PRIVACY POLICY OF FILTRAL GMBH & CO. VERTRIEBS KG
Welcome and thank you for visiting our website. We are delighted about your interest in our company. We, meaning FILTRAL GmbH & Co. Vertriebs KG as well as its affiliated enterprises (hereinafter jointly referred to as “uvex group”), take the protection of your personal data very seriously. We process your data in line with the applicable legal regulations on the protection of personal data, especially the EU General Data Protection Regulation (EU GDPR) and the country-specific implementation laws applicable to us. By providing this Privacy Policy, we inform you comprehensively about the processing of your personal data by the uvex group and the rights you are entitled to.
In this context, ‘personal data’ means any information by which a natural person can be identified. This includes, in particular, name, date of birth, address, phone number and e-mail address, but also your IP address.
Data is deemed to be anonymous if it cannot be used to create any personal reference to the user.
1. Controller
FILTRAL GmbH & Co. Vertriebs KG
Siegelsdorfer Str. 1
90768 Fürth Deutschland
Tel.: +49(0) 0911 / 97 53 0
E-mail: info@filtral.de
Website: www.filtral.com
2. Data Protection Contact
The contact data of the data protection officer for all companies of the uvex group based in Germany is as follows:
UVEX WINTER HOLDING GmbH & Co. KG
Würzburger Straße 181
90766 Fürth Germany
Tel.: + 49(0)911-9736-0
E-Mail: datenschutz@uvex.de
Website: www.uvex.de/en
3. Rights as Data Subject
First of all, we would like to inform you here about your rights as a data subject. These rights have been laid down in Art. 15-22 EU GDPR. This includes
- the right of access (Art. 15 EU GDPR),
- the right to erasure (Art. 17 EU GDPR),
- the right to rectification (Art. 16 EU GDPR),
- the right to data transferability (Art. 20 EU GDPR),
- the right to restriction of data processing (Art. 18 EU GDPR) and
- the right to object to data processing (Art. 21 EU GDPR).
To assert these rights, please contact datenschutz@uvex.de
The same applies if you have any questions about data processing in our company or want to withdraw any consent given. Moreover, you have the right to lodge a complaint with a data protection supervisory authority.
4. Rights to Object
Please note the following in connection with rights to object:
If we process your personal data for the purpose of direct marketing, you have the right to object to this data processing at any time without giving reasons. This also applies to any profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. You may object free of charge and informally, preferably to datenschutz@uvex.de
For the eventuality that we process your data to safeguard legitimate interests, you may object to such processing at any time on grounds relating to your particular situation; this also applies to any profiling based on these provisions.
We will no longer process your personal data in that case, unless we are able to demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the processing serves the establishment, exercise or defence of legal claims.
5. Purposes of and Legal Bases for Data Processing
Your personal data is processed in compliance with the provisions of the EU GDPR and all other provisions applicable under data protection law.
Legal bases for data processing derive, in particular, from Art. 6 EU GDPR.
We use your data to initiate a business, to meet contractual and statutory duties, to perform the contractual relationship, to offer products and services as well as to strengthen the customer relationship, which may also include analyses for marketing purposes and direct marketing.
Your consent to data processing may also represent a permission requirement under data protection law. Before you give your consent, we inform you about the purpose of data processing and about your right of withdrawal.
In the event that the consent also relates to the processing of special categories of personal data, we expressly point this out to you in the notice of consent. Any processing of special categories of personal data under Art. 9 EU GDPR is effected only if this is required by legal regulations and there is no reason to believe that this is overridden by your interest, worth being protected, in the exclusion of processing.
In certain cases, we also base the processing of your data on a legitimate interest under point (f) of Art. 6(1) EU GDPR. In so doing, any data is processed only if this serves to safeguard our own legitimate interests or those of any third parties and a balancing of interests has not shown that this overrides your interest, fundamental rights and fundamental freedoms.
6. Data Sharing With Third Parties
We share your data with any third parties only under statutory provisions or based on an appropriate consent. Otherwise, we do not share any data with third parties, unless we are obliged to do so due to mandatory legal regulations (e.g. sharing with external bodies, e.g. supervisory authorities or law enforcement authorities).
7. Recipients of the Data / Categories of Recipients
We ensure within the uvex group that recipients of your data are only persons who need it to perform contractual and statutory duties. This applies to the following companies within the uvex group:
- UVEX WINTER HOLDING GmbH & Co. KG
- UVEX SPORTS GmbH & Co. KG
- UVEX ARBEITSSCHUTZ GmbH
- FILTRAL GmbH & Co. Vertriebs KG
Sharing your data may be required, e.g. if you apply for a position advertised by an affiliated enterprise via our central applicant portal. Data is shared with UVEX WINTER HOLDING GmbH & Co. KG for the purpose of analysing our internal processes and ensuring technical support. Furthermore, marketing analysis data is shared with the companies set out above. It cannot be ruled out in this context that personal data is transferred as well.
In certain cases, further service providers support our specialist departments in accomplishing their tasks. The necessary major contract under data protection law has been concluded with all service providers.
8. Transfer to Third Countries / Intention to Transfer to Third Countries
Any data is transferred to third states (outside the European Union or European Economic Area) only to the extent that this is required to perform the relationship of obligations or prescribed by law or you have given us your consent to do so.
We transfer your personal data to service providers and Group companies outside the European Economic Area, including the USA. You can find a listing of the tools / service providers along with details of the place of processing location under item 14.1 “Tools Used”.
The necessary major contract under data protection law has been concluded with all service providers.
9. Duration of Data Retention
We retain your data as long as it is needed for the respective processing purpose. Please note that data (must) continue to be retained contingent on numerous safekeeping periods. This holds true, in particular, for duties of safekeeping under commercial or tax law (e.g. German Commercial Code, Fiscal Code of Germany, etc.). Where no further-reaching duties of safekeeping exist, the data is regularly erased once the purpose has been achieved.
In addition, we may keep data if you have given us your permission to do so or if any legal disputes arise and we use evidence under statutory limitation periods, which may be up to thirty years, with the regular limitation period being three years.
10. Secure Transmission of Your Data
We use appropriate technical and organisational security measures to best protect the data retained with us against any accidental or intentional manipulations, loss, destruction or access by unauthorised persons. The security levels are continuously reviewed and adapted to new security standards in cooperation with security experts.
The data exchange from and to our website is effected in encrypted form. We offer HTTPS as transmission protocol for our web presence, using the current encryption protocols in each case.
Moreover, it is possible to use alternative ways of communication (e.g. regular mail).
11. Obligation to Provide the Data
Various personal data is necessary to establish, perform and terminate the relationship of obligations and to meet the relating contractual and statutory duties. The same applies to the use of our website and of the various functions provided with it.
In certain cases, data must also be collected or made available due to statutory provisions. Please note that it is not possible to process your request or to perform the underlying relationship of obligations without providing this data.
12. Categories, Sources and Origin of the Data
The data we process depends on the respective context: this depends on whether, for instance, you place an order online or enter a request in our contact form, whether you send us an application or submit a complaint.
Please note that we provide information for special processing situations, including separately at a suitable place, where appropriate, e.g. when any application documents are uploaded or any contact request is made.
12.1 Where you visit our website, we collect and process the following data:
- name of the Internet service provider
- details of the web page from which you visit our website (referrer)
- web browser and operating system used
- IP address assigned by your Internet service provider
- requested files, transferred amount of data, downloads / file export
- details of the web pages you retrieve on our website, incl. date and time
This data processing is technically necessary to ensure that the contents of our website can be delivered to your terminal. Your IP address must therefore also necessarily be collected and retained for the duration of the respective session. The same applies to the further data which needs to be processed to properly display our website. Moreover, retaining the data in log files serves to further optimise the website, to ensure its functionality, to guarantee the security of our applications and to warrant legal safeguarding (e.g. detection and prevention of attacks on our website).
The legal basis for this data processing and temporary data retention is our legitimate interest as website operator (point(f) of Art. 6(1) EU GDPR).
The data is retained for a limited duration and erased once we no longer need to have it available for the processing purposes. We collect any data to properly display our website only after the session has been terminated. Any data retained in log files is erased or anonymised after 7 days.
12.2 We collect and process the following data as part of a contact request:
A contact form available on our website can be used to contact us electronically. If you write to us using the contact form, we process your data specified on the contact form to contact you, to answer your questions and to comply with your wishes.
We collect the following data via the contact form:
- name
- e-mail address
- phone number (for return call in case of telephone request, if any)
- content of request
In so doing, we pay regard to the principle of data economy and data avoidance, with you only having to specify the data we absolutely need to contact you (mandatory details). This is your name, your e-mail address as well as your request itself. These mandatory details have been marked with an *(asterisk).
Moreover, your IP address is processed out of technical necessity as well as to warrant legal safeguarding. All remaining data may be entered in voluntary fields and specified optionally (e.g. to individually answer your questions).
We implement appropriate security measures to best protect the security and confidentiality of your data. Your request is transmitted to us in encrypted form.
Where you contact us by e-mail, we process the personal data provided in the e-mail solely for the purpose of processing your request. No data is collected above and beyond that where you do not use the forms offered to contact us.
12.3 We process the following data as part of the registration process:
We provide users with the opportunity to register on our website by specifying personal data.
Where this is the case, we collect the following data:
- form of address
- surname, first name
- e-mail address
Hence, the registration is necessary either to perform a contract (via our online shop) with you or to take steps prior to entering into a contract.
In so doing, we pay regard to the principle of data economy and data avoidance, since only the data necessary for the registration is marked with an asterisk (*) as a mandatory field. This is your name, e-mail address as well as password including password repetition.
In addition, we need details on the billing address (form of address, first name, surname, address) to supply anything ordered by you in our online shop. Moreover, the above details needs to be specified additionally for the delivery address in the event that the delivery address differs from the billing address.
When the user registers on our website, the user’s IP address as well as the date and time of registration are retained as well (technical background data). By clicking on the “Register now” button, you give us the consent to process your data.
Please note: the password assigned by you is retained with us in encrypted form. Employees of our company cannot read this password. They can thus not provide you with any information in the event that you have forgotten your password.
Please use the “Forgot password” function in this case to have an automatically generated new password sent to you by e-mail. No employee is entitled to query your password from you by phone or in writing. So, please never specify your password if you receive any such requests.
Upon completion of the registration process, your data is stored with us so that you can use the protected customer area. Once you register on our website with an e-mail address as user name and password, this data is made available for any actions you carry out on our website (e.g. for orders placed in our online shop). Completed purchase orders may be traced in the ordering history. You may specify any changes in the billing or delivery address here.
Registered persons are free to make any changes/corrections to the billing or delivery address in the ordering history on their own accord. If you contact our customer service, the latter is likewise happy to perform any changes/corrections. Of course, you may also cancel the registration and close or erase your customer account again.
13. Automated Individual Decision-Making
We do not use any purely automated processing processes to bring about any decision.
14. Technologies Used to Evaluate Your Usage Behaviour on Our Website (Point (f) of Art. 6(1) EU GDPR)
We use technologies at several places on our website to evaluate your usage behaviour and to optimise the website. Cookies, third-party provider views and localStorage are used to that end. Cookies are small text files that are placed on your computer and retained by your browser (locally on your hard drive).
We use these technologies only after having received your consent (point (a) of Art. 6(1) EU GDPR). This allows us to create an analysis of how users use our websites. In this way, we can design the website contents according to the visitor’s needs. By using cookies, we can also measure the effectiveness of a specific ad and have it placed, for example, as a function of the users’ thematic interests.
In the event that you have given your consent here, you may withdraw it at any time for the future by viewing the consent banner again HERE and making the appropriate setting there.
We use Google Tag Manager to control the various cookies and tools embedded in this website.
We use on our website the tools and services outlined in item 14.1. Legal basis for using them is the consent you give via the consent banner displayed the first time you visit our website. For details on the tools and services used, please see the paragraphs hereinafter.
Of course, you can revoke your consent at any time by either deleting the opt-in cookie stored in your Internet browser manually or using appropriate software and then reloading our website or by clicking on the "Change data protection settings" button.
14.1 Tools Used
15. Links to Other Providers
As is clearly recognisable, our website also contains links to other companies’ web presences. To the extent there are any links to other providers’ web pages, we do not have any influence on their contents and can thus not be held responsible or liable for these contents either. The person responsible for the contents of these web pages is always their respective provider or operator.
The linked websites have been reviewed for potential statutory violations and recognisable statutory infringements at the time of linking. Any unlawful contents had not been recognisable at the time of linking. However, we cannot reasonably be expected to permanently monitor the contents of the linked web pages without any specific indications of a statutory infringement. If we become aware of any statutory infringements, any links of that kind are removed without delay.
16. Links to Social Media
You can find links to the social media services of Google+, Pinterest and Instagram on our website. Links to the web pages of the social media services are recognisable to you by the respective company logo. If you follow these links, you are redirected to FILTRAL’s company presence with the respective social media service. In case that you click on a link to a social media service, a connection is established to its servers, informing them that you have visited our website. In addition, further data is transmitted to the provider of the social media service, for example the following:
- address of the web page on which the activated link is located
- date and time the web page is accessed or the link is activated
- information about the browser and operating system used
- IP address
If you are already logged into the relevant social media service at the time the link is activated, the provider of the social media service may be able to establish your user name and possibly even your real name from the data transferred and assign this information to your personal user account with the social media service. You may rule out this possibility of assignment to your personal user account by logging out of your user account beforehand.
The servers of the social media services are located in the USA and other countries outside the European Union. The data can hence be processed by the provider of the social media service in countries outside the European Union as well. Please note that companies in these countries are subject to a data protection law under which personal data is generally not protected to the same extent as is the case in the Member States of the European Union.
Please note that we do not have any influence on scope, nature and purpose of data processing by the provider of the social media service. For more detailed information on how your data is used in connection with the social media services integrated in our website, please refer to the privacy policy of the respective social media service.
17. Online Offerings and Children
Persons under the age of 16 must not transfer any personal data to us or make any declaration of consent without the legal guardians’ consent. We want to encourage parents and legal guardians to actively participate in their children's online activities and interests.
