Privacy Notice of ifm electronic gmbh
Privacy Notice of ifm electronic gmbh
1. Scope, controller, data protection officer, definitions
1.1 The present Privacy Notice informs about how and what kinds of personal data of the user (in the following "you") are processed by us, ifm electronic gmbh, when you visit our websites.
1.2
ifm electronic gmbh
Friedrichstr. 1
45128 Essen
Phone: 02 01 / 24 22-0
Fax: 02 01 / 24 22-1200
Email: info@ifm.com
is the controller pursuant to Article 4 no. 7 EU General Data Protection Regulation (GDPR) for the processing of personal data on our websites according to this Data Protection Regulation.
You can also directly contact our Data Protection Officer:
ifm electronic gmbh
Data Protection Officer
Friedrichstraße 1
45128 Essen
Email: gdpr@ifm.com
1.3 Personal data means any data relating to you personally such as name, address, email addresses, the information about your use of our websites (see under section 2).
Processing means any operation performed on personal data such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.
2. Processing of personal data when visiting our websites or contact by email; purpose and basis
2.1 Informatory use of our websites
If the websites are used for information only, i.e. if you do not register or transmit information in any way, we only collect the personal data your browser transmits to our server. If you want to look at our websites, we collect the following data:
- IP address,
- date and time of the request,
- time zone difference to Greenwich Mean Time (GMT),
- content of the request (specific site),
- access status/HTTP status code,
- transferred amount of data,
- website from which the request is sent,
- browser,
- operating system and its user interface,
- language and version of the browser software and
- your approximate location data which we derive from the above-mentioned data.
Purpose and basis
The purpose of the processing of this data is to show you our websites and to ensure stability and protection. The basis is Article 6 paragraph 1 sentence 1 point (f) GDPR. According to this the processing of personal data for the purposes of our legitimate interests is lawful except where this is overridden by the interests or fundamental rights and freedoms of the data subject.
2.2 Contact by email or use of the contact form on our websites
If you contact us by email or use a contact form, we process
- your advised request,
- the company you work for,
- your sex (salutation),
- your first and last names,
- your business contact data (email address, address and telephone number, the indication of your customer number is optional).
The purpose of the processing of this data is to answer your questions. We will delete the data collected in this context when storage is no longer necessary or restrict the processing if there is a legal obligation to retain data. The basis for the processing is Article 6 paragraph 1 sentence 1 point (f) GDPR except where there are legal obligations to retain data. In this case the basis for storage is Article 6 paragraph 1 sentence 1 point (c) GDPR; according to this the processing is lawful for compliance with a legal obligation.
Furthermore, you have the possibility to receive regular information from us (newsletter, see below section 2.6 point (c)) irrespective of filling in the contact form and the reply to your request.
2.3 Cookies
a) In addition to the previously mentioned data cookies are stored on your PC when you use our websites. Cookies are small text files which are stored on your hard disk assigned to the browser you use and by means of which the person setting the cookie (here: we) receives certain information. Cookies cannot execute any programs or transfer viruses to your computer. Their purpose is to make the websites more user-friendly and effective. The basis is your explicit consent you give when you start visiting our website and which can be revoked at any time pursuant to Article 6 paragraph 1 sentence 1 point (a) GDPR or Article 6 paragraph 1 sentence 1 point (f) GDPR.
b) These websites use the following types of cookies the scope and function of which are explained below:
- transient cookies (see aa)
- persistent cookies (see bb).
aa) Transient cookies are automatically deleted when you close the browser. These include in particular session cookies. They store a session ID by means of which several requests from your browser can be assigned to one and the same session. This allows your computer to be recognised when you return to our websites. The session cookies are deleted when you log out or close the browser.
bb) Persistent cookies are automatically deleted after a time defined by us. This time may vary according to the cookies. You can delete the cookies in the security settings of your browser at any time. With this deletion you also withdraw your consent to process the respective cookie.
c) You can configure your browser settings according to your wishes and for example reject the acceptance of third-party cookies or all cookies. Please note, that in such a case you may not be able to use all functions of our websites.
2.4. Google Analytics
a) These websites use Google Analytics, a web analytics service provided by Google LLC ("Google"). Google Analytics uses "cookies", text files stored on your computer making it possible to analyse the way you use the websites. As a rule, the information about your use of these websites generated by means of cookies is transmitted to a Google server in the USA and stored there. If IP anonymisation is activated on these websites, your IP address is shortened beforehand by Google in countries in the European Union or other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the website owner, Google will use this information to evaluate your use of the websites, create reports about website activities and provide further services related to website and internet use to the website owner.
b) The IP address transferred by your browser in the context of Google Analytics will not be combined with other Google data.
c) You can prevent the storage of cookies by adjusting your browser settings accordingly; however, we point out that if you do so, you might not be able to use all functions of these websites. Furthermore, you can prevent the recording of data about your use of the websites generated by the cookie (incl. your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at:
https://tools.google.com/dlpage/gaoptout?hl=en.
d) These websites use Google Analytics with the extension "_anonymizeIp()". IP addresses are then processed in a shortened form; reference to a person can thus be excluded. If a reference to a person is possible by means of the data collected for you, this reference is excluded at once and the personal data is deleted immediately.
e) We use Google Analytics to analyse the use of our websites to be able to improve them regularly. By means of the statistics we can improve our websites and make them more interesting for you, the user. For exceptional cases in which personal data is transmitted to the USA, Google has committed to adhering to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. The basis for the use of Google Analytics is Article 6 paragraph 1 sentence 1 point (f) GDPR.
f) Information about the third party: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of Service: http://www.google.com/analytics/terms/gb.html, overview of data privacy: http://www.google.com/intl/en/analytics/learn/privacy.html, and the Privacy Policy: http://www.google.de/intl/en/policies/privacy.
g) These websites use Google Analytics also for an analysis of the streams of visitors across all devices made via a user ID. You can deactivate the analysis across all devices in your customer account at "My Account", "Personal data".
2.5 Integration of YouTube videos and videos via Movingimage
a) We have integrated YouTube videos in our online service which are stored at http://www.YouTube.com and can be played directly from our websites.
b) When you visit the websites, YouTube gets the information that you have accessed the respective sub-site of our websites. In addition, the data indicated under section 2.1 of this notice is transmitted. This happens irrespective of YouTube providing a user account via which you are logged in or if a user account does not exist. If you are logged in with Google, your data is directly assigned to your account. If you do not agree to this assignment to your profile at YouTube, you have to log out before the button is activated. YouTube stores your data as usage profiles and uses them for advertising and market research purposes and/or for a design tailored to suit the needs. Such an evaluation is made in particular (even for users who are not logged in) to enable advertising tailored to the needs and to inform other users of the social network about your activities on our websites. You have the right to object to the creation of these user profiles. In this case you have to address this right to object to YouTube.
c) Any other information for the purpose and scope of data collection and their processing by YouTube are given in the Privacy Notice. There you also get further information about your rights and setting options to protect your privacy: https://www.google.de/intl/en/policies/privacy. Google processes your personal data also in the USA and has committed to adhering to the EU-US-Privacy-Shield, https://www.privacyshield.gov/EU-US-Framework.
d) We have integrated videos in our online service which are stored at https://www.movingimage.com/ and can be played directly from our websites. In this context data such as browser, browser version and country is collected.
For the data protection statement of our video partner Movingimage please refer to the following website:
Movingimage EVP GmbH
Stralauer Allee 7
10245 Berlin
https://www.movingimage.com/gtc/privacy-policy-of-movingimage-evp-gmbh/
2.6 Registration and newsletter
a) If you want to use certain services of our websites, for example the download of data, a registration of the following data concerning you is required:
- indication if you or the company you work for are an existing ifm customer,
- sex (for the salutation),
- first name, last name,
- company you work for,
- your business contact data (email address, address and telephone number, the indication of your customer number is optional).
You have to assign a sufficiently secure password for this data.
b) We use the double-opt-in procedure for registration. That means that we send an email to the indicated email address after entry of your registration data in which we ask you to confirm your registration data. If you do not confirm your registration, your information is blocked and deleted after the statutory storage period has elapsed (in any case up to the end of the period of limitation for any claims). Furthermore, we store your used IP addresses and the times of entering your registration data and the confirmation. The purpose of the procedure is to evidence your registration and to solve a possible misuse of your personal data, if need be. The basis is Article 6 paragraph 1 sentence 1 point (f) GDPR.
c) Newsletter
On our websites you can register for our newsletter with current information about our company and our services.
Your consent to receive the newsletter is always freely given. You can withdraw your consent at any time. You can use all other functions of our websites irrespective of your consent to receive the newsletter. This also includes the functions in the context of the registration or the contact form.
After your registration for the newsletter we carry out the double-opt-in procedure as described above under point (b). If you have also registered for the newsletter during your registration, you confirm by means of the double-opt-in procedure your consent to receive the newsletter.
To send you the newsletter we only process your name, your sex (for the salutation) and your email address so that we can address you personally. The basis for the use of this processing of your personal data is Article 6 paragraph 1 sentence 1 point (a) GDPR. You can withdraw your consent to send you the newsletter at any time and unsubscribe from the newsletter. You can state your withdrawal by sending an email to cs.us@ifm.com or by sending a message to the contacts indicated in the contact notice.
2.7 On the ifm webshop
a) If you want to place an order in our webshop, a requirement necessary to enter into a contract is that you indicate the personal data asked for which we need to process your order. Mandatory information necessary to process the contracts is marked separately; any other information is given freely. The data you indicate is used by us to process your order. The basis is Article 6 paragraph 1 sentence 1 point (b) GDPR. If you are not our customer but the company you work for, we process your business contact data on the basis of Article 6 paragraph 1 sentence 1 point (f) GDPR for the purpose of enabling and facilitating the communication with our customers to execute the contract.
b) Due to trade and tax laws we are obliged to store your address, payment and order data for a period of ten years. After the end of the periods of limitation we limit processing, i.e. your data is only used to comply with the legal obligations.
2.8 Technical chat
To use our technical chat we process your email address, the company you work for and your technical questions.
We use this data to process your chat requests or to enable answers by other chat participants and to execute our respective web services; the basis is Article 6 paragraph 1 sentence 1 point (f) GDPR. Your data will only be stored for the period it takes to answer your chat.
2.9 Applicant data
a) We process the following data of people applying for a job using the application form on our websites or any other means:
first name, last name, email address, address, telephone number (if indicated) and the application documents transmitted to us.
b) Subject to a separately given consent we only process the data to carry out the application process on which the respective application is based. Without this consent the data will not be stored after the end of the application process and the relevant storage periods.
2.10 Adobe Target
We use Adobe's Target software. This software helps us to carry out A/B tests or multivariate tests on the website. The software provides a version differing from the original website (e.g. regarding design and contents). By comparing the two versions, it can be determined which version the visitors of our website prefer.You can find more information about the functions of Adobe Target here: https://www.adobe.com/en/marketing/target.html
With Adobe Target no personal data, e.g. the full IP address, is stored and processed by our website. Only information that does not allow any conclusions about individual persons is processed. The usage behaviour is described using quantitative methods.Adobe uses "session cookies" and "permanent cookies". "Session cookies" are only stored temporarily, for as long as you are on our website. "Permanent" cookies are used to retain information about visitors who repeatedly access our website.
Here you can find the Adobe Target privacy policy: https://docs.adobe.com/content/help/en/target/using/implement-target/before-implement/privacy/privacy.html
Opt out: https://www.adobe.com/ca/privacy/opt-out.html
2.11 LinkedIn Insight Tag
We use the LinkedIn Insight Tag from LinkedIn Ireland Unlimited Company, Attn: Legal Dept. (Privacy Policy and User Agreement), Wilton Plaza, Wilton Place, Dublin 2, Ireland. This makes it possible to collect data about visits to our website, including the URL, referrer URL, IP address, device and browser characteristics (user agent) and timestamp. This data is encrypted, the IP addresses are shortened and the LinkedIn IDs of those having a LinkedIn user account are removed within seven days in order to pseudonymise the data. The remaining pseudonymised data is deleted within 90 days. Based on this pseudonymised data, we receive reports on the website's target group and the performance of our advertisements.
Besides, LinkedIn offers the possibility of retargeting via the Insight Tag. Based on this data, we are able to provide targeted advertising to you even outside of our website. For further information about data protection at LinkedIn, please refer to the LinkedIn privacy policy: https://www.linkedin.com/legal/privacy-policy.
The basis is your consent according to Art. 6 section 1 point a GDPR. To deactivate the Insight Tag on our website ("opt-out") please click here: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out?trk=microsites-frontend_legal_cookie-policy.
2.12 Hotjar
This website utilizes Hotjar. The provider is Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).
Hotjar is a tool used to analyse your user patterns on our website. Hotjar allows us to for instance record your mouse and scroll movements as well as your click. During this process, Hotjar also has the capability to determine how long your cursor remained in a certain position. Based on this information, Hotjar compiles so-called Heatmaps, that make possible to determine which parts of the website the website visitor reviews with preference.
We are also able to determine how long you have stayed on a page of our website and when you left. We can also determine at which point you suspended making entries into a contact form (so-called conversion funnels).
Furthermore, Hotjar can be deployed to obtain direct feedback from website visitors. This function aims at the improvement of the website offerings of the website operator.
Hotjar uses cookies. Cookies are small text files that are placed on your computer and stored by your browser. Their purpose is to make our website presentation more user friendly, more effective and more secure. These cookies allow us to in particular determine if our website was used with a certain device or if the functions of Hotjar have been deactivated for the respective browser. Hotjar cookies will remain on your device until you delete them.
You can set up your browser in such a manner that you will be notified anytime cookies are placed and you can permit cookies only in certain cases or exclude the acceptance of cookies in certain instances or in general and you can also activate the automatic deletion of cookies upon closing of the browser. If you deactivate cookies, the functions of this website may be limited.
The use of Hotjar and the storage of the Hotjar cookies are based on Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user patterns, in order to optimize the operator’s web offerings and advertising.
Deactivation of Hotjar
If you would like to deactivate the recording of data by Hotjar, please click on the link below and follow the instructions provided under the link: https://www.hotjar.com/opt-out.
Please keep in mind that you will have to separately deactivate Hotjar for every browser and every device.
For more detailed information about Hotjar and the data to be recorded, please consult the Data Privacy Declaration of Hotjar under the following link: https://www.hotjar.com/privacy.
Contract data processing
We have entered into a contract data processing agreement with Hotjar to implement the stringent European Data Protection Regulations.
2.13 Information about access to this website by Akamai Technologies, Inc.
This website uses provision, security and analytics services by Akamai Technologies, Inc. ("Akamai"). These services use cookies, text files, beacons and browser interfaces which generate log files that enable Akamai to (i) to provide the website quickly, reliably and safely, (ii) carry out analyses of the website performance and the resulting user experience, (iii) carry out safety analyses and (iv) prevent unauthorised access to the website and (v) create reports about (i) to (iv) for their customers. The log files that are generated may include personal data (in the form of IP addresses, activities on the website and evaluations of your use of the website). Akamai may disclose this data to third parties if Akamai are obliged to do so for legal reasons or if these third parties process this data on behalf of Akamai. Akamai may transfer the data to their servers, store it and process it. Most of the Akamai servers are located in the USA. Akamai ensure that the transfer of personal data of EU citizens outside the European Economic Area corresponds to the requirements of the relevant data protection laws. For this, Akamai have implemented legally recognised transfer mechanisms, e.g. the EU-US and Swiss-US Privacy Shield Framework certification and EU standard contractual clauses. Akamai will not use this data to identify or profile natural persons.
You will find more information about the conditions of use for the processing of personal data by Akamai and the Akamai data protection guidelines at https://www.akamai.com/uk/en/privacy-policies/.
2.14 Salesforce
Salesforce Salescloud. Data that you make available to us via our website (e.g. in newsletter registration or shop registration) are currently stored in the Salesforce Sales Cloud (salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich) Servers in the EU and / or UK and used to send emailings, order confirmations and shipment information. Salesforce undertakes to comply with binding internal data protection regulations in accordance with Art. 46 Paragraph 2 b) and Art. 47 GDPR (so-called binding corporate rules), including when processing data outside the European Union.
Salesforce Marketing Cloud. We use the Salesforce Marketing Cloud to send our newsletters, for automated mailings (e.g. welcome mails) and for advertising campaigns in social networks. For this purpose, the data of the newsletter subscriber is transferred from the Salescloud to the Marketing Cloud. In this context, we use strict authorization concepts and encryption. The data of the Salesforce Marketing Cloud is stored and processed on Salesforce servers in the USA. Salesforce undertakes to comply with binding internal data protection regulations in accordance with Art. 46 Paragraph 2 b) and Art. 47 GDPR (so-called binding corporate rules) to maintain an appropriate level of data protection when processing data outside the European Union. With the help of so-called web beacons and pixels, we receive information on the click behavior of users via the Marketing Cloud. Interaction data is stored directly on the user in the Marketing Cloud so that we can send you targeted advertising, e.g. via social networks. If you do not want this, you have the option of disabling personalized advertising in your account settings on the social networks. You can also use a different e-mail address for the newsletter or your customer account with us than for your social media accounts.
Further information on data processing by Salesforce is available here:
Salesforce privacy policy: https://www.salesforce.com/de/company/privacy/
Documents on Salesforce's compliance with the GDPR, especially when transferring data to third countries such as the USA: https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/Agreements/ EU-Data-Transfer-Mechanisms-FAQ.pdf
3. Transfer and communication of your data to third parties
We never transfer your data to third parties without your consent.
We partly use the support of third companies for electronic data processing. They are reliable service providers we have selected very carefully so that they process your data according to our order. The basis is Article 28 GDPR. Our service providers are, of course, committed to handle the data carefully and only according to our instructions and the applicable data-protection regulations, in particular neither to use the data for their own purposes nor to transfer them to third parties.
Furthermore, there may be individual cases in which we are legally obliged to forward your data by order from an official authority if this is required for the purpose of law enforcement or danger prevention by police or other authorities. The basis for transmission in such cases is Article 6 paragraph 1 point (c) GDPR.
Finally there may be cases in which your data is transmitted to companies associated with ifm electronic gmbh according to the company law (subsidiaries or affiliates) for one of the purposes mentioned in section 2 due to the work distribution within the ifm group of companies.
The purpose of this transmission is to structurally fulfil the tasks arising in the course of pursuit of corporate goals within a group of companies within our group of companies according to our work distribution; the basis is Article 6 paragraph 1 sentence 1 point (f) GDPR.
If in this context personal data is processed outside the countries of the European Economic Area ("EEA"), we protect your personal data by transmitting and processing your personal data within our group of companies only according to the standard data protection clauses defined by the EU Commission following Article 46 paragraph 2 point (c). The standard data protection clauses can be viewed and downloaded at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_de.
4. Your rights
4.1 You have the following rights against us with regard to the personal data concerning you:
- the right of information if and which of your personal data is processed by us,
- right to rectification or erasure of your data,
- right to restriction of processing,
- right to object processing if the basis for this processing is Article 6 paragraph 1 sentence 1 point (f) GDPR and
- right to data portability.
4.2 You also have the right to file a complaint with the data protection supervisory authorities about the processing of your personal data by us.
5. Amendment of this Privacy Notice
We reserve the right to amend this Privacy Notice at any time with future effect. The current version can be accessed on our websites. Please visit our websites regularly and inform yourself about the provisions on data protection in effect.
Date: 24 May 2018