Data protec­tion

Website: www.ferchau.com

The protection of your personal data is important to us and we want you to feel secure when visiting our website. We comply with the provisions of data protection law, in particular the EU General Data Protection Regulation (‘DSGVO’). In this information on data protection, we explain to you what information (including personal data) we process when you visit and use our website www.ferchau.com.

We would like to point out that there may be security gaps in the transmission of data on the Internet (e.g., when communicating by e-mail). It is not possible to protect data completely from access by third parties.

I. Who is responsible for data processing?

The person responsible for the processing of personal data is:
FERCHAU GmbH (‘we’)
Steinmüllerallee 2
51643 Gummersbach
Telephone: +49 2261 5011-0
info@ferchau.com

Contact details of the data protection officer:
Data Protection Officer
FERCHAU GmbH
Steinmüllerallee 2
51643 Gummersbach
Fon +49 2261 5011-0
datenschutz@ferchau.com

II. What data do we process?

You can access our website without providing any personal information directly (e.g., name, postal address, or e-mail address). However, to enable you to access our website, we must collect and store certain information.

1. Log files: We collect information about you when you use this website. We automatically collect information about your usage behaviour and your interaction with us and register data about your computer or mobile device. We collect, store, and use data about every access to our online offer (so-called server log files). The access data includes the name and URL of the file accessed, the date and time of access, the amount of data transferred, the message about successful access (HTTP response code), browser type and version, operating system, referrer URL (i.e., the previously visited page), IP address and the requesting provider. We use this protocol data without assigning it to you personally or otherwise profiling it for statistical evaluations for the purpose of the operation, security, and optimisation of our online offer, but also for the anonymous recording of the number of visitors to our website (traffic) as well as the scope and type of use of our website and services, as well as for accounting purposes to measure the number of clicks received from cooperation partners. This information allows us to provide personalised and location-based content and to analyse traffic, troubleshoot and improve our services. We reserve the right to check the log data retrospectively if there is a justified suspicion of unlawful use based on concrete evidence. We store IP addresses in the log files for a limited period if this is necessary for security purposes or for a service provision. We also store IP addresses if we have a concrete suspicion of a criminal offence in connection with the use of our website. In addition, we store the date of your last visit at some points (e.g., when registering, logging in, clicking on links, etc.).
2. E-mail newsletter: On our website we offer you the possibility to order our e-mail newsletter. The information required for this is listed in the order form; this usually includes your first and last name, company, function, country of origin and e-mail address. Mandatory fields are marked accordingly.
3. Contacting us: If you contact us via one of the options offered on our website, we will process all personal data contained and specified in your message to process and respond to your enquiry.
4. Cookies: We use cookies to make our offer as user-friendly as possible. Cookies are small text files that are stored by your internet browser. With the help of these files, we can recognise the preferences of our visitors when they browse the website and design our website accordingly. Most of the cookies we use are called session cookies. They are automatically deleted when you leave the website. The ‘lbpersistence’ cookie is used to control load balancing on our servers. We also use permanent cookies. No personal data is collected via our cookies; they are also not suitable for making you identifiable on third-party websites, unless otherwise stated in this data protection declaration regarding specific tools. You can adjust your browser settings to notify you when cookies are set. In this way, the use of cookies becomes transparent for you. You can generally reject cookies via your browser settings. However, this may mean that you cannot use all the functions of our website.
5. Website analytics with Google Analytics: On our website, we also use Google Analytics, a web analytics service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (‘Google’), to help us continuously improve our website. Google Analytics also uses cookies that are stored on your computer and enable an analysis of the use of this website. The website uses an enhanced version of Google Analytics for the purpose of anonymised collection of IP addresses (also known as IP masking). Google will use the data collected on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity, and providing other services relating to website activity on our behalf. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google. You can deactivate the storage of cookies by changing the corresponding settings of your browser software. Please note that in this case you may not be able to use all the functions of the website to their full extent. You can also prevent the data generated by the cookie regarding your use of this website (including your IP address) from being recorded and transmitted to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: tools.google.com; an opt-out cookie will then be installed which prevents the collection of your data when visiting this website. Further information on data protection at Google Analytics is available at the following links: www.google.com/analytics and www.google.com/privacyoverview.html.
6. Marketing activities: When visiting our website, cookies are sometimes set by the technology of Google Inc (‘Google’), which are used for general marketing, retargeting and statistical purposes. These cookies can be used to trigger personalised advertising on external websites. In this process, too, we generate only anonymised user data. Most browsers are automatically set to accept cookies. However, if you wish, you can configure your browser to restrict or completely block cookies by changing your browser settings.
   1. Moccabirds Conversion Tracking: This website uses Moccabirds Conversion Tracking, a service provided by Moccabirds GmbH, Sichelstr. 6, 54290 Trier, Germany. Here, the conversion rate (applications submitted) is measured by means of a tracking pixel (gtag). The results cannot be traced back to a natural person.
7. Customer Relationship Management (CRM): Data that you provide to us via our website (e.g., in application forms, consent queries) is currently used in the Salesforce Sales Cloud (salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich) on servers in Germany and France to handle sales and recruiting processes. The data in the Salesforce Sales Cloud is used exclusively by us. The processing of your data in the Salesforce Sales Cloud is based, where relevant, on our legitimate interest in using a CRM system in accordance with Article 6 (1) f) EU-DSGVO, otherwise on your consent in accordance with Article 6 (1) sentence 1 a) EU-DSGVO.
8. Plug-ins and tools
   1. YouTube: Our website uses plug-ins provided by the website operated by Google: YouTube. The sites are operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This transmits to the YouTube server which pages of our website you have visited. If you have logged into your YouTube account, you enable YouTube to link your surfing habits directly to your personal profile. You can prevent this by logging out of your YouTube account. For more information on the handling of user data, please refer to YouTube’s privacy policy at: www.google.de/privacy.
   2. Google Web Fonts: This website uses web fonts from Google to ensure a consistent display of fonts. When a page is called up, your browser loads the necessary web fonts into your browser cache so that texts and fonts are displayed correctly. For this purpose, web fonts are stored on our servers. No data is transmitted to Google. If your browser does not support web fonts, a standard font from your computer will be used. Further information about web fonts from Google is available at https://developers.google.com/fonts and under Google's data protection notice: www.google.com/privacy.
   3. Google Maps: This website uses the mapping service Google Maps via an API. Google Maps is provided by Google. Your IP address must be stored for you to use the functions of Google Maps. This data is usually transferred to a Google server in the USA and stored there. The operator of this website has no influence on this data transfer. For further information on the handling of user data, please refer to Google’s data protection notice: www.google.de/privacy.
   4. Pingdom: This website uses Pingdom, a tool for measuring the performance of websites. The tool is provided by Solarwinds Software Europe Ltd, Unit 1101, Building 1000, City Gate, Mahon, Cork, Ireland. Pingdom stores certain information about the visitor's surfing behaviour locally on the visitor's computer, including a session ID, information about the browser used, visiting times and whether the visitor has visited the site before within 30 days. This information cannot be linked to natural persons but is only used for the purpose of anonymous evaluations of the website's performance, including website loading time, active sessions, users by country, platform (desktop, phone, tablet), browser, most visited pages. Further information on this can be found at https://help.pingdom.com.
9. Links to other websites: Our website also provides links to other offers (including our online presence on Facebook, YouTube, Google+, LinkedIn and Instagram). These links are not ‘social plug-ins’ (i.e., buttons that allow the operator providing the corresponding offer to already collect information about the users of our website when they access our website). However, please note that when you access this other offer, information (possibly including personal data) about your visit may be collected by the operator of this offer. Further information can be found in the data protection notice of the operator of the relevant offer.

III. For what purposes and on what legal basis do we process your data?

1. The personal data possibly contained in the log files are processed to enable you to use our website; the processing is carried out in accordance with Section 15 (1) of the German Telemedia Act (TMG), and Article 6 (1) f) of the German Data Protection Act (DSGVO) to protect our legitimate interest in operating our website.
2. The data collected via cookies (including web analytics services, plug-ins, and tools) and the pseudonymised user profiles are processed for advertising and market research purposes and for the purpose of user-friendly design of our website based on Section 15 (3) of the TMG and Article 6 (1) f) of the DSGVO to protect our legitimate interest in analysing the use and user-friendly design of our website.
3. The data provided in connection with the subscription to the newsletter is processed based on Article 6 (1) a) DSGVO (consent).
4. Data processing in the context of responding to an enquiry is based on Article 6 (1) f) DSGVO to protect our legitimate interest in establishing and maintaining business contacts. Insofar as your enquiry relates to the conclusion of a contract or to pre-contractual measures, we process your personal data based on Article 6 (1) b) DSGVO, and in the context of employment relationships based on Section 26 BDSG.
5. We may process personal data in connection with your use of our website to comply with legal obligations to which we are subject; this is based on Article 6(1)(c) DSGVO.
6. Where appropriate, we process personal data, in addition to the purposes above, to protect our legitimate interests or those of third parties; this is based on Article 6 (1) f) DSGVO. Our legitimate interests include the assertion of legal claims and the defence of our interests in legal disputes, the prevention and investigation of criminal offences and the management and further development of our business activities, including risk management.

IV. Do I have to provide data?

The information required for ordering the newsletter is marked as mandatory in the relevant area of this website (e.g., in the corresponding online form). To respond to a request, we require at least your name and contact details (e.g., postal address or email address). We cannot process a request if the mandatory information is not provided.

We will inform you while collecting additional personal data whether its provision is based on a legal or contractual obligation or required for the conclusion of a contract. In this regard, we usually mark the information that can be provided voluntarily and whose provision is not obligatory or not necessary for concluding a contract.

V. Who is the recipient of my data?

As a rule, your personal data is processed within our company. Depending on the type of personal data, only certain departments / organisational units have access to your personal data. A role and authorisation concept limits access within our company to the functions required for the respective processing purpose and to the scope required in this respect.

To the extent permitted by law, we may also disclose your personal data to third parties outside our company. These external recipients may include the following:

• Companies belonging to our group, insofar as they are involved in the processing of enquiries or orders,
• service providers we engage to provide services under a separate contract, which may include the processing of personal data, and any subcontractors engaged by our service providers with our consent,
• shipping companies involved in the processing of your order,
• credit institutions involved in the processing of payments,
• non-public and public bodies, insofar as we are legally obliged to transmit your personal data.

VI. Is automated decision making used?

In connection with the operation of our website, we do not usually use automated decision-making (including profiling) within the meaning of Article 22 of the DSGVO. If we use such procedures in special cases, we will inform you separately to the extent provided for by law.

VII. Is data transferred to countries outside the EU / EEA?

As part of our web analytics services, plug-ins, and tools, as well as in connection with the use of our website and contacting us, information may be transferred to recipients in ‘third countries’, in particular the USA. ‘Third countries’ are countries outside the European Union or the European Economic Area where it cannot be assumed that the level of data protection is comparable to that of the European Union. Insofar as the information transferred includes personal data and we are not legally obliged to transfer the data, we will ensure before a transfer that the required level of data protection is complied with in the respective third country or by the recipient there. This can be done in the form of an ‘adequacy decision’ by the European Commission, which ensures that an adequate level of data protection has been established for a specific third country (e.g., Israel). Alternatively, we may also transfer data based on ‘EU standard contractual clauses’ agreed with a recipient or for recipients in the USA, if and to the extent that this is required under applicable data protection laws. Upon request, we will be happy to provide you with further information on the safeguards for compliance with an adequate level of data protection; the relevant contact details can be found at the top of this page. Please visit eur-lex.europa.eu for information on the EU standard contractual clauses; information on the adequacy decisions can be found on https://ec.europa.eu.

VIII. For how long will my data be stored?

As a rule, we store your personal data if we have a legitimate interest in storing it and this interest outweighs your interest in discontinuing the storage. We may continue to store the data even without a legitimate interest if we are legally obliged to do so (e.g., to fulfil archiving obligations). We delete your personal data without your intervention as soon as the data is no longer required to fulfil the purpose of processing, or its storage is otherwise prohibited by law.

The personal data that we must store to fulfil archiving requirements will be stored until the expiry of the respective archiving obligation. Insofar as we store personal data only for the purpose of fulfilling archiving obligations, the data is generally blocked so that it can only be accessed if it is necessary for the purpose of the archiving obligation.

IX. What rights do I have?

The following rights apply only to:

• users in the EU whose personal data we process as described above, provided that the processing activities are related to the offering of goods or services or that the conduct of monitored users takes place within the EU
• users whose personal data is processed during FERCHAU GmbH’s activities, regardless of whether the processing takes place in the EU.

a) The right to object under Article 21 DSGVO

You have the right to object at any time to the processing of your personal data based on Article 6(1)(e) or (1)(f) DSGVO on grounds relating to your situation; this also applies to profiling based on these provisions. If you object to the processing, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defence of legal claims.

If we process your personal data for direct marketing purposes, you are entitled to object at any time; this also applies to profiling insofar as this is related to direct marketing. If you object to processing for direct marketing, the personal data will no longer be processed for these purposes.

b) Further rights

You have the following rights regarding your data:

• Information about your stored personal data, Article 15 DSGVO.
• Correction of incorrect or incomplete data, Article 16 DSGVO
• Deletion of personal data, Article 17 DSGVO
• Restriction of processing, Article 18 DSGVO and
• Data portability, Article 20 DSGVO

You may withdraw your consent to the data processing granted to us at any time with effect for the future. A notification by e-mail is sufficient for this purpose. The lawfulness of any data processing carried out before your revocation remains unaffected by the revocation. Furthermore, data processing may continue despite your withdrawal of consent if another legal basis (e.g., Article 6(1)(b) DSGVO or Article 6(1)(f) DSGVO) has been demonstrated.

You may contact us at any time (e.g., via one of the options listed at the top of this page) regarding your data security. In addition, you have the right to lodge a complaint with the supervisory authority responsible for data protection, Article 77 DSGVO.