DATA PROTECTION POLICY
Sec. 1 Information on the collection of personal data
(1) This section provides information on the collection of personal data when using our website. Personal data is defined as any information that refers to you personally, e.g. name, address, email addresses, user behavior.
(2) The person responsible pursuant to Art. 4 (7) EU General Data Protection Regulation (GDPR) is Fleximark AB, Kungshagsvägen 9, 611 35 Nyköping, info(at)fleximark.se. You may contact our data protection officer at our postal address, adding „data protection officer“ or write in accordance with our contact details stated in Sec. 20.
(3) If, due to specific functions of our offer we need to refer to commissioned service providers or wish to use your data for commercial purposes, we inform you below in detail concerning respective processes stating, at the same time, defined criteria of the storage period.
Sec. 2 Your rights
(1) With regard to our company and your personal data, you have the following rights:
- The right of information
- The right to correction or deletion
- The right to restriction or processing
- The right to object against processing
- The right to data portability
(2) In addition, you have the right to lodge a complaint against us with any data protection supervisory authority concerning our processing of your personal data. A competent authority is the Swedish regulatory authority Datainspektionen, https://datainspektionen.se
Sec. 3 Collection of personal data on visiting our website
(1) If the website is used for merely informational purposes i.e. you do not register on the website or send us other information, we inherit only those personal data that your browser transmits to our server. On visiting our website, we collect the following data which are technically required for us to display our website to you and to guarantee stability and security (legal basis is art. 6 (1) p. 1 lit. f GDPR):
- IP address
- Date and time of inquiry
- Time zone difference compared to Greenwich Mean Time (GMT)
- Request content (defined page)
- Access status/http status code
- Respective data volume transmitted
- Website making the request
- Operating system and its interface
- Language and browser software version
(2) When using our website, and in addition to the above mentioned data, cookies are stored on your computer. Cookies are small text files which, on your hard drive, are stored after being allocated to the browser you use and by which the site placing the cookie (i.e. us) has certain information sent back to it. Cookies cannot execute any programs nor transfer any viruses onto your computer. Their purpose is to make your online presence overall more user-friendly and more effective.
a) This website uses the following types of cookies whose size and functionalities are explained as follows:
- Transient cookies (refer to b)
- Persistent cookies (refer to c).
b) Transient cookies are automatically deleted as you close the browser. This includes especially session cookies which store a so-called session ID. Various requests of your browser may be allocated to the joint session by way of session IDs. This facilitates recognition of your computer on your return to our website. Session cookies are deleted as you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified time, subject to the cookie in use. You may delete any cookies at any time in the security settings of your browser.
d) Your browser settings may be configured as you wish and can, for example, refuse acceptance of third party cookies or any cookies. We should like to point out that you may not be able to use all functions of this website.
f) Flash cookies in use are not captured by your browser but by your flash plug-In. In addition, we use HTML5 storage objects that are filed on your terminal. These objects without automatic expiry dates store the required data irrespective of your browser in use. If you are not interested in the processing of flash cookies, you must install a corresponding add-on, e.g. „Better Privacy“ for Mozilla Firefox (https://addons.mozilla.org/en-US/firefox/addon/privacy/) or the Adobe flash killer cookie for Google Chrome. You may prevent the use of HTML5 storage objects by introducing the private mode into your browser. In addition, we recommend regular manual deletion of your cookies and browsing history.
Sec. 4 Further website functions and offers, purposes of data use
(1) In addition to the purely informational use of our website we offer various services you may use if interested. As a rule, this requires you to state further personal data which are used by us to provide our respective services. The aforesaid principles of data processing shall apply to such personal data.
(2) In addition to the above mentioned data Lapp collects and stores all Information clients key into the website or transmit to Lapp in other ways. Examples of such data are:
VAT ID no.
name of customer
(3) Lapp also uses these data to communicate with customers about products, services and orders. Lapp furthermore updates company records and customer accounts with these data and uses them to recommend products or services to potentially interested company customers. Lapp also uses information to enhance its e-shop and online presence, to prevent any abuse and fraud or to reveal them, or to enable third parties to execute any technical, logistic or other services on behalf of Lapp. Data are also used to store shopping baskets or order templates, placing them at the customers’ disposal for any new use.
(4) Only if customers have previously granted their consent or, as far as this is legally permissible, if no objection was raised, Lapp also uses these data for product related surveys and marketing purposes.
(5) We partly use external service providers for the processing of your data. Those providers are carefully selected and commissioned by us. They are bound to our directives and are regularly monitored.
(6) We may, moreover, transmit your personal data to third parties for the purpose of sales actions, winning games, signing of contracts or similar services we offer jointly with our partners. Detailed information may be found below in the description of the offer or will be sent to you on leaving your personal data with us.
(7) Inasmuch as our service providers or partners are headquartered in a state outside the European Economic Area (EEA), we are going to keep you informed about any consequences of these circumstances in the description of our offer.
Sec. 5 Objection or revocation against processing of your data
(1) If you have granted your consent to the processing of your data, you may revoke your consent at any time. Such revocation will impact the processing admissibility of your personal data after stating it.
(2) You may object against the processing inasmuch as we base the processing of personal data on a balance of interests. This would be the case if processing is not required to fulfill a contract with you; this is outlined in detail in the following description of functions. On objecting we would request a statement of reasons as to why our company may not process personal data as usual. In the event of your justified objection, we shall look into the matter and will either terminate or adjust data processing, or explain to you our compelling and legitimate grounds as to why processing will be continued.
(3) You may, of course, object at any time against the processing of your personal data for advertising or data analysis purposes. You may send your objection against advertising to the following address: info(at)fleximark.se
Sec. 6 Contact form and e-mail contact
There is a contact form on our website which can be used for electronic contact. If a user takes advantage of this possibility, the data entered in the input mask will be transmitted to us and stored. This data is:
Title, first name, last name, company, department, customer number, address (street, house number, postcode, city, country), e-mail address, fax, telephone, subject and message.
At the time the message is sent, the user's IP address and the date and time of transmission are also stored.
Alternatively, you can contact us via the e-mail address provided. In this case, the user's personal data transmitted by e-mail will be stored.
In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.
The legal basis for the processing of the data is Art. 6 para. 1 lit. b DSGVO if the user has given his consent.
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f DSGVO. If the e-mail contact aims at the conclusion of a contract, then additional legal basis for the processing is Art. 6 exp. 1 lit. b DSGVO. the processing of the personal data from the input mask serves us alone for the treatment of the establishment of contact. In the event of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by e-mail, this is the case when the respective conversation with the user is finished. The conversation is terminated when it can be inferred from the circumstances that the facts in question have been finally clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
Sec. 7 Service providers: hosting and operation of the website, technical service providers
In the context of contract processing, the data is stored on the servers of the above service providers, Lapp Service GmbH (SETU GmbH, Königsturmstr. 28 73525 Schwäbisch Gmünd, Germany) and Nordlo (Idrottsvägen 1, Rosvalla, 6112 62 Nyköping).
Sec. 8 Google Remarketing
By using fleximark.se you declare your agreement with the processing of data Google collected about you in the manner here described and for the purposes here stated. We should like to point out that, independent of our rules, Google has its own data protection policy. We do not accept responsibility or liability for these rules and procedures and refer you to Google’s data protection policy. https://policies.google.com/privacy/update?hl=en&gl=en
Sec. 9 Facebook Remarketing
This website uses the „Custom Audiences“ remarketing function of Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA („Facebook“), in the pixel variant and without the „extended comparison“ setting. Remarketing aims at presenting interest-related advertising („Facebook-Ads“) to visitors of this website as they visit Facebook as a social network. For this purpose the remarketing pixel of Facebook was implemented in this website, thereby enabling the pixel to create a direct link to Facebook servers on visits to the website. The Facebook server is thus informed of your visit to this website and Facebook allocates this information to your personal Facebook user account. Please go to Facebook’s private policy at https://www.facebook.com/about/privacy/ for detailed information regarding Facebook’s collection and use of data as well as your pertinent rights and options to protect your private sphere. Alternatively, subject to your registration with Facebook, you may deactivate the „Custom Audiences“ remarketing function at https://www.facebook.com/settings?tab=ads. The data is stored for 1 year.
Sec. 10 Web analysis by Matomo (formerly PIWIK)
On our website we use the open source software tool Matomo (formerly PIWIK) to analyse the surfing behaviour of our users. The software places a cookie on the user's computer (see above for cookies). If individual pages of our website are accessed, the following data is stored:
(1) Two bytes of the IP address of the user's calling system
(2) The accessed website
(3) The website from which the user has accessed the accessed website (referrer)
(4) The sub-pages accessed from the accessed website
(5) The time spent on the website
(6) The frequency with which the website is accessed
The software runs exclusively on the servers of our website. The personal data of users is only stored there. The data will not be passed on to third parties. The software is set so that the IP addresses are not completely stored, but 2 bytes of the IP address are masked (e.g.: 192.168.xxx.xxx). In this way it is no longer possible to assign the shortened IP address to the calling computer.
The legal basis for processing users' personal data is Art. 6 para. 1 lit. f DSGVO.
The processing of users' personal data enables us to analyse the surfing behaviour of our users. We are in a position to compile information about the use of the individual components of our website by evaluating the data obtained. This helps us to continuously improve our website and its user-friendliness. For these purposes, it is also in our legitimate interest to process the data in accordance with Art. 6 para. 1 lit. f DSGVO. By anonymizing the IP address, users' interest in protecting their personal data is sufficiently taken into account.
The data will be deleted as soon as they are no longer needed for our recording purposes. In our case, this is the case after (specify DURATION).
We offer our users on our website the possibility of an opt-out from the analysis procedure. To do this, you must follow the corresponding link. In this way, another cookie is placed on your system, which signals to our system not to store the user's data. If the user deletes the corresponding cookie from his own system in the meantime, he must set the opt-out cookie again.
More information about the privacy settings of the Matomo software can be found under the following link: https://matomo.org/docs/privacy/.
Sec. 11 Newsletter
If customers wish to receive the newsletter as offered on the website, Lapp requires their email address and information to the effect that examination is agreed to that respective email address owners approve receipt of the newsletter (Double Opt-In procedure).
Upon your newsletter registration we also store your computer system’s IP address as provided by the internet service provider (ISP) of the data subject at the time of registering together with date and time. Storage of these data is necessary to facilitate later tracking of any (possible) email misuse of data subjects. It also provides the person responsible for data processing with legal security.
Personal data collected within the scope of newsletter registration are used exclusively for the dispatch of our newsletter. Newsletter subscribers may be informed via email how this is operated in case of changes in the newsletter offer or concerning technical matters, if this should be necessary for newsletter registration or running the newsletter service. Within the scope of the newsletter service no collected personal data are transmitted to third parties, except our email service provider (Which TOOL?). An order management contract has been signed with (Company , ADRESS).
Data subjects may cancel their newsletter subscription at any time. As far as the newsletter dispatch is concerned the persons may equally, at any time, revoke their consent to the storage of any personal data by using the pertinent link in the newsletter. In addition, subscribers have the option to unsubscribe direct on the internet page of the person responsible for processing or to inform him through other means of communication.
Sec. 12 Chat function
We should like to point out in this context that any data you send to us freely via chat is stored to process your request and for the purpose of statistics. Only the chat record is stored. Any data in the record of the chat are neither used to identify any website visitors nor for other purposes or advertising. The chat record is deleted after one workday. The data is saved for one year.
Sec. 13 Servoconfigurator and EPIC Housing Configurator
As regards the configurators and from the data minimization point of vew we have reduced required data as much as possible. Obligatory fields must be stated to ensure an individual offer, based on your indications, may be submitted to you. Data stated in the configurator are used exclusively for the production, dispatch and negotiation about the offer under request.
Sec. 14 Storage period of personal data
Unless stated to the contrary, the criterion decisive for our stipulating of storage periods is the respective statutory safekeeping period. Data are deleted after such period has expired, provided they are no longer needed for contract performance or contract initiation.
Sec. 15 Legal or contractual rules on the provision of personal data
The provision of personal data is partly prescribed by law, e.g. tax regulations, or may be the result of contractual arrangements (e.g. statements concerning a contractual party). When signing a contract it may sometimes be necessary for data subjects to place their personal data at our disposal which, at a later stage, need to be processed by our company. For example, the data subject may be under obligation to make personal data available to us when our company signs a contract with them. A consequence of non-provision of personal data would be that no contract might be signed with the data subject. Data subjects must contact a member of our staff prior to such person making personal data available. In every individual case, our employee will advise data subjects if the provision of personal data is legally or contractually prescribed or required for signing a contract. He will also inform on possibly existing obligations to provide personal data and possible consequences of not providing personal data.
Sec. 16 Automated decision-making
There will be no automated decision-making or profiling.
Sec. 17 Legal basis of data processing
Art. 6 (I) lit. a GDPR is our legal basis for processing procedures that require us to obtain consent for specific processing purposes, especially registrations with newsletters. In the event that processing of personal data is required for contract compliance involving the data subject as the contractual partner, the processing of data is based on art. 6 (I) lit. b GDPR. As an example, this is the case with processing procedures that are necessary for the delivery of goods or the performance of a service or return service. The same legal basis also covers processing procedures needed to carry out pre-contractual measures, e.g. upon queries concerning our products or services. If our company is subject to a legal obligation requiring the processing of personal data, e.g. compliance with tax-related duties, processing shall be based on art. 6 (I) lit. c GDPR.
Sec. 18 Legal basis as per art. 6 (I) lit. f GDPR, our legitimate interests in processing
Processing procedures may ultimately be based on art. 6 (I) lit. f GDPR. Processing procedures not captured by any of the legal principles stated in Sec.14 rest on this legal basis, if the processing is required to protect a legitimate interest of our company or of a third party, providing the interest, fundamental rights and freedoms of data subjects do not prevail. A legitimate interest could be assumed, if the data subject is a customer of the person responsible (Recital 47 sentence 2 GDPR).
If the processing of any personal data takes place on the basis of art. 6 (1) lit. f GDPR, our legitimate interest will be the performance of our business activity.
Sec. 19 Further information
The customer is aware that, in light of the current state of technology, no full data protection can yet be guaranteed in data transmissions via internet. As a result, and in terms of security of any data posted on the internet, the client takes full responsibility. For this reason, data subjects are at liberty to transmit their data to us via alternative options, e.g. per telephone.
Sec. 20 Contact with data protection officer
Fleximark AB places great value on their customers‘ trust. That is why Lapp is glad to answer any questions regarding the processing of personal data. For any queries not sufficiently dealt with in this data protection declaration or if customers request further in-depth information, please contact Claes Johansson, the company’s data protection officer, at claes.johansson(at)fleximark.se
Please also contact our data protection officer if you become aware of or suspect any personal data breaches brought about by our company.