register, identification data, specimen signature)
  • company, as well as position, position and department in the company, supervisor
  • data within the scope of our business relationship (e.g. payment data, data on orders)
  • data on company structures and ownership
  • log data​
  • user name and identification, user ID,
  • compliance-relevant data (e.g. information on references, information on insolvencies
  • negative reporting, check for sanction listings
  • information on criminal investigations relating to the subject matter of the service
  • other data comparable with the aforementioned categories.

When concluding a contract, we may collect data on your creditworthiness from credit agencies in order to fulfil the above-mentioned legitimate interests. We use the credit agencies' data on creditworthiness to check your creditworthiness. The credit agencies store data that they receive from banks or companies, for example. You can obtain information about the data stored about you directly from the credit agencies.

Insofar as you conclude a contract with us by means of a digital signature, we process your related data (in particular email address, IP address, times at which you processed the respective contract document). In addition, it is possible to sign certain contracts with a so-called qualified electronic signature. In this case, we also process the certificate data of your signature in addition to the categories mentioned. This data is accessible to all persons involved in the approval and signing of the contract.

c)       Recipients/Categories of recipients

Within our company, the departments that receive access to the data you have provided are those that need it to fulfil contractual or legal obligations or to fulfil legitimate interests or have been approved by you in the separate declaration of consent.

Within the framework of the contractual relationship, for the fulfilment of legal obligations and for the protection of legitimate interests, authorities or service providers also receive access to your personal data.

Compliance with data protection regulations is contractually ensured. The data may also be transferred to companies within the Trianis Holding GmbH in order to fulfil contractual obligations.

If you have concluded a framework agreement with the whole Trianis Holding GmbHas an authorised service recipient, the respective procurement and purchasing departments of Trianis Holding GmbH have access to the business partner data relevant for contacting you and the national compliance departments of the Trianis Holding GmbH companies each have access to the business partner compliance check data. Outside our group of companies, the data will only be passed on if we are legally obliged to do so (e.g. official investigations).

2.       Legal Basis for data handling

We base the above data processing operations on:​

a) a legal permit in accordance with Art. 6 para. 1 lit. b) GDPR:

  • Use our website as a business partner (pre-contractual and contractual use)

b) a legal permit in accordance with Art. 6 para. 1 lit. f GDPR:

  • Use our website as business partner (surveys, invitation to events, congratulations and Christmas cards)
  • Selection of a suitable business partner (e.g. intermediary check)


X. Applicants

As an applicant to a job-offer, you may use one of our touchpoints to submit your data to us. In addition to information provided directly on the relevant touchpoint (e.g. job page), we inform you below about our general handling about such personal data.

1.       General

We use your applicant data

  • to identify you as an applicant
  • to contact you
  • to carry out the application procedure

Your personal data will be transmitted to

  • our employees responsible for your application
  • if applicable, our service providers for the technical support of the application / applicant portal / job platform
  • if applicable, our postal and logistics service providers.

Your personal data will be deleted as mentioned in the respective applicant site, unless we have received your consent to keep your data longer, e.g. for processing in an applicant pool. In case there are legal or contractual obligations to retain such data, your data will be stored as long as it is required to fulfil these legal/contractual obligations, but access to your data will be restricted. For statistical purposes, some data points resulting e.g. from the application procedure will be anonymized and processed further after your personal data was deleted.

2.       Legal Basis for data handling

We base the above data processing operations on your consent pursuant to Article 6 para. 1 lit. a) GDPR for retention of applicant data beyond the regular deletion period or a legal permit in accordance with Art. 6 para. 1 lit. b) GDPR for regular processing.

XI. Data Protection Authority

Germany: Bavarian Data Protection Authority (BayLDA), http://www.baylda.de


XII. List of the Third party providers and their use


  • LinkedIn as a business network is provided by the following entities:

​o for countries of the European Union (EU), the European Economic Area (EEA) and Switzerland: LinkedIn Ireland Unlimited ​Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland and

​o for all other countries: LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA.

  • Google is providing several services which are used or can be used via our websites. These services are provided by

​Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland

You can find general information on how personal data is processed when Google tools are used via the following link https://policies.google.com/privacy. Opt-out: To permanently prevent the collection of usage data, Google offers a plugin for various Internet browsers: http://www.google.com/settings/ads/plugin. To disable only interest-based ads, you can block the use of third party cookies or cookies from the "www.googleadservices.com" domain or disable interest-based ads using this link atwww.googleadservices.com https://support.google.com/ads/answer/2662922?hl=en-GB

We are using the following Google tools in the following specific way:

  • YouTube for the presentation of videos on our websites. If you declined the use of cookies via the cookie banner, you may be ask to consent separately for consent before the display of such videos on our website. Only if you consented, any possible data transfer will start.
  • YouTube as social media provider, where we present videos on different YouTube Channels. Please see the privacy information stated above when using such channels.
  • Google reCAPTCHA: In order to protect your website interactions, such as logins or registrations, we perform risk assessments on website users, we use Google reCAPTCHA for these purposes. These assessments use cookies and collect personal information. However, Google may only set cookies and use personal information with users' prior consent, which can be given via the Cookie Layer.
  • Google Maps as service for location and mapping services, whereby only such data is used, you provide in using that service. A proximate location is used to show e.g. partners near your location or verify the postal code for service requests..
  • Google GA4-Technologie is used by us (only if you gave your cookie consent), to implement server side tracking as similar technology to cookies. In using that tool, we do not send usage data or similar data to Google, but use the tool to send statistical and/or event-based information of the website use to our servers. This data is processed by us and does not allow any individual identification of you or your device, you use the website/service from..
  • Google Tag Manager (GTM) is a tool used by us enabling us to manage and deploy marketing tags on websites without code modification. Tags include analytics and tracking codes, providing insights into website performance and user behaviour. While GTM itself doesn't set cookies, tags deployed through it may use cookies for tracking.
  • Google Ads & Remarketing We use online marketing tools from Google on our own responsibility. The cookies used in this service generally lose their validity after 30 days and are not intended to identify you personally. Google merely provides us with statistical evaluations. Google processes your information in accordance with Google's data usage policy. Opt-out: To permanently prevent the collection of usage data, Google offers a plugin for various Internet browsers: http://www.google.com/settings/ads/plugin. To disable interest-based ads, you can block the use of third party cookies or cookies from the "www.googleadservices.com" domain or disable interest-based ads using this link at https://adssettings.google.com/authenticated?hl=en_GB
     Interest ads can also be deactivated via the link http://www.aboutads.info/choices if the provider has joined the self-regulatory campaign "About Ads".

​Interessenbezogene Anzeigen können auch über den Link

We use online marketing tools from Google on our own responsibility. To this end, we have agreed with Google in a data protection agreement that our customers' data may only be processed on the basis of our instructions, may not be passed on to third parties and must be sufficiently technically protected.