Data protection

I. Privacy policy under the GDPR

1. Name and address of the controller

For the purposes of the EU General Data Protection Regulation (“GDPR”), other national data protection laws of the member states, and other data protection legislation, the controller is:

Felix Solingen GmbH
An den Eichen 6
42699 Solingen
Telephone: +49 212 23140-300
email: info@felix-solingen.com

2. Name and address of the data protection officer

The controller’s data protection officer is:
Jens Maleikat
Bohnen IT GmbH
Hastener Strasse 2
42349 Wuppertal
Phone: +49 (202) 24755 - 24
Email: jm@bohnensecurity.it
Website: www.bohnensecurity.it

3. SUPERVISORY AUTHORITY

If you believe Felix Solingen GmbH is processing your personal data unlawfully, you can lodge a complaint with any data protection supervisory authority. The competent supervisory authority in accordance with Art. 55 GDPR is the
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (State Commissioner for the Protection of Data and Freedom of Information for North Rhine-Westphalia)
PO box 20 04 44
40102 Düsseldorf
Tel.: 0211/38424-0
Fax: 0211/38424-10
Email: poststelle@ldi.nrw.de

4. YOUR RIGHTS

Under statutory provisions, you have the right as a data subject to obtain information at no charge about your data that Felix Solingen GmbH is storing.
Beyond this, you may assert your rights to rectification, erasure, restriction of processing, or objection (see Section VII below.) toward Felix Solingen GmbH at any time. This also applies to a right to data portability.
If you have given us your personal data based on consent, you may withdraw that consent at any time, with effect for the future.

II. Purpose, scope, and legal basis for processing data for an online presence

1. Online presence

a) Description and scope of data processing

As a general principle, we collect and use our users’ personal data only to the extent necessary to provide a functional website along with our contents and services. We collect those data periodically, but only with our users’ consent, unless obtaining prior consent is impractical and the data processing is permitted by law.

b) Legal basis for processing personal data

If the data subject consents to having its personal data processed, the legal basis is Art. 6(1)(1)(a) GDPR. If the processing is necessary to execute a contract to which the data subject is party, or to carry out pre-contractual measures, the legal basis is Art. 6(1)(1)(b) GDPR; if it is necessary to fulfil a legal obligation to which our company is subject, the legal basis is Art. 6(1)(1)(c) GDPR; if it is necessary to protect vital interests of the data subject or another natural person, the legal basis is Art. 6(1)(1)(d) GDPR; if it is necessary to safeguard a legitimate interest of our company or a third party and that interest is not outweighed by the data subject’s interests, fundamental rights, and freedoms, the legal basis is Art. 6(1)(1)(f) GDPR.

c) Data deletion and storage duration

The data subject’s personal data will be erased or blocked as soon as the purpose for storing them no longer applies. Furthermore, data may be stored if this has been provided for by the European or national legislature in Union regulations, laws, or other regulations to which the controller is subject. Data will be blocked or erased when a storage period prescribed by the above-mentioned standards expires, unless the data must be stored to enter into or execute a contract.

2. Providing the website and creating log files

a) Description and scope of data processing

Whenever our website is called up, our system automatically collects data and information from the system of the calling computer.
The following data are collected:
Information on the type of browser and version used
The user's operating system
The user's internet service provider
The host name of the computer accessing the site
Date and time of access
Web sites from which the user's system accesses our website
Web sites that are accessed by the user's system via our website
The data are also stored in our system’s log files, but not together with other personal data concerning the user.

b) Legal basis for data processing

Storing data and log files temporarily is legally based on Art. 6(1)(1)(f) GDPR.

c) Purpose of data processing

The system must store the IP address temporarily (for the duration of the session) so the website can be delivered to the user's computer.
The IP address is stored in log files to ensure the functionality of the website. In addition, the data help us optimise the website and ensure the security of our IT systems. The data are not evaluated for marketing purposes within this context.
These purposes also constitute our legitimate interest in data processing under Art. 6(1)(1)(f) GDPR.

d) Duration of storage

The data will be deleted when no longer necessary for the purpose for which they were collected. If data are collected to provide the website, they will be deleted when the session is over.
If the data are stored in log files, they will be deleted after seven days at the latest. They might be stored beyond this point, in which case the users’ IP addresses will be deleted or made unrecognizable so that they cannot be allocated to the calling client.

e) Possibility of opposition and removal

For the website to operate, data must be collected to provide the website and stored in log files, so the user may not object to either.

3. Use of cookies

a) Description and scope of data processing

Our website uses cookies: text files that are stored in or by the browser on the user's computer system. If a user calls up a website, a cookie can be stored on their operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
The following data are stored and transmitted in the cookies:
(1) language settings (this cookie is mandatory and therefore set automatically)
(2) items in a shopping basket
(3) login information
We also use cookies on our website that allow us to analyse our users’ surfing behaviour. The following data can be transmitted in this way:
(1) search terms entered
(2) frequency of page views
(3) use of website functions
When accessing our website, users are informed by an info banner about the use of cookies for analysis purposes, referred to this privacy policy, and told how to change their browser settings to prevent cookies from being stored.

b) Legal basis for data processing

Processing personal data using cookies is legally based on Art. 6(1)(1)(f) GDPR.

c) Purpose of data processing

We use technically necessary cookies to make the websites more user-friendly. Some functions of our website cannot be offered without the use of cookies. For those functions, the browser must be recognised even after the page is changed.
We require cookies for the following applications:
(1) shopping cart
(2) adoption of language settings
(3) remembering search terms
The user data collected by technically necessary cookies are not used to create user profiles.
We use analysis cookies to improve the quality of our website and its contents and to find out how the website is used so we can constantly optimise our services.
Those purposes also constitute our legitimate interest in processing personal data in accordance with Art. 6(1)(1)(f) GDPR.

d) Duration of storage, possibility of objection and removal

Cookies are stored on the user's computer, which transmits them to our site. So as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies already stored can be deleted at any time, including automatically. But if cookies for our website are deactivated, it might not be possible to use all the website’s functions to their full extent.

4. Use of video platforms

a) Description and scope of data processing

This website uses videos, which are a good way to convey content better and make it more understandable. Since hosting videos locally is not powerful enough, we use external video providers – mainly Vimeo and YouTube.
Since videos are integrated, Vimeo and YouTube servers are called up for technical reasons. To learn about the associated use of browser or terminal device data, please see the respective provider’s privacy statement, since the provider is responsible for the corresponding data processing. Here is Vimeo’s privacy statement: https://vimeo.com/privacy; and here is YouTube’s: https://policies.google.com/privacy?hl=en
Vimeo claims to guarantee an adequate level of data protection by complying with the Privacy Shield requirements.

5. Registration

a) Description and scope of data processing

On our website, we allow users to register by providing personal data. The data are entered into an input mask, transmitted to us, and stored. The data will not be passed on to third parties. The following data are collected during the registration process:
Email address, password, billing address, salutation, first name, last name, company, street, house number, postcode, city, country, and telephone
At the time of registration, the following data are also saved:

1. the user’s IP address
2. the date and time of registration

b) Legal basis for data processing

If registration is necessary to execute a contract to which the user is party, or to carry out pre-contractual measures, the processing is also legally based on Art. 6(1)(1)(b) GDPR.

c) Purpose of data processing

The user’s registration is necessary to execute a contract with the user or to carry out pre-contractual measures.

d) Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected.
This applies to data collected during the registration process to execute a contract, or to carry out pre-contractual measures, if the data are no longer necessary to execute the contract. Even after the contract has been entered into, it may still be necessary to store the other contracting party’s personal data to fulfil contractual or legal obligations.

e) Possibility of opposition and removal

As a user, you may at any time cancel the registration or have changes made to the data concerning you that have been stored.
Please contact us for this purpose using the above contact information.
If the data are necessary to execute a contract or carry out pre-contractual measures, they can be deleted prematurely only if doing so does not oppose contractual or legal obligations.

6. Email contact

a) Description and scope of data processing

Users can contact us through the website by using the email address provided. If this occurs, the user's personal data transmitted with the email will be stored.
Data collected in this context will not be passed on to third parties and will be used only to process the conversation.

b) Legal basis for data processing

Processing data with the user’s consent is legally based on Art. 6(1)(1)(a) GDPR.
Processing data that is transmitted when an email is sent is legally based on Art. 6(1)(1)(f) of the GDPR, and if the email contact aims at entering into a contract, also on Art. 6(1)(1)(b) GDPR.

c) Purpose of data processing

We process personal data by email only to process the contact, which also constitutes our required legitimate interest in processing the data.

d) Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. For personal data sent by email, this will be when the respective conversation with the user has ended. The conversation is terminated when it is clear from the circumstances that the matter in question has been conclusively clarified.

Possibility of opposition and removal

Users may revoke their consent to the processing of personal data at any time. If a user contacts us by email, they may object to the storage of their personal data at any time. If they object, the conversation cannot be continued.
To make such an objection, please send us an email (no specific form required) to info(at)felix-solingen.com, and all personal data stored during the contact will be deleted.

7. Newsletter

a) type and scope of the data processing

The newsletter is sent on the basis of the user’s registration on the website:
To receive the newsletter offered on our website, you can use our form to register. To that end, we use the “double opt-in procedure”. In that procedure, a confirmation email is sent to the email address you gave us, with a request to confirm. The registration will not be effective until you click the activation link contained in the confirmation email. To send the newsletter, your email address and your first and last nameswill bestored
In addition, the following data will be collected during the registration:

  • IP address of the calling computer
  • Date and time of the registration

During the registration procedure, your consent will be obtained and this privacy policy will be referenced so the data can be processed.
If you enter your email address to purchase goods or services on our internet site, we may use that address to send a newsletter. If this occurs, the newsletter will be used only to directly advertise our own similar goods or services.
In connection with processing data to send newsletters, data will be forwarded to the company Rapid Mail. We use your data that are transmitted to us exclusively to send the newsletter, which can contain information or offers.
We use rapidmail to send our newsletter. Therefore, your data will be transmitted to rapidmail GmbH. As part of this process, rapidmail GmbH is forbidden from using your data for any purpose other than sending the newsletter. rapidmail GmbH is not allowed to forward or sell your data. rapidmail is a German, certified newsletter software provider that was carefully selected in accordance with the requirements of the GDPR and the Federal Data Protection Act (“Bundesdatenschutzgesetz”, “BDSG”).
You may at any time withdraw your consent to having your data stored and used to send the newsletter (by using the deregistration link in the newsletter, for example).

b) Legal basis for the data processing

If a user registers for a newsletter and consents to having their data processed, that processing is legally based on Art. 6(1)(1)(a) GDPR.
The legal basis for sending the newsletter due to the sale of goods or services is § 7(3) of the German Act Against Unfair Competition (“Unlauterer Wettbewerbs-Gesetz”, “UWG”).

c) Purpose of the data processing

The user’s email address is collected to deliver the newsletter.
Other personal data are collected during the registration procedure to prevent the service or the email address from being misused.

d) Duration of storage

The data will be erased as soon as they are no longer needed for the purpose for which they were collected. Accordingly, the user’s email address will be stored as long as the newsletter subscription is active.
The other personal data collected during the registration procedure will normally be erased after seven days.

e) Possibility for objection and removal

Users can cancel their newsletter subscriptions at any time. Every newsletter contains a link for that purpose.

8. Google Analytics

a) Description and scope of data processing

If you have consented to the processing in the consent banner, this website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies: text files that are stored on your computer and allow us to analyse your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

IP anonymisation

We have activated the IP anonymisation function on this website. Therefore, your IP address will be shortened by Google within member states of the European Union or in other contracting parties to the EEA Agreement before transmission to the USA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of this website’s operator, Google will use this information to evaluate your use of the website, compile reports on the website activities, and provide further services to the website operator related to the use of the website and the internet. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.

Browser Plugin

You can prevent the storage of cookies by adjusting your browser software accordingly, but if you do, you might not be able to use all the functions of this website to their full extent. You can also prevent Google from collecting and processing data that the cookie generates about your use of the website (including your IP address) by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de.

Demographic features at Google Analytics

This website uses the "demographic features" function of Google Analytics, which allows reports to be generated that contain statements on the age, gender, and interests of the site visitors. Those data come from interest-based advertising by Google and from visitor data from third parties, and cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google Account or generally prohibit the collection of your data by Google Analytics as described in the section "Objection to data collection".

b) Legal basis for data processing

Storing Google Analytics cookies is legally based on Art. 6(1)(1)(f) GDPR.

c) Purpose of data processing

The website operator has a legitimate interest in analysing user behaviour to optimise its website and advertising.

d) Duration of storage

By default, Google will delete the data once a month after 26 months.

e) Possibility of opposition and removal

You can prevent Google Analytics from collecting your data by clicking on the following link. Click here to disable Google Analytics. An opt-out cookie will be set to prevent the collection of your information on future visits to this website: Disable Google Analytics. For more information on how Google Analytics handles user data, please see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.

9. Google Maps

a) Description and scope of data processing

This site uses the map service “Google Maps” via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The functions of Google Maps cannot be used unless your IP address is saved. This information is usually transferred to a Google server in the USA and stored there, and the provider of this site has no influence on that data transfer. You can find more information on the handling of user data in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.

b) Legal basis for data processing

Storing data temporarily is legally based on a legitimate interest under Art. 6(1)(1)(f) GDPR.

c) Purpose of data processing

Google Maps are used in the interest of presenting our online offers attractively and making it easy to find the places we’ve indicated on the website.

d) Duration of storage

We have no influence on Google’s storing, processing, or use of data.

e) Possibility of opposition and removal

The website cannot operate unless data are collected to provide the website and to be stored in log files, so the user may not object to either.

10. Use of WEB Fonts

a) Description and scope of data processing
These internet pages use external fonts, namely Google Fonts: a service of Google Inc. ("Google"). These web fonts are integrated through a server call (usually a Google server in the USA) that tells the server which of our internet pages you’ve visited. Google also stores the IP address to the browser of the end device used by the visitor to this website. You will find more detailed information in Google’s privacy policy, which you can download here:
www.google.com/fonts#AboutPlace:about
www.google.com/policies/privacy/

b) Legal basis for data processing

Storing data temporarily is legally based on a legitimate interest under Art. 6(1)(1)(f) GDPR.

c) Purpose of data processing

Google Fonts are used in the interest of presenting our online offers attractively.

d) Storage duration

We have no influence on Google’s storing, processing, or use of data.

e) Possibility of opposition and removal

The website cannot operate unless data are collected for providing the website and to be stored in log files, so the user may not object to this.

11. Using PayPal

a) Description and scope of data processing

The controller has integrated components of PayPal, an online payment service provider, into this website. Payments are processed through PayPal accounts, which are virtual private or business accounts. PayPal also allows users to make virtual payments by credit card if they don’t have a PayPal account. A PayPal account is managed via an email address, so there is no traditional account number. PayPal allows users to make online payments to third parties or to receive payments. PayPal also assumes trustee functions and offers buyer protection services.
PayPal’s European operating company is PayPal (Europe) S.à.r.l. & Cie S.C.A., 22–24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
If the data subject selects "PayPal" as a payment option in our online shop during the ordering process, their data is automatically transmitted to PayPal. By selecting this payment option, the data subject consents to the transmission of personal data required for payment processing.
The personal data transmitted to PayPal is usually first name, surname, address, email address, IP address, telephone number, mobile phone number, or other data needed to process payments. Personal data related to the respective order are also needed to process the purchase contract.
The personal data exchanged between PayPal and the controller might be transferred by PayPal to credit reference agencies to check identity and creditworthiness.
PayPal may share personal data with affiliated companies and service providers or subcontractors as necessary to fulfil contract obligations or so the data can be processed on behalf of a third party.
PayPal's applicable privacy policy can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

b) Legal basis for data processing

Storing data temporarily is legally based on consent pursuant to Art. 6(1)(1)(a) GDPR.

c) Purpose of data processing

Data are transmitted to process payments and prevent fraud. In particular, the controller will transmit personal data to PayPal if there is a legitimate interest in the transmission.

d) Storage duration

The controller has no influence on PayPal’s storage, processing, or use of the data.

e) Possibility of opposition and removal

The data subject may at any time revoke its consent to allow PayPal to process personal data. Such revocation will not affect personal data that must be processed, used, or transmitted to handle payments under a contract.

12. Using Klarna

a) Description and scope of data processing

If you choose invoicing and instalment purchasing through Klarna AB (Sveavägen 46, 111 34 Stockholm, Sweden) as your payment option during the ordering process, you permit us under Art. 6(1)(1)(a) GDPR to collect and transfer to Klarna AB the personal data we need to process the purchase on account and carry out an identity and credit check.
Those data include but are not limited to your first and last names, title, address, date of birth, gender, email address, IP address, telephone number, and mobile phone number, as well as the data needed to process the purchase on account and data related to the order, such as the number of items, item number, invoice amount and taxes in percent, invoice information, bank details, card number, date of validity, CCV code, information on goods/services, historical information, information about your previous purchases, payment history, possible refusals, financial information, information about possible credit obligations and payment notes, information about the interaction between you and Klarna Checkout, page loading times, download errors and methods used to leave the displayed page, information about electronic communication, acknowledgements of receipt, device information, and geographical information.
This transmission is necessary to complete your purchase with the invoice processing you requested – especially to confirm your identity; to administer your payment and customer relationship; for customer analysis; to administer Klarna's services; for internal processes, including troubleshooting, data analysis, internal testing, development, and statistical purposes; to improve Klarna's services to ensure that the necessary information is displayed as effectively as possible for you and your device to prevent misuse or improper use of Klarna’s services, as part of Klarna’s efforts to make its services as secure as possible; to assess which payment methods we can offer you through Klarna; to conduct internal credit assessments; to conduct risk analysis and risk management; to conduct business development; and to comply with applicable law. In doing so, Klarna has a legitimate interest in the transfer of the ordering party’s personal data and needs those data to obtain information from credit agencies to perform an identity and credit assessment.
A list of the credit agencies Klarna uses can be found here: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies. Moreover, Klarna may provide your personal data to other companies within the Klarna Group, service providers, and subcontractors to the extent necessary to fulfil the contract relationship with you or with them.
As part of the decision to establish, implement, or terminate the contract relationship, Klarna collects and uses information about the buyer's past payment history and probability values about this behaviour in the future. Klarna calculates this scoring based on scientifically recognised mathematical and statistical methods.
Further information on data protection, particularly which data are collected for which purposes, can be obtained directly from Klarna’s privacy policy (https://www.klarna.com/international/privacy-policy/)

b) Legal basis for data processing

Storing data temporarily is legally based on consent pursuant to Art. 6(1)(1)(a) GDPR.

c) Purpose of data processing

Data are transmitted to process payments and prevent fraud.

d) Storage duration

The data controller has no influence on Klarna’s storage, processing. or use of the data.

e) Possibility of opposition and removal

You may at any time revoke your consent to allow Klarna to use your personal data. However, Klarna may still process, use, and transfer personal data if this is necessary for the contractual handling of payments by Klarna's services, if it is required by law, or if it is demanded by a court or an authority.

13. Trustpilot

a) Description and scope of data processing

We use the evaluation portal Trustpilot, which is operated by TrustPilot A/S, Pilestraede 58, 5th floor, 1112 Copenhagen, Denmark. In order to continuously improve our service, we offer our customers the opportunity to rate us through this independent portal without us being able to influence this in any way.
For each order placed via our website, the ordering party is invited to provide a rating. For this purpose, your name, first name, email address, and a reference number (order number for clear allocation) will be sent to Trustpilot. Trustpilot will neither use those data itself nor pass them on to third parties. You will then receive an invitation from Trust Pilot to rate our service.
The evaluation is verified through a special link, based on the reference number (order number). You are not required to submit an evaluation.
To submit an evaluation or to record customer feedback, you must create a user profile with Trust Pilot. Besides a rating for the inviting company, ratings for any company can be entered on the Trustpilot rating portal.
If a review is submitted by clicking on the link contained in the invitation, a user profile is automatically created on TrustPilot after personal data (name and email address for verification) are entered. Trustpilot’s privacy policy and general terms and conditions must also be accepted; they can be viewed on Trustpilot’s website at
http://de.legal.trustpilot.com/end-user-privacy-terms

b) Legal basis for data processing

Trust Pilot processes your invitation data on our behalf in accordance with Article 28 GDPR as a contracted processor. The legal basis for sending an invitation email is Art. 6(1)(1)(f) GDPR. The legal basis for processing your evaluation data is Art. 6(1)(1)(a) GDPR. By creating your user profile, you are granting Trustpilot permission to process your data.

c) Purpose of data processing

The data are transmitted as part of a customer relationship. We ask our customers to evaluate us for quality assurance purposes and so we can publish the evaluation for marketing.

d) Storage duration

Trust Pilot will store the invitation data for three years. If you log into the evaluation portal, Felix Solingen GmbH has no influence on the deletion periods at Trust Pilot. Please see the Trustpilot data protection information:
http://de.legal.trustpilot.com/end-user-privacy-terms

e) Possibility of opposition and removal

You may object by email (info@felix-solingen.com) at any time to having Trustpilot send and forward your data, and you may always decide not to carry out the customer evaluation. You may at any time revoke a consent you have given, with effect for the future, by sending a message to the evaluation platform itself (privacy@trustpilot.com).

14. Social networks

These internet pages contain a link to our Facebook page.
When you open this page, no personal data will be passed on.
Please note that personal data are also collected when you visit Facebook.
You may consult the respective privacy notices of Facebook, Twitter and Google+ to find more detailed information on how those providers collect and use data, on your rights in this respect, and on the options for protecting your privacy.
We would like to point out that we, as the provider of the pages, do not know the content of the transmitted data or how Twitter will use those data.

III. CUSTOMER CONSULTATION AND SUPPORT

1. PURPOSE OF PROCESSING

Felix Solingen GmbH collects your data to execute a contract, fulfil their contractual and precontractual obligations, and for direct advertising. The data must be collected and processed to carry out a contract-based business relationship.
To initiate and maintain a business relationship, and for advertising purposes, we collect the following information:
Title, first name, last name, a valid email address, postal address, telephone number (fixed line, mobile, or both).
We collect those data
so we can identify you as a customer:
so we can advise and inform you properly,
to correspond with you;
to process orders
to issue invoices;
to process any guarantee or warranty claims
to coordinate maintenance measures
for information about products or events

2. LEGAL BASIS OF THE DATA PROCESSING

The data are processed in accordance with Art. 6(1)(1)(b) GDPR, for the purposes named for reciprocal fulfilment of obligations and proper processing of the business relationship, and for the purposes in accordance with Art. 6(1)(1)(f)

3. STORING THE DATA

The personal data we collect to maintain the business relationship will be retained until the business relationship comes to a standstill or is terminated, after which they will be erased, unless we are obligated to store them longer under Article 6(1)(1)(c) GDPR due to retention and documentation obligations under tax and trade law (arising from the German Commercial Code (“HGB”), German Penal Code (“StGB”), or German Tax Code (“AO”)) or you have granted your consent to a longer storage in accordance with Art. 6(1)(1)(a) GDPR.

4. RIGHT TO OBJECT

If your personal data are being processed on the basis of legitimate interests in accordance with Art. 6(1)(1)(f) GDPR, you may object to that processing in accordance with Art. 21 GDPR if there are reasons resulting form your particular situation.
If you wish to assert your right to object, sending an email to info(at)felix-solingen.de will suffice.

IV. Suppliers and strategic partners

1. PURPOSE OF PROCESSING

Felix Solingen GmbH collects your data to execute a contract, fulfil their contract obligations, and to carry out a strategic supplier relationship.
The data must be collected and processed to execute a contract- and interest-based business relationship.
To maintain the business relationship, we collect the following information:
Title, first name, last name, a valid email address, postal address, telephone number (fixed line, mobile, or both).
We collect those data
so we can contact you;
to correspond with you;
to process orders
to issue invoices;
to process any guarantee or warranty claims

2. LEGAL BASIS OF THE DATA PROCESSING

The data are processed in accordance with Art. 6(1)(1)(b) GDPR, for the purposes named for reciprocal fulfilment of obligations and proper processing of the business relationship, and for the purposes in accordance with Art. 6(1)(1)(f)

3. STORING THE DATA

The personal data we collect to maintain the business relationship will be retained until the business relationship comes to a standstill or is terminated, after which they will be erased, unless we are obligated to store them longer under Article 6(1)(1)(c) GDPR due to retention and documentation obligations under tax and trade law (arising from the German Commercial Code (“HGB”), German Penal Code (“StGB”), or German Tax Code (“AO”)) or you have granted your consent to a longer storage in accordance with Art. 6(1)(1)(a) GDPR.

4. RIGHT TO OBJECT

If your personal data are being processed on the basis of legitimate interests in accordance with Art. 6(1)(1)(f) GDPR, you may object to that processing in accordance with Art. 21 GDPR if there are reasons resulting form your particular situation.
If you wish to assert your right to object, sending an email to info(at)felix-solingen.de will suffice.

V. Application procedure; Employee data

1. How does Felix Solingen GmbH process the data of employees and applicants?

As a general principle, data related to you personally will be collected directly from you by way of a direct survey, or during the application process, based on § 26(1) BDSG in the version valid from 25 May 2018.
Moreover, we can also have obtained data from third parties (such as job exchanges like Indeed, or job placement).
We also process personal data that we have gained permissibly from publicly accessible sources (such as professional social networks).
The processed categories of personal employee data include without limitation your master data (such as your first and last names, name extensions, nationality, and personnel number), contact data (such as private address, (mobile) telephone number, and email address) and the data of the entire application procedure (cover letter, CV, job references, and proof of qualifications).
If you also voluntarily disclosed special categories of personal data in your application letter or during the application procedure (such as health data, religious affiliation, or degree of disability), those data will be processed only if you have consented to such processing.
Felix Solingen GmbH processes personal employee and applicant data based on and in compliance with the European General Data Protection Regulation (EU “GDPR”), the Federal Data Protection Act (“Bundesdatenschutzgesetz”, “BDSG”) and all other relevant provisions of German labour law (such as the General Equal Treatment Act (“Allgemeines Gleichbehandlungsgesetz”, “AGG”), the Works Constitutions Act (“Betriebsverfassungsgesetz”, “BetrVG”), and the Social Security Code (“Sozialgesetzbuch”, “SGB”), etc.
To that end, within the scope of the application process, the processing of your personal data helps to carry out the application procedure, especially to determine the extent to which you are suitable for the advertised position. As part of this procedure, we must process your applicant data to decide whether to establish an employment relationship. The primary legal basis for this is Art. 88 GDPR in conjunction with § 26(1) BDSG.

2. Who receives your data?

Within Felix Solingen GmbH, your personal data will be given only to the people and offices who need it to decide about your employment, and to fulfil our statutory and contract obligations.
By way of deviation, we transmit your personal data (to investigating authorities, for example) only if we are obligated to do so by law.

3. How long does Felix Solingen GmbH store my data?

Personal applicant data transmitted to Felix Solingen GmbH will be erased as soon as they are no longer needed for the aforementioned purposes, but no longer than six months. This does not apply if you have consented to a longer storage duration, the storage is necessary for evidence purposes, or erasing them would oppose statutory regulations. For example, we store your applicant data as long as there is a possibility that you might assert legal claims against Felix Solingen GmbH (due to a breach of provisions of the AGG, for example).
On the other hand, if your application leads to the establishment of an employment contract relationship with you, we will continue to store and use your data for the purposes of normal administrative and organisational processes, and to carry out the employment relationship, while observing the applicable legal provisions.

4. What rights may I assert as a data subject?

Like all other data subjects, applicants and employees are entitled to the rights of data subjects in accordance with Art. 15 to 22 GDPR when Felix Solingen GmbH is processing their personal data. For details to that end, see item 4 above.
You have the right to turn to the aforementioned data privacy officer (see item 2) or a data protection supervisory authority with a complaint (cf. item 3 above)

VI. Video conference

If we use the video conference software “Microsoft Teams”, please observe the following notice in addition:

Notice: When the internet site of “Microsoft Teams” is called up, “Microsoft” is responsible for the data processing. This website (https://teams.microsoft.com/) must be called up to download the necessary software only if the software cannot be used directly and without being downloaded through an internet browser.
You can download the helpful quick-start handbook for new users of “MS Teams” under the following link: https://www.microsoft.com/de-de/berlin/files/Teams-Schnellstarthandbuch.pdf. Microsoft provides an extensive video tutorial under the following link: https://cloudblogs.microsoft.com/industry-blog/de-de/uncategorized/2020/05/14/microsoft-teams-video-tutorials-nutzliche-tipps-und-tricks/.
If a video conference is upcoming, we recommend that you familiarise yourself with the software in advance to minimise technical delays during the meetings.

“Microsoft Teams” is a service of the Microsoft Corporation:

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA
(https://teams.microsoft.com/)

a) Consenting to the terms of use and privacy policy of Microsoft and Microsoft Teams

The use of MS Teams is generally subject to Microsoft’s terms of use and privacy policy, on which Felix Solingen GmbH has no influence. To use MS Teams, you must accept Microsoft’s terms of use and privacy policy; otherwise, you cannot use MS Teams.
Privacy policy: https://www.microsoft.com/en-us/microsoft-365/microsoft-teams/download-app and https://privacy.microsoft.com/de-de/privacystatement
Terms of use: https://www.microsoft.com/de-de/servicesagreement/

Additional recipients: As the provider of MS Teams, the Microsoft Corporation is informed of the aforementioned data provided this is envisaged as part of our contract with MS Teams on commissioned data processing. Through the contract on commissioned data processing we have entered into with MS Teams, based on EU standard contract clauses, we obligate Microsoft to comply with the statutory regulations of applicable data protection law. A currently valid version can be viewed under the following link: https://www.microsoftvolumelicensing.com/Downloader.aspx?DocumentId=18030.

b) Data processing outside the European Union

We’ve restricted our storage location to computer centres in the European Union, so no data is processed outside the European Union (EU) in principle. However, Microsoft cannot completely rule out routing or storage on servers outside the European Union by commissioned processors. A secure level of data protection is guaranteed by entering into supplemented EU standard data protection clauses as well as technical and organisational measures. For one reason, this is because data is generally encrypted during transport via the internet and protected from being disclosed to third parties. Regarding personal data that are stored by Microsoft in the USA and Europe and that might be subject to official requests for information by authorities in the USA, Microsoft guarantees in a statement dated 20 July 2020 that any decrees enabling access to personal data will be contested before a court. Moreover, as part of a legal settlement, Microsoft has acquired the right to disclose transparent reports on the number of American directives aimed at Microsoft; furthermore, new guidelines were introduced within the US government that have restricted the use of nondisclosure directives (cf. https://news.microsoft.com/de-de/stellungnahme-zum-urteil-des-eugh-was-wir-unseren-kunden-zum-grenzueberschreitenden-datentransfer-bestaetigen-koennen/). The data protection level is deemed adequate when measured by the anticipated content of the video conferences of the Association for Data Protection and Data Security (“Gesellschaft für Datenschutz und Datensicherheit e.V.”,  “GDD”), which normally contain no personal data other than the names of the people participating in the video conference.

c) Additional information on data protection by the Microsoft Corporation and MS Teams

Please observe Microsoft’s privacy policy under https://privacy.microsoft.com/de-de/privacystatement and its section “Online services for companies”;
and: https://www.microsoft.com/de-de/trust-center/privacy/customer-data-definitions
in conjunction with the Microsoft DPA, retrievable under: https://www.microsoftvolumelicensing.com/Downloader.aspx?DocumentId=18030.

VII. Information on your right to object under Article 21 of the General Data Protection Regulation (GDPR)

1. 5. Right to object in individual cases

You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you that is occurring based on Art. 6(1)(1)(e) GDPR (data processing in the public interest) and Art. 6(1)(1)(f) GDPR (data processing based on a weighing of interests); this also applies to profiling supported by this provision for the purposes of Art. 4(4) GDPR, no profiling occurs.
If you lodge an objection, we will no longer process your personal data unless we can prove compulsory, legitimate reasons for that processing that outweigh your interests, rights, and freedoms, or the processing helps to assert, exercise, or defend legal claims.

2. Right to object to data being processed for purposes of direct advertising

In individual cases, we process your personal data for purposes of direct advertising. You may object to that processing at any time; this also applies to any profiling connected with such direct advertising.
If you object to the processing for the purposes of direct advertising, we will no longer process your personal data for those purposes.

You may lodge the objection without regard to form, and, if possible, you should direct it to:
Felix Solingen GmbH
An den Eichen 6
42699 Solingen
Telephone: +49 212 23140-300
Email: info@felix-solingen.com

Klicken Sie hier, um Google Analytics zu deaktivieren.