Privacy Policy

Last updated on: April 12th 2019

Elinvar GmbH (hereinafter referred to as Elinvar) appreciates your interest in the company and the associated visit to the website. The protection of your privacy when using our website is important to us. We treat the data entered in the context of our Internet offer confidentially. With this privacy policy, we would like to inform you about the type, scope and purpose of the collection, use and application of personal data. Please therefore take note of the following information:

Controller

Elinvar GmbH
Winsstraße 62
10405 Berlin
Germany

Email: contact@elinvar.de

Registration court: Amtsgericht Charlottenburg (Berlin, Germany)
Registration number: HRB 167185 B

Authorized Managing Directors and those responsible for content

Christian Bartz
Dr. Marco Neuhaus

Data Protection Officer

You can reach our data protection officer at:

Elinvar GmbH
Data Protection Officer
Winsstraße 62
10405 Berlin
Germany
Email: datenschutz@elinvar.de

Types of data processed

Elinvar processes inventory data (e.g. names, addresses), contact data (e.g. e-mail), usage data (e.g. websites visited, access times), metadata (e.g. IP addresses) and employee information (e.g. photos, names, positions) within the scope of this website.

Processing of special categories of data (Art. 9 para. 1 GDPR)

Elinvar does not process any special categories of data within the scope of this website.

Categories of individuals affected by the processing operation

Within the scope of this website, Elinvar processes data from visitors and interested parties, hereinafter collectively referred to as “users”, as well as from employees.

Purpose of processing

Within the scope of this website, Elinvar processes personal data in accordance with the provisions of the European Data Protection Regulation (GDPR) for the purpose of providing the website and related content and functions, for the purpose of advertising, marketing and market research, for communication with users, for answering contact enquiries and within the framework of security measures (IT security). Elinvar processes personal data only if legally permitted to do so and in compliance with the relevant data protection regulations. Accordingly, personal data will only be processed if this is necessary or legally required, in particular

  • for the provision of contractual services (order processing)
  • for the provision of online services
  • in the case of user consent
  • and in the legitimate interest of Elinvar.

The personal data processed by Elinvar are subject to the following legal principles in accordance with Art. 13 GDPR:

  • Art. 6 para. 1 lit. a. GDPR for consents
  • Art. 6 para. 1 lit. b. DSCGO for the processing for the fulfilment of the services rendered by us and the implementation of contractual measures
  • Art. 6 para. 1 lit. c. GDPR for processing for the fulfilment of our legal obligations
  • Art. 6 para. 1 lit. d. GDPR for processing for the purpose of fulfilling the vital interests of the data subject or another natural person
  • Art. 6. para. 1 lit. f. GDPR for processing to safeguard our legitimate interests

Subject of data protection

Subject of data protection are personal data in the sense of the. Art. 4 of the General Data Protection Regulation (GDPR), i.e. all information relating to an identified or identifiable natural person (hereinafter referred to as the data subject). An identifiable natural person is one who can be identified directly or indirectly, by assigning an identifier, via the data required for the transaction. This includes, for example, your name, your address, your telephone number, your e-mail address and other data required for business transactions. Data that cannot be associated with your person are not included.

Security measures

In accordance with Art. 32 GDPR, Elinvar shall take appropriate technical, organisational and contractual measures to ensure processing, taking into account the state of the art as well as the type, scope, circumstance, purpose of processing and implementation costs, in order to protect the user’s personal data against unintentional or unlawful manipulation, destruction, deletion, loss and against unauthorised access or disclosure.

Security measures include, in particular, ensuring the confidentiality, integrity and availability of data through physical access and logical access controls as well as other controls relating to the input, transmission, security, availability and separation of personal data. This also includes the encrypted transmission of data between your browser and our server.

Elinvar also has procedures in place to respond to data breaches, data deletion, and the exercise of data subjects’ rights.

Disclosure of data to third parties and third-party providers

Elinvar will only pass on data within the framework of the legal requirements on the basis of Art. 6 Para. 1 lit. b. GDPR (contract purposes), in accordance with Art. 6 Para. 1 lit. f. GDPR (legitimate interest), on the basis of a consent given by you or if a legal obligation provides for this.

The following services of third parties are used within the scope of this website:

  • In order to provide and optimize our website, we incorporate external fonts provided by Google Ireland Limited (“”Google Fonts”” https://google.com/fonts). This is done by accessing servers in the USA. Among other things, the IP address of the user in connection with our URL is transmitted to the Google server. Privacy policy: https://policies.google.com/privacy Opt-Out: https://adssettings.google.com/authenticated

All external service providers are carefully selected by us and checked for compliance with the contractual requirements and thus also the provisions of the GDPR. All external service providers are obliged to treat the information in accordance with this data protection declaration or the applicable data protection regulations. They are contractually obliged to comply with data protection regulations and are not regarded as third parties in the sense of data protection law. Inclusion in data processing is then based on an agreement on order processing pursuant to Art. 28 GDPR. Personal data will not be passed on or sold.

Transfers to third countries

A data transfer to places in states outside the European Union (so-called third countries) in the context of a processing (e.g. by using the services of third parties) or a disclosure or transfer of data to third parties only takes place to fulfill our (pre)contractual obligations, due to a statutory provision or according to your consent. Here the requirements of Art. 44 ff. GDPR with regard to the requirement of guarantees for compliance with a data protection level corresponding to the EU on the basis of international agreements (e.g. EU-US Privacy Shield) or EU standard contract clauses.

Collection and storage of personal data

Your personal data will only be collected if you provide it to us on request for specific purposes – e.g. to answer enquiries. Personal data that you voluntarily provide to us when using electronic forms, such as contact forms, or by e-mail, is only collected, processed and used for the purpose for which it was provided, such as registering for personalized services, responding to inquiries, technical administration or processing a contractual relationship. Your personal data will always be treated confidentially and will only be stored until the purpose for which it was provided has been fulfilled or the legal obligation to retain it has expired. The personal data is used to provide services. If you have explicitly agreed to this, you will also receive product information.

Contact

If you contact us by e-mail or contact form, your details will be processed in accordance with Art. 6 para. 1 lit. b. GDPR for the treatment and processing of the contact inquiry. The requests will be deleted if they are no longer necessary. They are checked once a year.

Collection of access data

On the basis of the legitimate interest of Elinvar within the meaning of Article 6(1)(f) GDPR, data on access to the server is collected via so-called server log files. The data collected includes the name of your Internet service provider and an IP address assigned by this provider, the website from which you visit us, the web pages you visit on our site, the files accessed, the browser used, the operating system used and the date and time of your visit. The access data is stored in order to ensure the functionality of our Internet offer. This information is used to optimize the website and to ensure the security of our IT systems and services. An evaluation for marketing purposes does not take place in this context.
For security reasons, the server log files and the information contained therein are stored for a period of 30 days and then deleted. If certain server log files are necessary for the clarification of fraud or abuse actions or for evidence purposes, they are stored until the final clarification of the respective incident and then deleted.

Cookies

Elinvar uses so-called cookies to be able to respond even better to your individual needs. Cookies are text files that are sent from our web server to your computer where they are stored on your hard drive so that they can be recognized when you use websites. We use cookies in some areas of the website to make it easier for you to use the website.

We cooperate with business partners who support us in making the website more interesting for you. This means that when you visit our website, cookies from these partner companies are also stored on your hard drive. The cookies stored in this way are automatically deleted after the given date.

You have the option of controlling the storage of cookies on your computer by making the appropriate settings in your web browser, i.e. you can prevent it from accepting new cookies, be notified when you receive a new cookie, or deactivate all cookies received. Please note, however, that in this case you may only be able to use our website to a limited extent or not at all. If you only want to accept our own cookies, but not the cookies of our service providers and partners, select the appropriate setting in your browser.

You have the possibility to object to the use of cookies, which are used for advertising purposes and range measurement. A general contradiction can be explained on the following pages:

  • Deactivation page of the network advertising initiative (http://optout.networkadvertising.org/)
  • Deactivation page for US websites (http://www.aboutads.info/choices)
  • Deactivation page for European websites (http://www.youronlinechoices.com/uk/your-ad-choices/)

Reach analysis with Matomo (formerly PIWIK)

On the basis of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f. GDPR, Elinvar uses  Matomo (formerly Piwik), an open source software for statistical evaluation of user access. Matomo uses cookies, which are text files placed on the user’s computer, to help the website analyze how users use the site. The information generated by the cookie about the use of this website is stored on servers in Germany. Analyzing the behaviour of our users on our website enables us to constantly improve user experience and to identify errors. In order to take sufficient account of the users’ interest in the protection of their personal data, the IP address is anonymised immediately after processing and before its storage and evaluation.

Users may refuse the use of cookies by selecting the appropriate settings on their browser. However please note that if you do this you may not be able to use the full functionality of this website.

Furthermore, by clicking on the link below, users have the possibility to object to the anonymous data collection by the Matomo program at any time with effect for the future. If a user clicks on the link below and objects, a so-called opt-out cookie is stored in the browser, which ensures that Matomo no longer collects any session data. If, however, the user deletes the cookies in his browser, the opt-out cookie is also deleted in this context, so that the user must activate it again via the link.

External Links

On our websites you will find links which refer to pages of third parties. We have no influence whatsoever on the design and content of websites operated by third parties. For this reason, our assurances given to you do not apply to them.

Furthermore, we link from our website to the Elinvar pages of Twitter, Facebook and LinkedIn. The operators of the respective services are responsible for the collection, storage and processing of personal data. We refer to their respective data protection declarations. Elinvar will only process user data if users communicate with Elinvar within social networks in the form of posts or messages.

Integration of third-party services and content

It may happen that on the basis of our legitimate interests (including optimization and analysis of the online offer in terms of Art. 6 para. 1 lit. f. GDPR), within this online offer, we integrate content from third parties, such as videos from YouTube, map material from Google Maps, RSS feeds or graphics from other websites. This always presupposes that the providers of this content (hereinafter referred to as “”third-party providers””) perceive the IP address of the users. Without the IP address, they would not be able to send the content to the user’s browser. The IP address is therefore required for the presentation of this content. We make every effort to only use content whose respective providers merely use the IP address to deliver the content. However, we have no influence on this if the third party provider stores the IP address, e.g. for statistical purposes. As far as this is known to us, we inform the users about it.

  • The “”Press”” section includes functions of the pr.co service of pr.co B.V. Singel 542, 1017 AZ, Amsterdam, Netherlands. Privacy policy: https://pr.co/privacy_policy
  • On our website we use Recruitee, a recruiting service of Recruitee B.V., Johan Huizingalaan 763A, 1066VH, Amsterdam (“Recruitee”).
    o Privacy Policy: https://recruitee.com/privacy
    o Information on security and data protection: https://recruitee.com/pricing#security-and-privacy
    o You can contact us directly via the application form provided on the website. You have the opportunity to provide us with the following information:
    First name and surname
    email address
    telephone number
    photo
    further information
    Link to your profiles in social networks (LinkedIn) and the application portal (Indeed) We collect, process and use the information provided by you via the application form exclusively for the processing of your specific request. The information you provide will be transferred by Recruitee to EU servers and stored there.

Social media

We use various social networks and platforms to communicate with users and interested parties and to provide information about our range of services on the basis of our legitimate interest in modern and effective information and communication pursuant to Art. 6 Para. 1 lit. f GDPR. In the event that the operator of a social network or platform obtains consent for such data processing, this shall be done on the basis of Art. 6 para. 1 lit. a DSGVO. In this context, personal data may also be processed outside the European Union. With regard to the services we use from providers domiciled in the USA, we ensure that there is a certification in accordance with EU-US Privacy Shield or processing in accordance with EU standard contract clauses.

During this use, user data is also processed for market research and advertising purposes, from which statements on user behavior and user profiles are generated. On the basis of these user profiles, advertisements can be placed within or outside social networks and platforms. Cookies from network and platform operators are generally used for this purpose. The following social networks and platforms are currently used by us:

In case of requests for information as well as the assertion of your user rights, it is best to contact the respective provider directly due to the data storage by the providers and their access to the data. We have documented the necessary links to the data protection declarations of the providers above.

Protection for minors

This Privacy Policy does not cover the use of our website by minors. We are aware of the importance of protecting information about minors on the Internet. Therefore, we do not knowingly collect or maintain information about children.

Right of information, revocation and deletion

Pursuant to Art. 15 GDPR, as an affected party you have the right at any time to request free information on the personal data stored by us, its origin and recipient as well as the purpose of the data processing.

In addition, you have the right to have personal data corrected (pursuant to Art. 16 GDPR), blocked (pursuant to Art. 18 GDPR) and deleted (pursuant to Art. 17 GDPR) and, if applicable, to have data portability (pursuant to Art. 20 GDPR). Furthermore, you have the right to file a complaint (pursuant to Art. 77 GDPR) with the responsible supervisory authority if unlawful data processing is assumed. Please send a corresponding request or a request for correction, blocking, deletion or data portability of your personal data stored by us via e-mail to datenschutz@elinvar.de. Alternatively, please state in the subject line: “Data deletion” or “Data blocking” or “”Data correction”” or “Data portability”. We will arrange for the deletion or blocking of your data or make the necessary corrections or data portability as far as legally possible.

You also have the right to revoke your consent, in principle with effect for the future, pursuant to Art. 7 para. 3 GDPR. Please send a corresponding request or a request for revocation by e-mail to datenschutz@elinvar.de. As an alternative, please state “Revocation” in the subject line.

Furthermore, you may object to future processing of your personal data in accordance with Art. 21 GDPR at any time. To do so, it is sufficient to send us an according e-mail to datenschutz@elinvar.de.

The stored personal data will be deleted if there are no legal obligations to retain the data or if the personal data is no longer required for its intended use in accordance with Art. 17 GDPR. If there is a legally permissible reason for the further storage of the personal data, Elinvar will restrict its processing in accordance with Art. 18 GDPR, in which this data is blocked and no longer processed for other purposes. This applies in particular to data which must be stored for tax and commercial reasons.

The duration of the storage of personal data depends on the respective legal requirements. According to § 257 para. 1 HGB (German Commercial Code) (including commercial books, annual financial statements and commercial letters) the data must be kept for 6 years and according to § 147 para. 1 AO (including records, books and commercial and business letters) the data must be kept for 10 years.

If you have any questions about the collection, processing and use of your personal data, about data protection in general or in the event of complaints, please contact our data protection officer, who is also available to you in the event of complaints at datenschutz@elinvar.de

We will endeavor to answer your questions as quickly as possible.

Subject to change

We always keep this privacy policy up to date. Therefore, we reserve the right to adapt this data protection declaration in the event of legal and/or technical requirements, for reasons of clarifying explanations or changes to the service as well as data processing. The changes, however, only apply with regard to declarations on data processing. If, however, components of the data protection declaration contain provisions of the contractual relationship with the users or if user consents are required, the respective change shall only take place with the consent of the users.

We therefore ask you to observe the current version of this data protection declaration and to inform yourself regularly about the content of the data protection declaration.

A printout or a storage of the data protection regulations is possible at any time.