Privacy protection
General data protection declaration
Data protection information according to EU data protection basic regulation, which became effective on 25.05.2018 – as of August 2018
General information
We take the protection of your personal data very seriously. Your privacy is important to us.
The following provisions serve to inform you about the processing of personal data in accordance with the requirements of the Basic Data Protection Ordinance (DSGVO) in particular taking into account the information obligations under Articles 12 to 14 DSGVO, as well as to inform you about the rights of data subjects under the DSGVO in accordance with Articles 15 to 22 and 34 DSGVO.
Notes on the responsible body
Responsible for the processing of your personal data is
Farasis Energy Europe GmbH
Benzstrasse 2
72636 Frickenhausen, Germany
Phone: +49 (0) 7022 789 4370
E-mail: info@farasis.com
Website Privacy Policy
Scope of application
This data protection declaration applies to all pages of our online network that link to this declaration.
Purpose of data collection
The purpose of the data collection is the optimization of the website, the error analysis, the individual tailoring to your needs, the offer of contacting and, if necessary, the sale of goods and services.
General information on data processing
We only collect and use personal data of our users insofar as this is necessary to provide a functional website as well as our contents and services. The collection and use of personal data of our users takes place regularly only with the user’s consent. An exception applies in those cases where prior consent cannot be obtained for real reasons and the processing of the data is permitted by law.
Legal basis for the processing of your data:
- Insofar as we obtain the consent of the data subject for the processing of personal data, Art.6 Para.1 lit.a EU Data Protection Ordinance (DSGVO) serves as the legal basis.
- In the processing of personal data required for the performance of a contract to which the data subject is a party, Art.6 para.1 lit.b DSGVO serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
- Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art.6 Para.1 lit.c DSGVO serves as the legal basis.
- In the event that vital interests of the data subject or another natural person require the processing of personal data, Art.6 para.1 lit.d DSGVO serves as the legal basis.
- If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art.6 para.1 lit.f DSGVO serves as the legal basis for processing.
Justified interests can be in particular:
- the answering of inquiries;
- the implementation of direct marketing measures;
- the provision of services and/or information intended for you;
- the processing and transfer of personal data for internal or administrative purposes;
- the operation and administration of our website;
- the technical support of the users;
- the prevention and detection of fraud and criminal offences;
- protection against non-payment in the event of obtaining credit information for inquiries about deliveries and services; and/or
- the guarantee of network and data security, insofar as these interests are in accordance with the applicable law and with the rights and freedom of the user;
- the achievement of efficiency gains by bundling services in individual Group companies (in particular marketing, IT, procurement)
Categories of recipients
- Service providers for the optimization of websites, online marketing service providers and tools, service providers for information and communication technology, companies for software and device maintenance, partly described in detail below
- Social networks and communities as described in more detail below
- Internal recipients according to the “need to know” principle
Usage data/server log files
Every time you visit our website, our systems automatically collect data and information from the computer system of the calling computer.
The following types of data are collected: Browser type, version used, user’s operating system, Internet service provider, user’s IP address, date and time of access, websites from which the user’s system has reached our website or to which the user accesses from our website.
The legal basis for the temporary storage of data and log files is Art.6 Para.1 lit. f DSGVO with the above-mentioned legitimate interests.
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this the IP address of the user must remain stored for the duration of the session.
The data is stored in log files to ensure the functionality of the website. In addition, the data serves us to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
Our legitimate interest in data processing also lies in these purposes. The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. We also reserve the right to check the files if there is a justified suspicion of illegal use or a concrete attack on the pages based on concrete evidence. In this case, our legitimate interest is the processing for the purpose of clarification and criminal prosecution of such attacks and illegal uses.
Contents of external providers
On our website we use active JavaScript content and fonts, which can also come from external providers such as Google. By accessing our website, these providers may receive information about your visit to our website, for example by transmitting your IP address. You can prevent this transmission by installing a JavaScript blocker such as the browser plug-in’NoScript’ or deactivating JavaScript in your browser. However, this can lead to functional restrictions.
Some of our websites integrate third party content, such as videos from YouTube, maps from Google Maps, images, texts and multimedia files, RSS feeds or other services from other websites. This always requires a transmission of your IP address to the providers of this content. We cannot make any statement about the use of your data by these providers and have no influence on further processing. In particular, not about whether the data is also used for other purposes, such as profiling. You can protect yourself against further prosecution by tracking pixels of these providers by deactivating the acceptance of third party cookies in your browser settings.
Contact form and e-mail contact
There is a contact form on our website which can be used for electronic contact. If a user takes advantage of this possibility, the data entered in the input mask will be transmitted to us and stored. This data is: Name, address, e-mail address etc. At the time the message is sent, the following data is also stored: The IP address, date and time. Your consent is obtained for the processing of the data within the scope of the sending process and reference is made to this data protection declaration.
Alternatively, you can contact us via the e-mail address provided. In this case, the user’s personal data transmitted by e-mail will be stored. In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.
The legal basis for processing is:
- For the processing of the data after registration for the newsletter by the user, Art.6 para. 1 lit. a DSGVO.
- For the processing of data transmitted in the course of sending an e-mail, Art.6 para.1 lit.f DSGVO with the above-mentioned legitimate interests.
- If the e-mail contact aims at the conclusion of a contract, then additional legal basis for the processing is Art.6 Abs.1 lit.b DSGVO.
The processing of the personal data from the input mask serves us only for the treatment of the establishment of contact. In the event of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by e-mail, this is the case when the respective conversation with the user is finished. The conversation is terminated when it can be inferred from the circumstances that the facts in question have been finally clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
Data transmission via the Internet
Data transmission over the Internet is generally associated with certain risks. A special encryption of the data is not carried out, especially messages from the contact form of our website and messages in the service chat are transmitted unencrypted . If you wish to communicate with us by encrypted e-mail, this is possible using SMIME encryption. Please inform us of your wish for encryption, as we regularly send unencrypted, due to the currently low market penetration of e-mail encryption methods.
Data transfer
If you provide us with personal data, this will only be passed on to third parties if this is necessary for the processing of the contractual relationship or if another legal reason justifies this transfer.
However, we provide certain services with the cooperation of service providers. We have carefully selected these service providers and have taken appropriate measures to protect your personal data.
Data protection declaration for customers / interested parties / suppliers / other
As a customer and as an interested party or other interested party, we process your personal data primarily to establish and fulfil a contractual relationship concluded with you or on the basis of a legitimate interest. We collect, store and, if necessary, pass on your data to the extent necessary to provide the contractually agreed service, to provide information, to carry out direct marketing activities or other activities of our business operations. Non-provisioning may mean that the contract cannot be concluded. In addition, we will only process your data if you have consented to the processing or another legal permission exists.
Purposes of data processing
We process your personal data to achieve the following purposes in connection with the initiation and execution of a contractual relationship or other activities in the interest of the company:
- Contract processing (including shipping)
- the acquisition of existing customers, use as selection criterion for direct marketing in order to be able to offer you a service tailored to your needs
- dealer support
- the credit assessment
- the management of our supplier relationships
- service
- the quality management
- the improvement and development of intelligent and innovative services
- customer analysis for market and opinion research
- the handling of our logistics/our materials management
- reporting on our company
Beyond that we process your data only with your explicit declaration of consent.
Types of data processed by us
The following personal data are processed:
- private contact data; name, address, telephone number
- Identification/payment data; account number, VAT ID no.
- Ordering data: Quantity, Sales, Intervals
- Geodata: Addresses, terms of delivery
- Image data: Photos and video recordings in the context of corporate events and trade fair appearances
Categories of recipients
These service providers have been carefully selected by us, commissioned in writing and are bound by our instructions. Our service providers are regularly checked by us. The service providers will not pass this data on to third parties, but will delete it after fulfilment of the contract and the conclusion of legal storage periods, unless you have consented to further storage. If we are legally obliged to do so, we will disclose your data to the competent authority upon request.
These are, for example:
- Bank and payment service providers, business information agencies, lawyers,
- logistics firms
- associated undertakings
For orders on account, we reserve the right to assess the credit risk on the basis of mathematical-statistical procedures (scoring). For this purpose, your data, which are necessary for credit assessment, are transferred to an economic credit agency (e.g. Schufa). If the credit check is positive, an order on account is possible. If the credit check is negative, we cannot offer you payment on account. You can object to the transmission of this data to the credit agency at any time, however, then an order on account is no longer possible.
Legal basis of the processing
The legal bases for the processing of their data are in particular:
1. Art. 6 para. 1 lit. a) on the basis of your consent, whereby in principle no consent is required for the conclusion of a contract or the continuation of an existing contract,
2. Art. 6 para. 1 lit. b) for the establishment, execution and termination of a contractual relationship,
3. Art. 6 para. 1 lit. c) for the fulfilment of a legal obligation,
4. Art. 6 para. 1 lit. f) for the protection of a legitimate interest
Our legitimate interests lie in achieving the above-mentioned purposes and beyond, e.g. in:
- Perception of our business interests, including direct marketing and credit assessment,
- the improvement of efficiency and effectiveness potentials, also in cooperation with partners and possibly affiliated companies,
- Ensure compliance with security regulations, requirements, industry standards and contractual obligations,
- the assertion, exercise or defence of legal claims,
- the avoidance of damage and/or liability of the company through appropriate measures
- the implementation of information and communication measures, also of an advertising nature.
- reporting on company information.
Client analysis
In the case of customer analysis, your data will be processed either anonymously or, if anonymous processing is not possible or does not make sense for factual reasons, in pseudonymised form.
Individual of the aforementioned processes or services are carried out by carefully selected and commissioned service providers. We transmit or receive personal data of these service providers solely on the basis of a processing contract. If the registered office of a service provider is outside the European Union or the European Economic Area, transfer to a third country takes place. Contractual data protection agreements are concluded with these service providers in order to establish an appropriate level of data protection and corresponding guarantees are agreed.
Data collected from third parties
We may be provided with data from third parties, e.g. as part of recommendations. In this case it usually concerns contact data in connection with data to concrete product and/or service needs.
If necessary, we collect data from credit agencies with regard to credit ratings and/or negative characteristics.
Storage period
Afterthe respective purpose has been achieved, your data will be deleted in compliance with the statutory retention periods.
Transfer to third countries
Some data, in particular employee and customer data, is transferred to our parent company, Farasis in China. China is not an EU country and there is no EU adequacy resolution, but we have ensured through contractual measures (standard contractual clauses) that we can assume a comparable level of data protection in the transmission. The data importer is subject to contractual guarantees for the security of personal data. A copy of this contract can be inspected on request in the personnel department or via the data protection officer.
Use of service providers
Individual of the aforementioned processes or services are carried out by carefully selected and commissioned service providers. We transmit or receive personal data of these service providers solely on the basis of a processing contract. If the registered office of a service provider is outside the European Union or the European Economic Area, transfer to a third country takes place. Contractual data protection agreements are concluded with these service providers in order to establish an appropriate level of data protection and corresponding guarantees are agreed.
Notice of your rights
You have the right,
- to ask us to confirm whether we process personal data concerning you; if this is the case, you have a right to information on this personal data and on the information specified in Art. 15 DSGVO.
- to demand the publication of the data concerning you in the restrictions of Art. 20 DSGVO in a common electronic, machine-readable data format. This also includes the handing over (as far as possible) to another person directly named by you.
- to request us to correct your data if it is incorrect, inaccurate and/or incomplete. Correction shall also include completion by declarations or communication.
- If you do not wish us to contact you by newsletter or other means, we will save your contact details on a blacklist, but we will not be able to delete any data that is subject to a legal retention period.
- to revoke any consent given by you with effect for the future without you incurring any disadvantages as a result.
- to require us to restrict processing if one of the conditions set out in Art. 18 DSGVO is met.
- We will then no longer process the personal data unless we can prove compelling reasons worthy of protection which outweigh your interests, rights and freedoms , or the processing serves to assert, exercise or defend legal claims (Art. 21 DSGVO).
- without prejudice to any other administrative or judicial remedy and if you consider that the processing of personal data concerning you is contrary to the DSGVO, to complain to
- a supervisory authority in the Member State of its place of residence, employment or suspected infringement.
Changes to this Privacy Policy
We reserve the right to change our data protection declaration if necessary and to publish it here. Please check this page regularly. The updated declaration shall enter into force on publication, subject to the legislation in force. If we have already collected information about you that is affected by the change and/or is subject to a legal obligation to provide information, we will also inform you of any material changes to our data protection declaration.