Privacy Policy

Thank you for visiting our website. Compliance with data protection regulations is very important to us. This Privacy Policy aims to explain to website users the nature, scope and purpose of processing personal data and your rights in this respect insofar as you are a data subject in accordance with Article 4 (1) of the General Data Protection Regulation. The following Privacy Policy takes account of the new features of the General Data Protection Regulation (GDPR) applicable since 25 May 2018. This Policy also meets the requirements of Article 13 of the German Telemedia Act that were applicable prior to this date.

 1. Controller
This website and range of services are operated by
HENKEL Beiz- und Elektropoliertechnik GmbH & Co. KG
An der Autobahn 12
19306 Neustadt-Glewe,
Germany
Tel.: + 49 (0) 3857 66-0
E-mail:
info@henkel-epol.com
Website: www.henkel-epol.com
Managing Directors: Mr Benedikt Henkel (Dipl.-Ing.), Mr Sven Wentzien (Dipl.-Ing.)
(hereinafter referred to as ‘HENKEL’).

2. General
Our website has been developed with a view to collecting as little data as possible from you. Essentially, you can visit our website without giving personal data. The processing of personal data is only necessary once you decide to use specific services (for example, use the contact form). We always ensure that your personal data is only processed on a legal basis or based on your consent. We comply with the provisions in the General Data Protection Regulation (GDPR) applicable since 25 May 2018 and the respective applicable national regulations, such as the German Data Protection Act, the German Telemedia Act and other specific data protection laws.

 3. Definitions
The terms used in this Privacy Policy have the following definitions in accordance with the GDPR. 

personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

 ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

 ‘restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future;

 ‘pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person;

 ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

 ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

 ‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;

 ‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;

 ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

4. Consent
In some instances we collect particular personal data from you when you visit our website for which we need your consent. This is the case for example if you send us a message via our contact form.

 Declaration of consent
By using the form provided, you consent to our collection of the personal data you provide and to our processing of this data as stated in this Privacy Policy. You may withdraw this consent at any time with future effect by making an appropriate declaration. Please bear in mind however that without your consent it is no longer possible to use our services. Please contact us using the above channels to indicate withdrawal of your consent (in this case, please state your name, e-mail address and postal address).

5. Purpose and legal basis for processing personal data

If your personal data is processed for the purposes indicated with your consent, such processing is based on Article 6 (1) (a) GDPR.
We process personal data, which is necessary for the establishment, implementation or execution of our range of services, on the legal basis set out in Article 6 (1) (b) GDPR.
Personal data, which is required to protect our legitimate interests, is processed in accordance with Article 6 (1) (f) GDPR.
Insofar as we use external service providers for data processing, personal data is processed on the legal basis set out in Article 28 GDPR.
Personal data is collected, processed and used by us solely for the following purposes:

Purpose of data processing

Legal basis for data processing
(‘Why is data processing necessary?’)
to make contact and for related correspondencebased on your consent
to process your requests and offer you further advice where requiredbased on your consent
to send a quote based on your requestbased on pre-contractual measures
to send information and/or Newslettersbased on your consent
for registration and receipt of regularly provided white papersbased on your consent
to make contact by phonebased on your consent
to ensure that our website is presented to you in a way that is as effective and interesting as possible (for example, through anonymised Evaluation)based on legitimate interests
for the technical implementation of our Servicesbased on legitimate interests

 

6. Personal data collected and processed
We only collect and process your personal data if you make such data available voluntarily and knowingly, for example by completing forms or sending e-mails.
In the context of the form provided, in the first instance, such data is as follows:

General contact details:

  • Form of address*
  • First name*
  • Surname*
  • Company name*
  • Street*
  • House number*
  • Post code*
  • Town/city*
  • Country*
  • E-mail address*
  • Phone number*
  • Which location is your request intended for*
  • Pre-selection of request
  • Message
  • Reason for contact
  • Consent to sending of information
  • Callback request

White paper subscription:

  • Surname
  • Name
  • Username*
  • Email adress*
  • Password*

Compulsory fields are denoted with an asterisk*

The personal data you provide and their content remain exclusively in our possession or with our associated companies. Your data is only stored and processed for the purposes indicated in Section 5. Use over and above the purpose indicated shall require your explicit consent. The same also applies to the transfer and transmission of your data to third parties.  

7. General log files
The connection details of the requesting computer (IP address), the pages of our website that you visit, the date and duration of your visit, identification data of the browser and operating system used, the website from which you navigate to our website as well as successful access are stored temporarily in log files by the web server. Technical administration of the website and anonymous statistical surveys enable us to evaluate access to the HENKEL service and to perform evaluations with the aim of increasing the protection and security of data in our company ultimately to ensure an optimum level of protection for the personal data we process.

The data in server log files are stored separately from all the personal data you provide.

Subject to any statutory storage obligations, we delete or anonymise your IP address once you leave our Website.

8. Cookies

Use of cookies
On our website, information is collected and stored using browser cookies.

What are cookies?
Cookies are small text files that are stored on your data carrier and save specific settings and data for exchange with our system via your browser. Cookies generally contain the name of the domain from which the cookie data has been sent as well as information about the age of the cookie and an alphanumerical identifier.

 Why do we use cookies?
Cookies allow our systems to recognise a user’s device and make any pre-settings available immediately. As soon as a user accesses the platform a cookie is sent to the hard drive of the respective user’s computer. Cookies help us improve our website and allow us to offer you a better service that is even more tailored to you. They allow us to recognise your computer or your (mobile) end device when you return to our website and thereby:

  • to store information about your preferred activities on the website and gear our website towards your individual interests.
  • speed up the processing of your requests.

We work with third-party services which support us in making our online offering and website more attractive to you. Consequently, when you visit our website, cookies from these partner companies (third-party providers) are also saved on your computer hard drive. These are cookies that are deleted automatically after a predefined period.

 A list of cookies that we use is provided in the following table:

Cookie nameInitial supplier cookies or third-party supplier Cookie?
In the case of third-party supplier Cookies: who is the originator?
Description / FunctionStandard expiry time
_gaGoogle2 years
_gatGoogleSession
_gitGoogle1 day
scnb-cookie-termshenkel-epol.com1 year
NIDgoogle.com6 months
_cfduiddatatables.net1 year

Can I determine the use of cookies?
If you do not want browser cookies to be used, you can adjust your browser settings so that the storage of cookies is not accepted. Please note that in this case you may only have limited use of our website or you may not be able to use it at all. If you only want to accept our cookies, but not those of our service providers and partners, you can select the ‘Block cookies from third-party providers’ option in your browser settings. We accept no liability for the use of third-party cookies.

9. Application procedure
If you apply for a job at HENKEL electronically, your details will only be used to process your application and will not be passed on to third parties. Please note that applications sent to HENKEL by e-mail are transmitted in unencrypted format. In this respect there is a risk that this data may be intercepted and used by unauthorised parties.

10. Newsletter
If you subscribe to our e-mail newsletter, HENKEL requires your e-mail address to which the newsletter should be sent. Any other information is voluntary and will be used to address you personally, design the newsletter with you in mind and resolve any queries regarding the e-mail address.

A valid e-mail address is required in order to receive the newsletter. The IP address you use to subscribe to our newsletter and the date on which you request our newsletter will also be saved. HENKEL uses these data as evidence in the event of misuse, if a third-party e-mail address is used to subscribe to our newsletter. Moreover, we use the ‘double opt-in process’ to ensure that e-mail addresses are not added fraudulently to HENKEL mailing lists by third parties. In this process, you will receive a confirmation e-mail at the e-mail address provided after you have signed up for the newsletter. Only once you have confirmed your subscription by clicking on the link provided in the confirmation e-mail will you subsequently receive our e-mail newsletter. Your request to receive our newsletter, the dispatch of a confirmation e-mail and receipt of your subscription confirmation are logged as part of this process.

You have the option at any time to withdraw your consent with future effect to the storage of data, your e-mail address and its use to send out the newsletter. HENKEL provides an unsubscribe link in every newsletter. You also have the option to notify your wish to withdraw your consent in writing using the addresses given above.

11. White papers
We periodically provide white papers about our services and products on our website. You are able to subscribe on our website to receive these. The personal data that we collect will be used only for transmission of the white papers and interesting information about our products. The collection and processing is based on the consent you give us. The consent to receive promotional emails can be revoked at any time on our website at: Unsubscribe Cancel promotional emails. Your data will not be transmitted without your authorisation or outside the group of companies. It will not be transmitted to non-member countries.

12. Integration of services and third-party content
Our website uses content and services from other providers. For example, maps are made available by Google Maps. In order that these data can be retrieved and displayed in the user’s browser, transmission of the IP address is absolutely essential. The providers (hereinafter referred to as ‘third-party providers’) therefore note the IP address of the respective user.

Even though we endeavour to only use third-party providers which require IP addresses simply to deliver content, we have no influence on whether IP addresses may be stored. In this case, such action serves statistical purposes amongst others. If it comes to our attention that an IP address is stored, we will notify you of this.

Use of DoubleClick
Our website uses the online marketing tool DoubleClick by Google. The provider is Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

DoubleClick uses cookies to show relevant ads to users, optimise performance reports or to prevent users from seeing the same ads several times. Cookies are small text files that are stored on your end device by your web browser. Google records which ads are shown in which browser via a cookie ID and can thus prevent ads from being shown on multiple occasions. Optimum marketing of our website represents a legitimate interest in accordance with Article 6 (1) (f) GDPR.

At the same time, cookie IDs also support DoubleClick with recording conversions relating to ad requests. This is the case, for example, if you see a DoubleClick ad and subsequently make a purchase on the advertiser’s website using the same web browser. According to Google, no information referring to individual persons is stored in DoubleClick cookies.

Because of the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no influence on the scope and use of the data collected by Google using these tools. As far as we are currently aware, Google learns through DoubleClick which areas of our website you visit or which of our ads you have clicked on. If you are logged into your Google account, Google can assign your visit to our website to this account. Even if you are not logged in, it cannot be ruled out that the provider can identify and save your IP address. 

You can monitor, restrict and prevent the setting of cookies using an up-to-date web browser. This will give you the option to object to the tracking process. Disabling cookies may lead to limited functionality of this website. 

Google is certified under the EU-US Privacy Shield framework. This data protection framework is designed to ensure compliance with the level of data protection applicable in the EU.

More information on the DoubleClick by Google privacy policy can be found at: http://www.google.com/policies/privacy/

 Use of Google Analytics
Our website uses functions of the web analysis service Google Analytics. The provider of the web analysis service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses ‘cookies’. These are small text files that are stored on your end device by your web browser and make it possible to analyse website use. Information generated by cookies about your use of our website is transferred to a Google server and stored there. Servers are generally located in the USA.

Google Analytics cookies are set based on Article 6 (1) (f) GDPR. As the operator of this website, we have a legitimate interest in analysing user behaviour in order to optimise our online service and also our advertising where appropriate.

We use Google Analytics in conjunction with the IP anonymisation function. This function ensures that Google abbreviates your IP address within Member States of the European Union or in other states that are party to the Agreement on the European Economic Area before it is sent to the USA. There may be exceptional cases where Google transfers a full IP address to a server in the USA and shortens it there. Google uses this information on our behalf to analyse your use of our website and compile reports on website activities and to provide other services for us associated with website and Internet use. IP addresses sent by Google Analytics are not merged with other Google data.

You can prevent your web browser from setting cookies. However, in this case some functions of our website may be limited. You can also prevent Google from collecting data relating to your use of our website, including your IP address, and from subsequent processing of this data by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout

More information on how Google Analytics handles user data can be found in Google’s Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=en. We have concluded a data processing agreement with Google to ensure full compliance with statutory data protection regulations. Our website uses the Google Analytics demographics feature. This feature can be used to compile reports containing details of the age, gender and interests of website visitors. Such data originate from interest-based Google advertising as well as from visitor data from third-party providers. The data cannot be assigned to specific individuals. You can disable this feature at any time via the ad settings in your Google account or by generally preventing the collection of your data by Google Analytics as explained in the section ‘Objecting to data collection’.

Alternatively, you can also prevent collection by Google Analytics by setting ‘opt-out cookies’, by clicking the following button. If you delete cookies in your browser, you must click this link again. Google’s Privacy Policy can be found at: https://policies.google.com/privacy/partners?hl=en.

Klicken Sie auf den unteren Button, um das Tracking von Google Analytics abzustellen.
Opt-out

Opt-out von Google Analytics erfolgreich.

Use of Google Maps
Our website uses Google Maps to integrate and display map content. The provider of this service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Your IP address is collected when you access a page with an integrated map. This information is generally sent to a Google server in the USA and stored there. Google finds out your IP address even if you are not logged in via a user account. If you are logged into your user account, Google can assign your surfing behaviour directly to your personal profile. You have the option to prevent this by logging out beforehand. The provider of this website has no influence over this transfer of data.

Google Maps is used in the interests of attractive presentation of our online services and making it easy to find the locations indicated on our website. This represents a legitimate interest in accordance with Article 6 (1) (f) GDPR.

More information on how user data is handled can be found in Google’s Privacy Policy: https://www.google.com/policies/privacy/.

13. Data security
Unfortunately, transferring information over the Internet is never 100% secure and this is why we cannot guarantee the security of data sent online to our website.

However, we secure our website using technical and organisational measures against loss, destruction, access, modification or dissemination of your data by unauthorised persons.

In particular, your personal data is transferred by us in encrypted format. We use the SSL/TLS (Secure Sockets Layer/Transport Layer Security) coding system. Our security measures are constantly being improved in

14. Rights of the data subject
Insofar as you are a data subject in accordance with Article 4 (1) GDPR, you have the following rights with regard to the processing of your personal data according to the GDPR. The legal wording of the following rights can be found under

https://www.bfdi.bund.de/SharedDocs/Publikationen/Infobroschueren/INFO6.html.

Right to confirmation and Information
Under the conditions laid down in Article 15 GDPR, you have the right to request confirmation as to whether or not personal data concerning you are being processed and to obtain information at any time free of charge about personal data concerning you that is stored by the controller responsible for processing and to receive a copy of this information.

Right to rectification
Under the conditions laid down in Article 16 GDPR, you have the right to request the rectification without undue delay of inaccurate personal data concerning you. Taking into account the purposes of the processing, you also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to erasure
Under the conditions laid down in Article 17 GDPR, you have the right to request the erasure of personal data concerning you without undue delay insofar one of the grounds cited in Article 17 GDPR applies and provided processing is not necessary.

Right to restriction of processing
Under the conditions laid down in Article 18 GDPR, you have the right to request the restriction of processing if one of the conditions laid down in Article 18 GDPR applies.

Right to data portability
Under the conditions laid down in Article 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller without hindrance from us provided the other conditions laid down in Article 20 GDPR apply.

Right to withdraw consent
You have the right to withdraw consent given to us to process personal data at any time with future effect. Please indicate your withdrawal using the contact details given above.

Right to object
Under the conditions laid down in Article 21 GDPR, you have the right to object at any time to the processing of personal data concerning you. If the conditions for effective objection apply, we may no longer process data.

Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

15. Passing on your personal data
Your personal data are passed on as described below.

Our website is hosted by an external provider in Germany. We ensure that data are processed solely in Germany. This is necessary for operation of the website as well as for the establishment, implementation and execution of an existing use agreement and is also possible without your consent.

Data are passed on if we are entitled or obliged to do so based on statutory requirements and/or official or court orders. This may involve in particular the provision of information for the purposes of law enforcement, averting danger or enforcing intellectual property rights.

Insofar as your data are passed on to providers as necessary, these providers only have access to your personal data to the extent necessary for the completion of their tasks. These providers are obliged to handle your personal data in accordance with applicable data protection legislation, in particular the GDPR.

Essentially, we do not transfer your data to third parties over and above the circumstances referred to above without your consent. In particular, we do not pass personal data on to bodies in a third country or to international organisations.

16. Storage period for personal data
As far as the storage period is concerned, we delete personal data as soon as their storage is no longer required to fulfil the original purpose and no statutory retention periods are in force. Ultimately, statutory retention periods constitute the criterion for the definitive length of time for which personal data is stored. Data is routinely deleted at the end of the respective period. If retention periods are in force, processing is restricted by blocking data.

17. References and links
When visiting websites referred to on our website, you may be asked to provide details such as your name, address, e-mail address, browser properties, etc. again. This Privacy Policy does not govern the collection, passing on or handling of personal data by third parties.

Third-party service providers may have their own different regulations regarding the collection, processing and use of personal data. It is therefore advisable to find out the policy of third-party websites regarding the handling of personal data before entering any personal details.

18. Change to Privacy Policy
We develop our website on an ongoing basis in order to provide you with a service that is constantly improving. We always keep this Privacy Policy up to date and adapt it accordingly if and insofar as this is necessary.

Naturally, we will notify you promptly of any changes to this Privacy Policy. We will do so, for example, by sending an e-mail to the e-mail address you have given us. Insofar as further consent is required from you regarding our handling of your data, we will of course obtain this from you before the relevant changes become effective.

You can access the current version of our Privacy Policy online at any time under Data protection.

19. Data Protection Officer
We have appointed a data protection officer.

Carolin Leja
www.mein-datenschutzbeauftragter.de
Hafenstraße 1a
23568 Lübeck, Germany
E-mail: datenschutz[at]henkel-epol.com

Date: February 2019