THE DATA PROTECTION INFORMATION IS DIVIDED INTO THE FOLLOWING SECTIONS:
I. Basic data protection information (contact details of the data controller, the data protection officer and the rights of the data subjects)
II. Information for website visitors
- Hosting and Content Delivery Networks (CDN)
- General information and mandatory information
- Data collection on this website
- Analysis tools and advertising
- Plugins and tools
- eCommerce and payment providers
III. Information for business partners or their contact persons
I. BASIC DATA PROTECTION INFORMATION
We – Recycling Dual GmbH – take the protection of your personal data seriously and therefore treat your personal data confidentially in accordance with the statutory data protection regulations and this data protection information.
We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
NOTE ON THE RESPONSIBLE OFFICE
The responsible party for data processing on this website is:
Recycling Dual GmbH
Willicher Damm 145
Telephone: +49 (0) 2161 – 9462 700 703
The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses or similar).
DATA PROTECTION OFFICER REQUIRED BY LAW
We have appointed a data protection officer for our company.
fox-on data protection GmbH
Phone: 02266/90 15 920
RIGHTS OF THE DATA SUBJECT:
As a data subject, you are entitled to the following rights, provided that the legal requirements for this are met:
- Right to information, Art. 15 DSGVO
- Right to rectification, Art. 16 DSGVO
- Right to erasure, Art. 17 DSGVO
- Right to restriction of processing, Art. 18 DSGVO
- Right to data portability, Art. 20 DSGVO
- Right to object, Art. 21 DSGVO
II. Information for website visitors
1. HOSTING AND CONTENT DELIVERY NETWORKS (CDN)
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website accesses and other data generated via a website.
The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).
Our hoster will only process your data to the extent necessary to fulfill its service obligations and follow our instructions regarding this data.
This website is managed and maintained by an external service provider.
Our web agency has theoretical access to your data, but only to the extent necessary to fulfill its obligations and follow our instructions regarding this data.
2. GENERAL NOTES AND OBLIGATORY INFORMATION
REVOCATION OF YOUR CONSENT TO DATA PROCESSING
Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
INFORMATION, DELETION AND CORRECTION
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if applicable, a right to correction or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.
RIGHT TO DATA PORTABILITY
You have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format.
RIGHT TO RESTRICTION OF PROCESSING
You have the right to request the restriction of the processing of your personal data, insofar as the data processing is based on a consideration of our legitimate interests. For this purpose, you can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:
If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of deletion.
If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.
If you have lodged an objection pursuant to Art. 21 (1) DSGVO, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.
right of appeal against the collection of data in specific cases and against direct marketing (Art. 21 GDPR).
If their personal data is processed for the purposes of direct marketing, they have the right to object at any time to the processing of personal data concerning them for the purposes of such marketing; this also applies to profiling, insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) DSGVO).
RIGHT OF COMPLAINT TO THE COMPETENT SUPERVISORY AUTHORITY
In the event of violations of the GDPR, data subjects shall have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right of appeal is without prejudice to any other administrative or judicial remedy.
3. DATA COLLECTION ON THIS WEBSITE
SSL OR TLS ENCRYPTION
For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties during transport.
Our Internet pages use so-called “cookies”. Cookies are data sets and do not cause any damage to your terminal device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your terminal device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.
In some cases, cookies from third-party companies may also be stored on your terminal device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function). Other cookies are used to evaluate user behavior or to display advertising. The cookies that are specifically used can be found in the “cookie details” in the cookie consent query.
Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 (1) lit. f DSGVO, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (Art. 6 para. 1 lit. a DSGVO); consent can be revoked at any time by opening the cookie settings and making other settings.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.
Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you separately about this within the scope of this data protection declaration and, if necessary, request your consent.
You can find more information under the respective cookie information. Please also see the next section.
COOKIE CONSENT WITH BORLABS COOKIE
Your consent or refusal will be stored for one year. Further details on the data processing of Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.
This website uses Google Maps and its API to display interactive maps. Google Maps is a map service provided by Google Ireland Limiteds. Through the use of web pages in which Google Maps are embedded, information about the use of this website is transmitted to Google (such as IP address, accessed web page, date and time, location data, if applicable).
If you are logged in to Google, Google can assign your data directly to your Google account. If you do not wish this assignment, you must log out of Google before using our website. To the best of our knowledge, Google uses the data (also from users who are not logged in) for the purposes of advertising, market research and/or demand-oriented design of its websites. You can assert a right of objection directly against Google.
Our website uses plugins of the YouTube page operated by Google. The operator of the pages is Google Ireland Limited.
When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. In the process, the YouTube server is informed which of our pages you have visited.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
The legal basis for the data processing is your consent (Art. 6 (1) a DSGVO). You can revoke it at any time by opening the cookie settings and changing the settings there.
If you send us inquiries via contact form, your data from the inquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.
The processing of this data is based on Art. 6 (1) lit. b DSGVO, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if this has been requested.
The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.
3. ANALYSIS TOOLS AND ADVERTISING
These websites use Google Analytics, a web analytics service provided by Google Ireland Limited (“Google”). Information is collected about your use of the website, including browser type and version, operating system used, referrer URL (previously visited page), IP address and date/time of request.
Google Analytics uses so-called “cookies”, which are stored on your computer and which enable an analysis of your use of the website. The information generated by the cookies about your use of these web pages is usually transmitted to a Google server in the USA and stored there. Because IP anonymization is activated on these websites, your IP address will be truncated by Google within member states of the European Union or the EEA (European Economic Area) and only transmitted anonymously. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
The legal basis for the use of Google Analytics is your consent pursuant to Art. 6 (1) a DSGVO.
You can prevent the collection by Google Analytics by clicking on the following link. This will set an opt-out cookie that prevents future collection of your data when visiting this website: Google Analytics deactivate.
For more information on data processing by Google, please visit https://policies.google.com/technologies/partner-sites.
Demographic characteristics on Google Analytics
This website uses the “demographic characteristics” function of Google Analytics to display suitable advertisements to website visitors within the Google advertising network. This allows reports to be generated that include statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google as well as from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the item “Objection to data collection”.
Data stored by Google at user and event level that is linked to cookies, user identifiers (e.g. User ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymized or deleted after 14 months. For details, please see the following link:
5. PLUGINS AND TOOLS
We use the “reCAPTCHA” service from Google Ireland Limited. This is to check whether the data input on our websites (e.g. in a contact form) is made by a human or automated or machine by a program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the visitor enters the page. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the visitor on the website and mouse movements made by the visitor). For this purpose, Google creates a cookie with a storage period of 6 months. The data collected during the analysis is forwarded to Google.
The data processing takes place on the basis of Art. 6 para. 1 letter f DSGVO. As a website operator, we have a legitimate interest in protecting our web offers from abusive automated spying and from SPAM.
6. ECOMMERCE AND PAYMENT PROVIDERS
PROCESSING OF DATA (CUSTOMER AND CONTRACT DATA)
We collect, process and use personal data only to the extent that they are necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 (1) lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. We collect, process and use personal data about the use of this website (usage data) only to the extent necessary to enable the user to use the service or to bill the user.
The collected customer data will be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
Order processing in the online store and use of customer accounts
We process the data of our customers in the context of ordering processes in our online store to enable them to select and order the selected products and services as well as their payment and delivery or execution. With the help of WooCommerce cookies, we can detect when the content of the shopping cart/data changes. This unique code is created for each customer so that WooCommerce knows where to find the shopping cart data in the database for each customer. Further, it will allow the customers to hide the store notifications. Cookies with a duration of up to 2 days are also used in this process.
We process inventory data, communication data, contract data and customer histories for this purpose. Our customers, prospective customers and other business partners are affected by this. The processing takes place so that we can provide the contractual service, for billing, delivery and customer services. In this context, we may use session cookies for storing the shopping cart content and permanent cookies for storing the login status.
The processing is carried out for the fulfillment of our services and implementation of contractual measures (Art. 6 para. 1 letter b DSGVO) and insofar as it is required by law (Art. 6 para. 1 letter c DSGVO, e.g. for commercial and tax purposes). We disclose the data to third parties only within the scope of delivery, payment or within the scope of legal permissions and obligations as well as on the basis of our legitimate interests (Art. 6 para. 1 lit. f DSGVO; e.g. to legal and tax advisors, financial institutions, freight companies as well as authorities).
Users can create a user account, in particular by viewing their orders. The required mandatory information will be provided to users upon registration. The user accounts are not public. If users have cancelled their user account, their data will be deleted, unless further storage is necessary for commercial or tax reasons. Information in the customer account will remain stored until it is deleted or after archiving (if we are legally obligated to do so or we have legitimate interests, such as in the event of litigation). It is the responsibility of the users to save their data in case of cancellation before the end of the contract.
When using our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests to protect against misuse and other unauthorized use. In principle, this data is not passed on to third parties, unless it is necessary for the pursuit of our legal claims as a legitimate interest or there is a legal obligation to do so.
Deletion takes place after expiry of legal warranty and other contractual rights or obligations (e.g. payment claims or performance obligations from contracts with customers); in the case of storage due to legal archiving obligations, deletion takes place after their expiry.
Payment provider Novalnet AG
The controller has integrated components from Novalnet AG, Feringastr. 4, 85774 Unterföhring, Germany, into this website. Novalnet AG is a full payment service provider which, among other things, handles payment processing.
If the data subject selects a payment method during the ordering process in the online shop, data of the data subject is automatically transmitted to Novalnet AG. The transmission is based on our legitimate interests to enable you to pay conveniently. You have the right to object to this if you can demonstrate reasons arising from your particular situation.
The personal data transmitted to Novalnet is usually the first name, last name, address, gender, e-mail address, IP address and, if applicable, date of birth, telephone number, mobile phone number and other data necessary to process a payment. Personal data that is necessary for the processing of the purchase contract is also personal data that is related to the respective order. In particular, there may be a mutual exchange of payment information, such as bank details, card number, validity date and CVC code, data on goods and services, prices.
The purpose of the transfer of data is in particular identity verification, payment administration and fraud prevention. The data controller will transfer personal data to Novalnet AG in particular if there is a legitimate interest for the transfer. The personal data exchanged between Novalnet AG and the data controller will, if necessary, be transmitted by Novalnet AG to credit agencies. The purpose of this transmission is to check identity and creditworthiness.
Novalnet AG also discloses personal data to service providers or subcontractors insofar as this is necessary for the fulfilment of contractual obligations or the above-mentioned purposes. These companies also include payment service providers such as Paypal.
Payment guarantee by Novalnet:
III. INFORMATION FOR BUSINESS PARTNERS AND/OR THEIR CONTACT PERSONS
We collect personal data about business partners or their contact persons. This is for the purpose of establishing professional contacts, maintaining business relations, executing contracts with the business partner, promoting the Group’s business activities, marketing and advertising.
The legal basis for the data processing is Art. 6 para. 1 lit. c and f DSGVO (legal obligations and legitimate interests). Our legitimate interests are the performance of the contract and maintaining the business relationship with you and your employer, as well as for promotional purposes. You have the possibility to object to these data processing operations. Insofar as we process personal data in addition, this is based on your consent (Art. 6 para. 1 letter a DSGVO).
For this purpose, we process the following categories of data: Name, professional contact details and job/position title that we have received from you or your employer, as well as data relating to communication and communication content. We process further data if you provide it to us voluntarily.
Recipients of your personal data may include, where applicable, service providers who provide support services, IT and website service providers, marketing companies, PR companies, printers, advertising agencies and other vendors, other individuals in your organization, third parties involved in hosting or organizing events or trade shows, professional advisors such as tax or legal advisors, consultants and accountants, regulatory authorities (e.g. law enforcement and public bodies), and third parties in connection with the sale or acquisition of the Group or assets of the Group. In addition, your personal data may be transferred to other members of the Smurfit Kappa Group (www.smurfitkappa.com/vHome/com/Locations), if necessary, in order to perform the contract.
Individual recipients may be located in a country outside the European Economic Area (“EEA”) that does not provide adequate protection for your personal data. In this case, our company policy is to ensure that this is done on the basis of an effective legal basis, such as your prior consent or by entering into EU standard contractual clauses to protect your personal data.
The storage period depends on the above-mentioned purposes and, if applicable, on the statutory retention periods.