Data protec­tion policy

Information on the protection of personal data in application of the European Regulation on the protection of personal data (RGPD) in relation to access to and use of the Website in France: www.ferchau.com.

The protection of your personal data is a priority for us and we want you to feel safe when visiting our website. We comply with the provisions of data protection laws, in particular the EU Data Protection Regulation EU 2016/679 of the European Parliament and of the Council of Europe of 27 April 2016 (RGPD) and all laws and regulations in force in France relating to personal data and, in particular, Law 78-17 of 6 January 1978, known as the "Loi informatique et libertés".

With this data protection information we inform you which information (including personal data) we collect and process directly or indirectly when you visit and browse our website www.ferchau.com (hereinafter the "Website").

We use organizational and technical measures, including software and physical security features and procedures, as well as training for our employees, to protect personal data from alteration, destruction, disclosure and unauthorized access. In addition, we have security measures in place to ensure that data transmitted to our contractors remains protected by appropriate technical and organizational measures. However, please note that the Internet is not a completely secure environment and we cannot fully guarantee the security of any transmission or storage of such information. In any case, we draw your attention to the risks associated with the dissemination of personal data via electronic communications networks.

I. Who is responsible for the processing of the data?

The controller of the processing of personal data of users of the website www.ferchau.com is FERCHAU GmbH, a company incorporated under German law (in this document: "we").

FERCHAU GmbH
Steinmüllerallee 2, D- 51643 Gummersbach, Germany
Phone: +49 2261 5011-0
privacy@ferchau.com

The duties of the Data Protection Officer ("DPO") shall be performed by

ABLE Management Services Ltd.
Steinmüllerallee 2, D - 51643 Gummersbach, Germany
Phone: +49 2261 5011-0
privacy@ferchau.com

FERCHAU GmbH is a member of the ABLE Group. If you contact our group and your request concerns a service or project in France, your data may be transferred to the company FERCHAU France SAS, 4 rue Farman, Bâtiment D, 31700 Blagnac, France, (RCS Toulouse 484 083 456). If you would like to know more about the processing of personal data by the latter, you can consult our privacy notice for business partners.

II. What data do we process?

You can access, use and browse our website without providing any direct personal information (such as your name, postal address or email address). However, in order for you to access and use our website, we need to collect and store certain information.

1. Log files and login data

We collect information about you when you use this Website. We automatically collect information about your usage behavior and your interaction with us and store data on your computer or mobile device. We collect, store and process data about each access to our online offer ("server log files"). The access data includes the name and URL of the accessed file, date and time of access, amount of data transferred, notification of successful access (HTTP response code), browser type and version, operating system, referrer URL (the previously visited page), IP address and the requesting provider. We use this log data without your assignment or profiling for statistical evaluations for the purpose of the operation, security and optimization of our online offer, but also to anonymously record the number of visitors to our website (traffic) and the extent and type of use of our website and services, as well as for billing purposes to measure the number of clicks from cooperation partners. Based on this information, we can provide personalized, anonymized and localized content, analyze traffic, troubleshoot and improve our services. We reserve the right to check the log data retrospectively if there is reasonable suspicion of unlawful use based on concrete indications. We store IP addresses in the log files for a limited period of time if this is necessary for security purposes or for the provision of services. We also store IP addresses if we have a concrete suspicion of a criminal offense in connection with the use of our website. We also store the date of your last visit (e.g. when registering, logging in, clicking on links, etc.).

2. Electronic newsletter

On our website we offer you the possibility to order or subscribe to our electronic newsletter. The information required for this is specified in the order or registration form and usually includes your first and last name, your company, your position, your country of origin and your e-mail address. Mandatory fields are marked with an asterisk. The personal data collected is used for the administration and dispatch of the newsletter as well as for the management of subscriptions.

3. Contact

If you contact us through one of the options offered on our website, we will process any personal data included and provided in your message in order to process and respond to your request and to enable contact management and the compilation of statistics related to this service. The information required for this purpose is indicated in the contact form; it generally includes your first and last name, company, position, country of origin and email address. Required fields are marked with an asterisk. 

4. Cookies

We use cookies to make our offer as user-friendly as possible. Cookies are small files that are stored by your internet browser. With the help of these files, we can recognize the preferences of our visitors while surfing the website and design our website accordingly. Most of the cookies we use are so-called session cookies. They are automatically deleted when you leave the website. We also use permanent cookies. Our cookies do not collect personal data, nor are they tailored to make you identifiable on third-party websites, unless otherwise stated in this privacy policy for specific tools. You can set your browser to notify you when cookies are set. This will make the use of cookies transparent to you. You can object to the use of cookies via your browser settings. However, this may result in you not being able to use all the functions of our website. For more information, please refer to our "Cookies" policy.

5. Website analytics with Google Analytics

On our website, we also use Google Analytics, a web analytics service provided by Google Inc, 1600 Amphitheatre Park-way, Mountain View, CA 94043, USA ("Google"), to constantly improve our website. Google Analytics also uses cookies that are stored on your computer and allow an analysis of the use of this website. The website uses an enhanced version of Google Analytics to collect IP addresses anonymously (also known as "IP masing"). On our behalf, Google will use the data collected to evaluate your use of our website, compile reports on website activity and provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. You can disable the storage of cookies by changing the appropriate settings in your browser software. We would like to point out that in this case you may not be able to use all functions of the website to their full extent. You can also prevent the storage of the data generated by the cookie and related to your use of the website (including your IP address) to Google. You can prevent the collection of the data generated by the cookie and related to your use of the website (incl. your IP address) to Google as well as the processing of this data by Google by downloading and installing the browser plugin available at http://tools.google.com/dlpage/gaoptout?hl=fr, which sets a logout cookie that prevents the collection of your data during your visit to this website. For more information on Google Analytics privacy, please see the following link: http://www.google.com/analytics/terms/fr.html and http://www.google.com/intl/de/analytics/privacyoverview.html.

6. Marketing activities

When you visit our website, cookies are set by Google Inc ("Google") technologies for general marketing, retargeting and statistical purposes. These cookies can trigger personalized advertising on external websites. This process also allows us to generate anonymous user data only. Most browsers are automatically set to accept cookies. However, if you wish, you can configure your browser to restrict or completely block cookies.

Moccabirds Conversion Tracking: This website uses Moccabirds Conversion Tracking, a service of Moccabirds GmbH, Sicherlstr. 6, 54290 Trier (Germany). The conversion rate (submitted requests) is measured by a tracking pixel (gtag). We cannot associate these results with a natural person.

7. customer relationship management ("CRM"):

The data you provide to us via our website (e.g. via the application form, declaration of consent) is currently used in the Salesforce Sales Cloud (salesforce.com Germany GmbH, Erika-Mann-Str.31, D-80636 Munich, Germany) on servers in France and Germany to handle sales and recruitment processes.

The processing of your data in Salesforce Sales Cloud is based, to the extent compatible with the GDPR, on our legitimate interest in carrying out a CRM process pursuant to Article 6(1)(f) of the GDPR or on your consent pursuant to Article 6(1)(a) of the GDPR.   

8. plug-ins and tools

8.1 YouTube

Our website uses plug-ins provided by the website operated by Google: YouTube.  The pages are operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plug-in, a connection to YouTube's servers is established. In this way, the YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to link your browsing habits directly to your personal profile. You can prevent this by logging out of your YouTube account. For more information on how YouTube handles user data, see YouTube's privacy policy at: Enter the exact address (the following address may not be correct): policies.google.com/privacy?hl=en

8.2 Google Web Fonts

This website uses Google Fonts to ensure consistency in the display of fonts. When a page is accessed, your browser loads the required web fonts into your browser's cache to ensure that the text and fonts are displayed correctly. The web fonts are stored on our servers for this purpose. No data is transmitted to Google. If your browser does not support web fonts, a standard font from your computer will be used. You can find more information about Google's web fonts at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?fg=1. 

8.3 Google Maps

This website uses the services of Google Maps via an API. Google Maps is provided by Google. In order for you to use the functions of Google Maps, your IP address must be recorded. This data is usually transferred to a Google server in the USA and stored there. The operator of this website has no influence on this data transmission. For more information on the processing of user data, please refer to Google's privacy policy: https://developers.google.com/fonts/faq.

8.4 Pingdom

This website uses Pingdom, a tool for measuring website performance. The tool is provided by Solarwinds Software Europe Ltd, Unit 1101, Building 1000, City Gate, Mahon, Cork, Ireland. Pingdom stores certain information about the visitor's browsing behavior locally on the visitor's computer, including a session ID, information about the browser used, the time of the visit, and information about whether the visitor has visited the website in the last 30 days. This information cannot be linked to individuals, but is only used to anonymously evaluate website performance, including website load time, active sessions, users by country, platform (desktop, phone, tablet), browser, and most visited pages. For more information, please visit https://help.pingdom.com/hc/en-us/articles/360000903629-What-information-does-Visitor-Insight-store-in-your-visitors-browsers.

9. Links to other websites

Our website also contains links to other offerings (including our online presence on Facebook, YouTube, Google+, LinkedIn and Instagram). These links are not "social plug-ins" (i.e. buttons that allow the operator of the offer to collect information about the users of our website once they access our site). However, please note that information (including any personal data) about your visit may be collected by the operator of the respective offer when you access it. For more information, please refer to the privacy policy of the operator of the respective offer.

III. for what purposes and on what legal basis do we process your data?

We use your personal data only in the cases provided for in the applicable regulations:

• the performance of a contract we have entered into with you, and/or
• Fulfillment of a legal obligation and/or
• Your consent to the use of your data and/or
• The existence of a legitimate interest in the use of your data. A legitimate interest is a set of commercial or business reasons that justify the use of your data.

1. The personal data contained in the log files are processed to enable you to use our website; the processing is carried out in accordance with Art. 5 et seq. of the Data Protection Act and Art. 6 para. 1 f) of the DSGVO to protect our legitimate interest in operating our website.
2. The data collected through cookies (including web analytics services, plugins and tools) and pseudonymized usage profiles are processed for the purposes of advertising and market research as well as for the needs-based design of our website on the basis of Art. 5 ff DSGVO and Art. 6 para. 1 lit. f DSGVO to protect our legitimate interests in analyzing the use and needs-based design of our website.
3. The data provided when ordering the newsletter are processed on the basis of Article 6(1)(a) of the DSGVO in order to enable the management and sending of the newsletter. 
4. The processing of data in the context of responding to an inquiry is based on Article 6(1)(f) GDPR to protect our legitimate interest in initiating and maintaining business contacts. Insofar as your inquiry concerns the conclusion of a contract or pre-contractual measures, we process your personal data on the basis of Article 6(1)(b) GDPR, in the context of an employment relationship on the basis of Article 5 et seq. of the "Loi informatique et libertés".
5. In connection with your use of our website, we may also process personal data to comply with legal obligations to which we are subject under Article 6(1)(c) of the GDPR.
6. Where necessary, we may process personal data not only for the purposes set out above, but also to protect our legitimate interests or the interests of third parties, where this is done in accordance with Article 6(1)(f) of the GDPR. Our legitimate interests include the assertion of rights and the defense of our interests in legal disputes, the prevention and investigation of criminal offences, and the management and development of our business activities, including risk management.

IV. Do I have to provide data?

The information required to order the newsletter or to contact us is marked as mandatory in the relevant area of this website (e.g. in the corresponding online form). In order to be able to answer a request sent to us, we need at least your name and information on how to contact you (e.g. your postal address or e-mail address). If the required data or information is not provided, we will not be able to process your request.

If we collect further personal data from you, we will inform you when collecting your data whether the provision of this data is based on a legal or contractual obligation or is necessary for the conclusion of a contract. In doing so, we generally distinguish between information that can be provided voluntarily and information whose provision is not based on the aforementioned obligations or is not required for the conclusion of a contract.

V. My data, for whom is it intended?

Your personal data is generally processed within our company. Depending on the type of personal data, only certain departments/organizational units have access to your personal data. A division of roles and authorizations within our company limits access to the necessary functions and scope.

To the extent permitted by law and regulation, we may also share your personal information with third parties outside of our company. External recipients may include the following persons 

• Companies that belong to our group, if they are involved in the processing of inquiries or orders,
• Service providers engaged by us to provide services to us on the basis of a separate contract, which may include the processing of personal data, and any subcontractors engaged by our service providers with our consent,
• The carriers involved in processing your order,
• Credit institutions involved in the processing of payments,
• Public and non-public bodies, insofar as we are obliged to transfer your personal data due to legal obligations.

Our company only shares personal data in accordance with applicable regulations. When we share personal data, we ensure that we have appropriate contractual arrangements and security measures in place to protect the data in accordance with applicable regulations and our privacy and security standards.

VI. is automated decision making used?

When operating our website, we generally do not use automated decision-making processes (including profiling) within the meaning of Article 22 of the GDPR. If we use such processes in certain cases, we will inform you separately under the conditions provided for in the applicable laws or regulations.

VII. Is data transferred to countries outside the EU/EEA?

As part of our services, plug-ins and web analytics tools, as well as in the course of using our website and contacting us, information may be transferred to recipients in "third countries", in particular the United States. Third countries" are countries outside the European Union or the European Economic Area in which it cannot be readily assumed that the level of data protection is comparable to that in the European Union. Insofar as the information transferred is personal data and we are not obliged to transfer the data due to a legal obligation, we will satisfy ourselves prior to a transfer that the required adequate level of data protection is complied with in the third country concerned or at the recipient in this third country. In particular, this may take the form of an "adequacy decision" issued by the European Commission, which guarantees that an adequate level of data protection has been established for a particular third country. Such an adequacy decision exists for Israel. We may also transfer data, in particular on the basis of EU-approved "standard contractual clauses" agreed with or for recipients in the United States, to the extent and for as long as required under applicable data protection laws. Upon request, we will provide you with additional information about appropriate and adequate safeguards to ensure an adequate level of data protection; the contact information can be found at the beginning of this Privacy Notice. Information on the EU standard contractual clauses can be found at: www.cnil.fr/fr/les-clauses-contractuelles-types-de-la-commision-europeenne and information on adequacy checks can be found at: https://ec.europa.eu.

VIII. How long will my data be stored?

We undertake to keep your personal data for a limited and reasonable period of time, not exceeding the period necessary for the purposes for which they are processed.
Personal data will be kept for as long as necessary to fulfill the purposes mentioned below, in particular to comply with legal obligations.

• Connection, navigation and traffic data are stored for a maximum of one year in accordance with legal requirements;
• The data relating to your subscription to our newsletter will be stored for the duration of your subscription to our newsletter;
• Personal data used for the purpose of initiating business shall be retained for a period of three years after termination of the business relationship.

It should be noted that all such personal data may, however, be kept for longer than the above-mentioned periods: 

• or after obtaining your consent; 
• as long as we have a legitimate interest in storing it and this interest outweighs your interest in ending this storage.

We may continue to store data without a legitimate interest if we are legally obliged to do so (e.g. to fulfill archiving obligations). We delete your personal data without your intervention as soon as the data is no longer required for the purpose of processing or as soon as its storage is no longer permitted by law.

Personal data that we must retain to fulfill our archiving obligations will be retained until the archiving obligation has expired. Insofar as we store personal data only to fulfill archiving obligations, the data is generally blocked so that access is only possible if this is necessary for the purpose of the archiving obligation.

IX. What rights do I have?

The following rights apply only to:

• For individuals in the EU for whom we process personal data as described above, provided that the processing is related to the provision of products or services or that the behavior of data subjects in the EU is monitored. 
• For individuals whose personal data is processed in the course of the company's business, regardless of whether the processing takes place in the EU or not.

a) The right to object under Article 21 of the General Data Protection Regulation

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions. If you object to the processing, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of legal claims. However, please note that such an objection or withdrawal of consent may affect your ability to access or use our website.

If we process your personal data for marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing purposes, including profiling, to the extent it is related to such marketing. If you object to the processing for marketing purposes, your personal data will no longer be processed for such purposes.

b) Other rights

As a data subject, you have the following rights:

• Information about your personal data, Article 15 of the GDPR
• Correction of incorrect or incomplete data, Article 16 of the General Data Protection Regulation
• Erasure of personal data, Article 17 of the GDPR
• Restriction of processing, Article 18 of the General Data Protection Regulation
• Data portability, Article 20 of the GDPR

You can revoke your consent to data processing at any time for the future. To do so, simply send a message by e-mail to the following address: privacy@ferchau.com. Data processing that took place before the time of your revocation remains lawful. We would like to point out that data processing may continue despite the withdrawal of your consent if there is another legal basis (e.g. Article 6(1)(b) of the General Data Protection Regulation or Article 6(1)(f) of the General Data Protection Regulation).

To exercise your rights, you can contact us at any time, e.g. via one of the contact options listed above in this privacy notice.

In addition, you have the right to lodge a complaint with the authority responsible for data protection (Article 77 of the GDPR), in particular the CNIL in France.

This statement will be updated periodically to be consistent with our practices and services and to comply with applicable regulations regarding the protection of personal information. Any material changes to our privacy policy will be brought to your attention.