Privacy Policy

Privacy Policy of Sepawa Vereinigung der Seifen-, Parfüm-, Kosmetik- und Waschmittelfachleute e.V.
(Association of Soap, Perfume, Cosmetic and Detergent Professionals)

Privacy Policy

Thank you for your interest in our organisation. We take data protection seriously.

In principle, you can use our website without sharing any personal data. If a data subject wishes to use our organisation’s services via our website, personal data processing may be required. If the processing of personal data is required, and no legal basis for such processing exists, we always obtain the consent of the data subject.

The processing of personal data (e.g., name, address, e-mail address or telephone number of a data subject) always complies with the General Data Protection Regulation (GDPR) and our country-specific data protection regulations.

With the following privacy policy, we would like to inform the public about the nature, extent and purpose of the personal data we collect, use and process. In addition, data subjects are informed of their rights under this privacy policy.

As the controller, we have implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through our website. However, data transmission over the Internet is liable to security gaps, meaning that 100% protection cannot be guaranteed. Therefore, data subjects can, of course, also transmit personal data to us by alternative means, such as by telephone.

 

1. Definitions

This privacy policy is based on the definitions used by the European regulatory authority when adopting the GDPR (Article 4 GDPR). This privacy policy should be easy for anyone to read and understand. To ensure this, we would first like to explain the terminology used. This privacy policy uses, among other things, these definitions:

  • “Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • “Data subject” means any identified or identifiable natural person whose personal data are processed by the data controller.
  • “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • “Restriction of processing” means the marking of stored personal data with the aim of limiting their processing in the future;
  • “Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;
  • “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
  • Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
  • “Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
  • Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

 

2. Name and contact details of the controller

This privacy policy information relates to data processing by:

Controller: Sepawa Vereinigung der Seifen-, Parfüm-, Kosmetik- und Waschmittelfachleute e.V., represented by the executive committee Dr. Horst Lothar Möhle, e-mail: info@sepawa.de, Telephone: +49 (0) 8281 7994024, Fax: +49 (0) 8281 7994050.

 

3. Collection and storage of personal data and the nature and purpose of their use

a) When visiting the website

You can in principle use our website without revealing your identity. When you visit our website, the browser used on your device automatically sends information to our website’s server. This information is temporarily stored in a so-called log file. The following information will be collected without your intervention and stored until automated deletion:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the retrieved file,
  • Website from which access takes place (referrer URL),
  • Browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The data mentioned are processed by us for the following purposes:

  • Ensuring a smooth connection to the website,
  • Ensuring comfortable use of our website,
  • Evaluation of system security and stability, as well as
  • Other administrative purposes.

The legal basis for data processing is Article 6, paragraph 1, page 1, point f of the GDPR. Our legitimate interest is based on the data collection purposes listed above. In no case do we use the data collected for the purpose of drawing conclusions about you.

In addition, we use cookies when you visit our website. You can find additional information on this subject in points 5 and 7 of this privacy policy.

b) When using our contact form

For questions of any kind, we offer you the opportunity to contact us via e-mail. It is necessary to provide a valid e-mail address to enable us to know who the request came from and to answer it. Further information can be provided voluntarily. It is up to you to decide whether you would like to send this information when contacting us.

Data processing for the purpose of contacting us takes place in accordance with Article 6, paragraph 1, page 1, point a of the GDPR, based on your voluntarily granted consent.

 

4. Disclosure of data

A transfer of your personal data from us to third parties will be made exclusively to the service partners involved in the execution of the contract, such as a logistics company commissioned with delivery and a bank responsible for payment matters. In the case of the disclosure of your personal data to third parties, the scope of the data transmitted is limited to the minimum required.

Your personal data are not transferred to third parties for purposes other than those mentioned above.

We will share your personal data with third parties only if:

  • you have given express consent to this in accordance with Article 6, paragraph 1, page 1, point a of the GDPR,
  • the transfer according to Article 6, paragraph 1, page 1, point f of the GDPR is required to establish, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data,
  • there is a legal obligation for transfer according to Article 6, paragraph 1, page 1, point c of the GDPR, and
  • this is permitted by law and, according to Article 6, paragraph 1, page 1, point b of the GDPR, is required for the settlement of contractual relationships with you.

As part of the ordering process, we will obtain your consent to share your information with third parties.

 

5. Use of cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not harm your device and do not contain viruses, Trojans or other malicious software.

The cookie stores information that is particular to each specific device used. This does not, however, give us direct knowledge of your identity.

On the one hand, the use of cookies serves to make the use of our services more pleasant for you. For example, we use so-called session cookies to recognise that you have already visited individual pages on our website. These are automatically deleted after leaving our website.

In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you revisit our website to use our services, it will automatically detect that you have already visited us and what settings and adjustments you selected to avoid the need to repeat these processes.

We also use cookies to statistically measure the use of our website and for the purpose of evaluating how we optimise the services we offer you (see point 7). When you revisit our site, these cookies allow us to automatically recognise that you have previously visited us. These cookies are automatically deleted after a predetermined time.

The data processed by cookies are required for the purposes mentioned for the protection of our legitimate interests, as well as those of third parties, according to Article 6, paragraph 1, page 1, point f of the GDPR.

Most browsers accept cookies automatically, but you can configure your browser to prevent cookies from being stored on your computer or to always notify you before a new cookie is created. However, disabling cookies completely may mean that you cannot use all features of our website.

 

6. Links to third-party websites

The links published on our website are researched and compiled by us with the utmost care. We have, however, no influence on the current and future design and content of linked pages. We are not responsible for the content of linked sites and expressly do not endorse the content of these sites. The provider of the linked website has sole responsibility for any illegal, incorrect or incomplete content, as well as for damage that may result from the use or non-use of the information. Any liability for those who merely point to the publication by means of a link is excluded. We are responsible for external referrals only if we have positive knowledge of them, including any possible illegal or criminal content, and it is technically possible and reasonable for us to prevent their use.

 

7. Analysis and tracking tools

The tracking tools listed below and used by us are based on Article 6, paragraph 1, page 1, point f of the GDPR. The tracking tools used are intended to ensure a needs-oriented design and the continuous optimisation of our website. We also use the tracking tools to statistically measure the use of our website and for the purpose of evaluating how we optimise the services we offer you. These interests are to be regarded as justified within the meaning of the aforementioned provision.

The respective data-processing purposes and data categories can be found in the corresponding tracking tools.

a) Google Analytics

For the purpose of the needs-oriented design and continuous optimisation of our pages, we use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheater Parkway, Mountain View, CA 94043, US; hereafter referred to as “Google”). In this connection, pseudonymised usage profiles are created and cookies used (see point 5). The information generated by the cookie about your use of this website, such as

  • Browser type/version,
  • Operating system used,
  • Referrer URL (the previously visited page),
  • Host name of the accessing computer (IP address),
  • Time of server request,

is transmitted to a Google server in the US and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website and Internet usage for the purposes of market research and tailor-made website design. This information may also be transferred to third parties if required by law or if third parties are commissioned to process these data. Under no circumstances will your IP address be combined with any other data provided by Google. The IP addresses are anonymised to ensure that identification is not possible (IP masking).

You can prevent the installation of cookies by setting the browser software accordingly; however, please note that not all features of our website may be fully usable in that event.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address), as well as the processing of this data by Google, by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).

As an alternative to the browser add-on, especially for browsers on mobile devices, you can prevent data collection by Google Analytics by clicking on the link mentioned above. An opt-out cookie will be set to prevent the future collection of your data when you visit our website. The opt-out cookie is valid only in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

For more information about privacy related to Google Analytics, please use the following link to the Google Analytics Help Center: https://support.google.com/analytics/answer/6004245?hl=en

b) Google adwords conversion tracking

We do not currently use this.

 

8. Social media plugins

We do not currently use these.

 

9. Newsletter subscription

The website operator offers you a newsletter to inform you about current events and offers. If you would like to subscribe to the newsletter, you must enter a valid e-mail address.

 

10. Data subjects’ rights

You have the right:

  • according to Article 15 of the GDPR, to request information about your personal data processed by In particular, you can request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the envisaged retention period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of the right to complain, the source of your data, if not collected by us, and the existence of automated decision-making, including profiling and, where applicable, meaningful information about their details;
  • according to Article 16 of the GDPR, to request the prompt correction of inaccurate data or completion of incomplete personal data stored with us;
  • according to Article 17 of the GDPR, to request the erasure of your personal data held by us, unless the processing is required for the exercise of the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • according to Article 18 of the GDPR, to request restriction of the processing of your personal data, in so far as the accuracy of the information about you is contested, the processing is unlawful, but you oppose erasure and we no longer require the data, however, you require this for the establishment, exercise or defence of legal claims, or in accordance with Article 21 of the GDPR, you have lodged an objection against the processing;
  • according to Article 20 of the GDPR, to receive your personal data provided to us in a structured, commonly used and machine-readable format or to request transmission to another controller;
  • according to Article 7, paragraph 3 of the GDPR, at any time to withdraw the consent you have given us. As a consequence, we would, in the future, no longer be allowed to continue data processing based on this consent and
  • according to Article 77 of the GDPR, to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your habitual residence or your place of work or our organisational headquarters.
  • If you would like to exercise your rights as a data subject, please send an e-mail to datenschutz@sepawa.de, write to Data Protection, Sepawa V., Dorfstr. 40, 86470 Thannhausen, Germany, or telephone +49 (0) 8281/7 99 40-2 4.

 

11. Right to object

If your personal data are processed on the basis of legitimate interests according to Article 6, paragraph 1, page 1, point f of the GDPR, you have the right according to Article 21 of the GDPR to lodge an objection to the processing of your personal data, in so far as there are reasons for this that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without the need to specify any particular situation.

If you would like to exercise your right of revocation or objection, please send an e-mail to datenschutz@sepawa.de, write to Data Protection, Sepawa e. V., Dorfstr. 40, 86470 Thannhausen, Germany, or telephone +49 (0) 8281/7 99 40-24.

 

12. Data security

For visits to our website, we use the widely-used SSL (Secure Socket Layer) process in conjunction with the highest level of encryption that is supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we will instead use 128-bit v3 technology. Whether a given page of our website is encrypted is shown by the closed representation of the key or lock icon in the lower status bar of your browser.

We also take appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are constantly being improved in line with technological developments.

 

13. Currency and modification of this privacy policy

This privacy policy is currently valid and was last updated in May 2018.

As a result of the further development of our website and services offered by this means, or as a consequence of changed legal or official requirements, it may be necessary to amend this privacy policy. The current privacy policy can be retrieved and printed out at any time on our website.



Source/excerpts
: Datenschutzerklärung erstellt durch Rechtsanwalt
Andreas Gerstel (http://www.anwaltblog24.de/)