Sepawa Congress
a

Privacy Policy

Privacy Policy of SEPAWA® Association of Soap, Perfume, Cosmetic and Detergent Professionals e.V.

Thank you for your interest in our organisation. We take data protection seriously.

In principle, you can use our website without sharing any personal data. If a data subject wishes to use our organisation’s services via our website, personal data processing may be required. If the processing of personal data is required, and no legal basis for such processing exists, we always obtain the consent of the data subject.

The processing of personal data (e.g., name, address, e-mail address or telephone number of a data subject) always complies with the General Data Protection Regulation (GDPR) and our country-specific data protection regulations.

With the following privacy policy, we would like to inform the public about the nature, extent and purpose of the personal data we collect, use and process. In addition, data subjects are informed of their rights under this privacy policy.

As the controller, we have implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through our website. However, data transmission over the Internet is liable to security gaps, meaning that 100% protection cannot be guaranteed. Therefore, data subjects can, of course, also transmit personal data to us by alternative means, such as by telephone.

 

1. Definitions

This privacy policy is based on the definitions used by the European regulatory authority when adopting the GDPR (Article 4 GDPR). This privacy policy should be easy for anyone to read and understand. To ensure this, we would first like to explain the terminology used. This privacy policy uses, among other things, these definitions:

  • “Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • “Data subject” means any identified or identifiable natural person whose personal data are processed by the data controller.
  • “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • “Restriction of processing” means the marking of stored personal data with the aim of limiting their processing in the future;
  • “Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;
  • “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
  • Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
  • “Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
  • Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

 

2. Name and contact details of the controller

This privacy policy information relates to data processing by:

Controller: SEPAWA® Vereinigung der Seifen-, Parfüm-, Kosmetik- und Waschmittelfachleute e.V., represented by the executive committee Dr. Hans Jürgen Scholz, e-mail: info@sepawa.de, Telephone: +49 (0) 8281 7994024, Fax: +49 (0) 8281 7994050.

 

3. Collection and storage of personal data and the nature and purpose of their use

a) When visiting the website

You can in principle use our website without revealing your identity. When you visit our website, the browser used on your device automatically sends information to our website’s server. This information is temporarily stored in a so-called log file. The following information will be collected without your intervention and stored until automated deletion:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the retrieved file,
  • Website from which access takes place (referrer URL),
  • Browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The data mentioned are processed by us for the following purposes:

  • Ensuring a smooth connection to the website,
  • Ensuring comfortable use of our website,
  • Evaluation of system security and stability, as well as
  • Other administrative purposes.

The legal basis for data processing is Article 6, paragraph 1, page 1, point f of the GDPR. Our legitimate interest is based on the data collection purposes listed above. In no case do we use the data collected for the purpose of drawing conclusions about you.

In addition, we use cookies when you visit our website. You can find additional information on this subject in points 5 and 7 of this privacy policy.

b) When using our contact form

For questions of any kind, we offer you the opportunity to contact us via e-mail. It is necessary to provide a valid e-mail address to enable us to know who the request came from and to answer it. Further information can be provided voluntarily. It is up to you to decide whether you would like to send this information when contacting us.

Data processing for the purpose of contacting us takes place in accordance with Article 6, paragraph 1, page 1, point a of the GDPR, based on your voluntarily granted consent.

 

4. Disclosure of data

A transfer of your personal data from us to third parties will be made exclusively to the service partners involved in the execution of the contract, such as a logistics company commissioned with delivery and a bank responsible for payment matters. In the case of the disclosure of your personal data to third parties, the scope of the data transmitted is limited to the minimum required.

Your personal data are not transferred to third parties for purposes other than those mentioned above.

We will share your personal data with third parties only if:

  • you have given express consent to this in accordance with Article 6, paragraph 1, page 1, point a of the GDPR,
  • the transfer according to Article 6, paragraph 1, page 1, point f of the GDPR is required to establish, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data,
  • there is a legal obligation for transfer according to Article 6, paragraph 1, page 1, point c of the GDPR, and
  • this is permitted by law and, according to Article 6, paragraph 1, page 1, point b of the GDPR, is required for the settlement of contractual relationships with you.

As part of the ordering process, we will obtain your consent to share your information with third parties.

 

5. Use of cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not harm your device and do not contain viruses, Trojans or other malicious software.

The cookie stores information that is particular to each specific device used. This does not, however, give us direct knowledge of your identity.

On the one hand, the use of cookies serves to make the use of our services more pleasant for you. For example, we use so-called session cookies to recognise that you have already visited individual pages on our website. These are automatically deleted after leaving our website.

In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you revisit our website to use our services, it will automatically detect that you have already visited us and what settings and adjustments you selected to avoid the need to repeat these processes.

We also use cookies to statistically measure the use of our website and for the purpose of evaluating how we optimise the services we offer you (see point 7). When you revisit our site, these cookies allow us to automatically recognise that you have previously visited us. These cookies are automatically deleted after a predetermined time.

The data processed by cookies are required for the purposes mentioned for the protection of our legitimate interests, as well as those of third parties, according to Article 6, paragraph 1, page 1, point f of the GDPR.

Most browsers accept cookies automatically, but you can configure your browser to prevent cookies from being stored on your computer or to always notify you before a new cookie is created. However, disabling cookies completely may mean that you cannot use all features of our website.

Cookie settings

 

6. Links to third-party websites

The links published on our website are researched and compiled by us with the utmost care. We have, however, no influence on the current and future design and content of linked pages. We are not responsible for the content of linked sites and expressly do not endorse the content of these sites. The provider of the linked website has sole responsibility for any illegal, incorrect or incomplete content, as well as for damage that may result from the use or non-use of the information. Any liability for those who merely point to the publication by means of a link is excluded. We are responsible for external referrals only if we have positive knowledge of them, including any possible illegal or criminal content, and it is technically possible and reasonable for us to prevent their use.

 

7. Analysis and tracking tools

The tracking tools listed below and used by us are based on Article 6, paragraph 1, page 1, point f of the GDPR. The tracking tools used are intended to ensure a needs-oriented design and the continuous optimisation of our website. We also use the tracking tools to statistically measure the use of our website and for the purpose of evaluating how we optimise the services we offer you. These interests are to be regarded as justified within the meaning of the aforementioned provision.

The respective data-processing purposes and data categories can be found in the corresponding tracking tools.

a) Google Analytics

For the purpose of the needs-oriented design and continuous optimisation of our pages, we use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheater Parkway, Mountain View, CA 94043, US; hereafter referred to as “Google”). In this connection, pseudonymised usage profiles are created and cookies used (see point 5). The information generated by the cookie about your use of this website, such as

  • Browser type/version,
  • Operating system used,
  • Referrer URL (the previously visited page),
  • Host name of the accessing computer (IP address),
  • Time of server request,

is transmitted to a Google server in the US and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website and Internet usage for the purposes of market research and tailor-made website design. This information may also be transferred to third parties if required by law or if third parties are commissioned to process these data. Under no circumstances will your IP address be combined with any other data provided by Google. The IP addresses are anonymised to ensure that identification is not possible (IP masking).

You can prevent the installation of cookies by setting the browser software accordingly; however, please note that not all features of our website may be fully usable in that event.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address), as well as the processing of this data by Google, by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).

As an alternative to the browser add-on, especially for browsers on mobile devices, you can prevent data collection by Google Analytics by clicking on the link mentioned above. An opt-out cookie will be set to prevent the future collection of your data when you visit our website. The opt-out cookie is valid only in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

For more information about privacy related to Google Analytics, please use the following link to the Google Analytics Help Center: https://support.google.com/analytics/answer/6004245?hl=en

b) Google adwords conversion tracking

We do not currently use this.

 

8. Social media plugins

a) Data protection provisions about the application and use of Facebook

On this website, the controller has integrated components of the enterprise Facebook. Facebook is a social network.

A social network is a place for social meetings on the Internet, an online community, which usually allows users to communicate with each other and interact in a virtual space. A social network may serve as a platform for the exchange of opinions and experiences, or enable the Internet community to provide personal or business-related information. Facebook allows social network users to include the creation of private profiles, upload photos, and network through friend requests.

The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a person lives outside of the United States or Canada, the controller is the Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

With each call-up to one of the individual pages of this Internet website, which is operated by the controller and into which a Facebook component (Facebook plug-ins) was integrated, the web browser on the information technology system of the data subject is automatically prompted to download display of the corresponding Facebook component from Facebook through the Facebook component. An overview of all the Facebook Plug-ins may be accessed under https://developers.facebook.com/docs/plugins/. During the course of this technical procedure, Facebook is made aware of what specific sub-site of our website was visited by the data subject.

If the data subject is logged in at the same time on Facebook, Facebook detects with every call-up to our website by the data subject—and for the entire duration of their stay on our Internet site—which specific sub-site of our Internet page was visited by the data subject. This information is collected through the Facebook component and associated with the respective Facebook account of the data subject. If the data subject clicks on one of the Facebook buttons integrated into our website, e.g. the “Like” button, or if the data subject submits a comment, then Facebook matches this information with the personal Facebook user account of the data subject and stores the personal data.

Facebook always receives, through the Facebook component, information about a visit to our website by the data subject, whenever the data subject is logged in at the same time on Facebook during the time of the call-up to our website. This occurs regardless of whether the data subject clicks on the Facebook component or not. If such a transmission of information to Facebook is not desirable for the data subject, then he or she may prevent this by logging off from their Facebook account before a call-up to our website is made.

The data protection guideline published by Facebook, which is available at https://facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. In addition, it is explained there what setting options Facebook offers to protect the privacy of the data subject. In addition, different configuration options are made available to allow the elimination of data transmission to Facebook. These applications may be used by the data subject to eliminate a data transmission to Facebook.

b) Data protection provisions about the application and use of LinkedIn

The controller has integrated components of the LinkedIn Corporation on this website. LinkedIn is a web-based social network that enables users with existing business contacts to connect and to make new business contacts. Over 400 million registered people in more than 200 countries use LinkedIn. Thus, LinkedIn is currently the largest platform for business contacts and one of the most visited websites in the world.

The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, UNITED STATES. For privacy matters outside of the UNITED STATES LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.

With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which a LinkedIn component (LinkedIn plug-in) was integrated, the Internet browser on the information technology system of the data subject is automatically prompted to the download of a display of the corresponding LinkedIn component of LinkedIn. Further information about the LinkedIn plug-in may be accessed under https://developer.linkedin.com/plugins. During the course of this technical procedure, LinkedIn gains knowledge of what specific sub-page of our website was visited by the data subject.

If the data subject is logged in at the same time on LinkedIn, LinkedIn detects with every call-up to our website by the data subject—and for the entire duration of their stay on our Internet site—which specific sub-page of our Internet page was visited by the data subject. This information is collected through the LinkedIn component and associated with the respective LinkedIn account of the data subject. If the data subject clicks on one of the LinkedIn buttons integrated on our website, then LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores the personal data.

LinkedIn receives information via the LinkedIn component that the data subject has visited our website, provided that the data subject is logged in at LinkedIn at the time of the call-up to our website. This occurs regardless of whether the person clicks on the LinkedIn button or not. If such a transmission of information to LinkedIn is not desirable for the data subject, then he or she may prevent this by logging off from their LinkedIn account before a call-up to our website is made.

LinkedIn provides under https://www.linkedin.com/psettings/guest-controls the possibility to unsubscribe from e-mail messages, SMS messages and targeted ads, as well as the ability to manage ad settings. LinkedIn also uses affiliates such as Eire, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame. The setting of such cookies may be denied under https://www.linkedin.com/legal/cookie-policy. The applicable privacy policy for LinkedIn is available under https://www.linkedin.com/legal/privacy-policy. The LinkedIn Cookie Policy is available under https://www.linkedin.com/legal/cookie-policy.

 

9. Newsletter subscription

The website operator offers you a newsletter to inform you about current events and offers. If you would like to subscribe to the newsletter, you must enter a valid e-mail address.

 

10. Data subjects’ rights

You have the right:

  • according to Article 15 of the GDPR, to request information about your personal data processed by In particular, you can request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the envisaged retention period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of the right to complain, the source of your data, if not collected by us, and the existence of automated decision-making, including profiling and, where applicable, meaningful information about their details;
  • according to Article 16 of the GDPR, to request the prompt correction of inaccurate data or completion of incomplete personal data stored with us;
  • according to Article 17 of the GDPR, to request the erasure of your personal data held by us, unless the processing is required for the exercise of the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • according to Article 18 of the GDPR, to request restriction of the processing of your personal data, in so far as the accuracy of the information about you is contested, the processing is unlawful, but you oppose erasure and we no longer require the data, however, you require this for the establishment, exercise or defence of legal claims, or in accordance with Article 21 of the GDPR, you have lodged an objection against the processing;
  • according to Article 20 of the GDPR, to receive your personal data provided to us in a structured, commonly used and machine-readable format or to request transmission to another controller;
  • according to Article 7, paragraph 3 of the GDPR, at any time to withdraw the consent you have given us. As a consequence, we would, in the future, no longer be allowed to continue data processing based on this consent and
  • according to Article 77 of the GDPR, to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your habitual residence or your place of work or our organisational headquarters.
  • If you would like to exercise your rights as a data subject, please send an e-mail to datenschutz@sepawa.de, write to Data Protection, SEPAWA®  e.V., Dorfstr. 40, 86470 Thannhausen, Germany, or telephone +49 (0) 8281/7 99 40-2 4.

 

11. Right to object

If your personal data are processed on the basis of legitimate interests according to Article 6, paragraph 1, page 1, point f of the GDPR, you have the right according to Article 21 of the GDPR to lodge an objection to the processing of your personal data, in so far as there are reasons for this that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without the need to specify any particular situation.

If you would like to exercise your right of revocation or objection, please send an e-mail to datenschutz@sepawa.de, write to Data Protection, SEPAWA® e. V., Dorfstr. 40, 86470 Thannhausen, Germany, or telephone +49 (0) 8281/7 99 40-24.

 

12. Data security

For visits to our website, we use the widely-used SSL (Secure Socket Layer) process in conjunction with the highest level of encryption that is supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we will instead use 128-bit v3 technology. Whether a given page of our website is encrypted is shown by the closed representation of the key or lock icon in the lower status bar of your browser.

We also take appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are constantly being improved in line with technological developments.

 

13. Currency and modification of this privacy policy

This privacy policy is currently valid and was last updated in May 2018.

As a result of the further development of our website and services offered by this means, or as a consequence of changed legal or official requirements, it may be necessary to amend this privacy policy. The current privacy policy can be retrieved and printed out at any time on our website.


Source/excerpts: Datenschutzerklärung erstellt durch Rechtsanwalt
Andreas Gerstel (http://www.anwaltblog24.de/)