Data protection

We take the protection of your personal data very seriously. We will handle your personal data confidentially and in compliance with the statutory data protection regulations ( Swiss Data Protection Act - Schweizerische Bundesgesetz u?ber den Datenschutz (DSG) ) as well as this Privacy Policy. It is generally possible to use our website without disclosing any personal data. Insofar as personal data (e.g. name, address or email addresses, IP address, location data, photo and video recordings) are collected on our website, this happens on a voluntary basis as far as possible. Your personal data is collected, processed and saved primarily for corresponding with you and for the purposes for which you have provided us with the data. We will also share information with our affiliated companies or third parties insofar as is necessary to carry out your orders or respond to your queries. We will restrict the information shared to the information required to carry out the order. Our affiliated companies or the third parties will in any case be bound to comply with the data protection laws. Your personal data will never be shared with third parties for external marketing purposes. Please note that the internet and especially email communication must still be considered to be and unsafe medium and can have security gaps. Complete protection of data against third party access is not possible. We will continuously endeavour to install suitable technical and organisational measures to protect your personal data from third party access. However, if you are communicating strictly confidential information, we recommend sending it by mail.

Security

This website uses SSL or TSL encryption to ensure data processing security and to protect the transmission of confidential contents, e.g. contact requests which you send to us. You will recognise an encrypted connection by the fact that the browser address line is “https://” instead of “http://” and by the lock symbol in your browser line. Data which you send us cannot be read by third parties if SSL and/or TLS encryption is enabled.

Data processing on our websites

Cookies

Our websites use so-called cookies to an extent. Cookies do not cause any damage to your computer and do not contain any viruses. Cookies are used to make our offer more user-friendly, more effective and safer. Cookies are small text files which are placed permanently or temporarily on your computer and saved by your browser when you visit our websites. Most of the cookies which we use are known as “session cookies” to recognise that you have already visited individual pages of our website. They are automatically deleted at the end of your visit. Other cookies stay on your end device until you delete them. These cookies enable us to recognise your browser at the next visit and to statistically record website usage and evaluate it with the aim of optimising our offering for you. You can set your browser in such a way that you are informed when cookies have been placed and can accept cookies in individual cases only, exclude the acceptance of cookies either in certain cases or in general and moreover you can enable automatic deletion of cookies when closing the browser. The functionality of this website may be limited if cookies are disabled.

Server-Log- Files

Every time our website is accessed, our system automatically collects and saves information in what are known as server log files, which your browser transfers automatically to us. These are:

  • Type and version of browser
  • Operating system used
  • The website from which you visited us (referrer URL)
  • The web page you are visiting
  • Host name and complete IP address of the accessing computer
  • Date and time of the server request

The data is saved in our system’s log files. The user’s IP addresses or other data which could enable data assignment to a particular user are not affected by this. This data is not saved together with the user’s other personal data. The log files do not contain IP addresses or other data which could enable data assignment to a particular user. Temporary storage of IP addresses for the duration of the session is absolutely essential for sending the webpages and data from our servers to your browser in order to be able to deliver the requested information to you. The IP address must be stored for the duration of the session for this purpose. The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. This applies when the respective session has ended, where the data is collected to enable provision of the website. Data collection for website provision and data storage in log files is absolutely essential for the operation of the website. The user is therefore not entitled to a right of objection.

Contact form and email contact

There is a contact form on our website which you can use to make contact with our company electronically. The data (name, email address, telephone number and subject) entered in the input screen is transmitted to us and saved. You can, however, also send us an email. In this case, the user’s personal data transmitted with the email is stored. During the process of dispatching the contact form, your consent to this data use for processing your contact request is presumed and reference is made to this privacy statement. The technical data (IP address, date and time of registration) collected in the process of dispatching the contact form are used to prevent abuse of the contact form and to ensure the security of our computer systems and networks. It is also possible to make contact using the email address provided. In this case (= you are hereby making it clear that you are providing your consent), the user’s personal data which was transmitted with the email is stored. This data is also used only for processing your contact request.   Your data is deleted after final processing of your query, this is the case where it can be inferred from the circumstances that the facts in question have been conclusively clarified and provided that there is no statutory requirement to retain such data. We will not share your data with anyone without your consent. You have the option to revoke your consent to the processing of personal data at any time. If you made contact with us by email, then you can revoke your consent to the storage of your personal data at any time by email. In this case, all personal data which were saved in the course of the contact shall be deleted. If you provide us with this information, we can provide you with better service by addressing you in a more personal manner, and we can access such data for processing and responding to your query.

Ordering and delivering catalogues

If you request a cataloguefrom us, then the following personal data is required: Surname, name andaddress (street, house number and post code, city, country, telephone number,email and issue). Without this information we will not be able to send thecatalogue(s) to you by mail/email as requested. During the process ofdispatching the input form, your consent to the use of this data for processingyour request is presumed and reference is made to this privacy statement. The technical data (IP address, date and time of registration) collected in theprocess of dispatching the contact form are used to prevent abuse of the formand to ensure the security of our computer systems and networks. We will not share your data with anyone without your consent. If you do not wish to receive new catalogues, simply inform us of this by emailat info@phoenix-mecano.ch orby telephone (+41 52 742 75 00). In this case, all personal data saved in thecourse of the contact shall be deleted.

Google Analytics

This website uses the functions of the web analysis service, Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called “cookies”. These are text files, which are stored on your computer and enable an analysis of website use. The information about your use of this website, which is generated by the cookie is ordinarily transmitted to a Google server in the USA and stored there.

IP anonymisation

We have enabled the IP anonymisation function on this website. As a result, Google will shorten your IP address within the Member States of the European Union or in other contracting parties to the Agreement on the European Economic Area prior to transmission to the USA. Only in exceptional circumstances will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information on behalf of the operator of this website, to analyse your usage of the website, to compile reports about website activities and to render other services connected with website usage and internet usage for the website operator. Google does not amalgamate the IP address transmitted by your browser in the context of Google Analytics with other data.

Browser Plugin

You can prevent cookies from being stored by setting your browser software appropriately, however, please note that you may not be able to take full advantage of all the functions of this website in this case. Furthermore, you can prevent Google from collecting the data generated by the cookie related to your usage of the website (including your IP address) as well as from processing this data, by downloading and installing the browser plugin available under the following link http://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection

You can also prevent your data from being collected by Google Analytics by clicking on the  link below. An opt-out cookie is set, which prevents collection of your data when visiting this website in the future. Disable Google Analytics: You can find further information about how user data is handled at Google Analytics in the Google Privacy Policy under: https://support.google.com/analytics/answer/6004245?hl

Demographic features at Google Analytics

This website uses the Google Analytics “Demographic features” function. This enables reports to be generated which contain conclusions about the age, gender and interests of the website visitors. This data originates from interest-based advertising by Google as well as visitor data from third-party providers. This data cannot be assigned to any specific person. You can disable this function at any time using the advertising settings in your Google account or generally prohibit collection of your data by Google as presented under “Objection to data collection”.

Google AdWords 

Our website uses Google Conversion Tracking. If you have arrived at our website via an advertisement placed by Google, Google AdWords places a cookie on your computer. The Conversion Tracking cookie is placed when a user clicks on an advertisement placed by Google. If the user visits certain pages on our website and the cookie has not yet expired, then both we and Google can detect that the user has clicked on the advertisement and was transferred to this page. Each Google AdWords client receives a different cookie. Cookies can therefore not be traced via the websites of AdWords clients. The information gathered with the help of the Conversion Cookie is used to generate conversion statistics for AdWords clients who have opted for Conversion Tracking. The clients learn the total number of users who have clicked on their advertisement and who were transferred to a page which was provided with a Conversion Tracking Tag. They do not, however, receive any information which would enable them to personally identify the user. If you do not wish to participate in Tracking, you can decline the cookie placement which is required for the tracking - for example by using the browser setting which generally disables automatic cookie placement, or you can set your browser in such a way that cookies from the ldquo;googleleadservices.com” domain are blocked. Please note that you may not delete the Opt-out cookies as long as you do not wish measurement data to be recorded. If you have deleted all the cookies in the browser you must reset the particular Opt-out cookie. 

Google Maps

This website uses Google Maps API to visually represent geographical information. When Google Maps are used, Google also collects, processes and uses data about visitors’ use of the map function. You can find more information about data processing by Google in Google’s privacy notice (http://www.google.com/privacypolicy.html) You can also change your personal privacy settings there, in the data protection centre. More detailed information about managing your own data in connection with Google products can be found here http://dataliberation.org

Google Web Fonts

This website uses so-called web fonts, which are provided by Google for the uniform presentation of fonts. When a webpage is accessed, your browser downloads the required web fonts to your browser cache in order to display texts and typefaces correctly. For this purpose, the browser you are using must establish a connection to Google’s servers . Google learns in this way that your IP address has accessed our website. The use of Google web fonts is in the interest of a uniform and attractive presentation of our online offers. If your browser does not support web fonts, one of your computer’s standard fonts is used. For further information on Google web fonts, please refer to developers.google.com/fonts/faq and to Google’s Privacy Policy: 

https://www.google.com/policies/privacy/

Live-Chat-Funktion (Zendesk Chat)

This website uses Zendesk Chat, a Live-Chat Software provided by the company Zendesk Inc., 989 Market Street #300, San Francisco, CA 94102. Zendesk Chat displays to the user whether one of our employees is currently online to provide a direct answer. For this purpose, all visitors to our websites are recorded with their IP address and the page they are visiting at that moment. The IP address is anonymised in the process. Zendesk Chat  uses cookies. The information about the use of our website generated by the cookie (including your anonymised IP address) is transmitted to a Zendesk server in the USA and stored there. The information is only visible for the moment of a visit to a specific page and is not stored. Chats which have been carried out are logged and stored. You can prevent the cookies from being installed by setting your browser software appropriately; please note that you may not be able to take full advantage of all the functions of this website in this case. Further information about data processing by Zendesk can be found in the Zendesk Privacy Policy under www.zendesk.com/company/privacy. If you have any questions, you can also contact the Zendesk Data Protection Officer at privacy@zendesk.com. By using our website, you are agreeing to the processing of the data collected about you by Zendesk Chat in the manner described and for the purpose mentioned above.

Embedded YouTube videos 

We provide online offers (e.g. fan pages) on various social media platforms, which give information about Phoenix Mecano and allow us to get in touch with you.  We would like to point out that we have no influence on the processing of your personal data on these platforms, and that only the respective operator of the platform has full knowledge of the content of the transmitted data and how it is / has been used. As a rule, cookies are stored in your browser when you visit the respective platform. You may be affected by this data collection even if you are not registered on the respective platform. We do not know whether the data will be collected outside the European Economic Area. The processing of personal data on the platforms by us is in accordance with Art. 6 para. 1 lit. (f) of the German GDPR. Our legitimate interest is to be able to present Phoenix Mecano to the outside world in a variety of ways and to make the most of the opportunity to communicate with our customers as effectively as possible. Consent to data processing pursuant to Art. 6 Para. 1 lit. (a) of the German GDPR may also be the applicable legal basis if you have given it to the platform operator. You will receive detailed information on how data is processed by the platform operators as far as the respective possibilities of objection, rights to information and specific information on the respective platforms are concerned within the following data protection notices of the respective operators:

Google+ / YouTube (online presence / link)

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy policy: https://policies.google.com/privacy?hl=en
Cookie information: https://policies.google.com/technologies/ads?hl=en
Opt-Out: https://adssettings.google.com/anonymous?
Specific information about YouTube accounts or channels: When visiting our YouTube site, YouTube processes your personal data. This data is transmitted to us by YouTube in anonymised form as part of YouTube STUDIO usage. This anonymous data is statistical data about our channel subscribers.In addition, YouTube provides us with the user names of your "Google+" profile when you interact with us or our site, for example when you like or comment on videos or subscribe to our channel.

YouTube (plug-ins

Our website includes videos of the YouTube platform, which is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter Google).We use these services in accordance with Art. 6 para. 1 lit. (f) of the German GDPR, as we have a legitimate interest in disseminating and increasing the awareness level of our online presence. If you are logged into your YouTube account and you play the video, you enable YouTube to assign your surfing behaviour directly to your personal profile. This assignment takes place regardless of whether you click on the video or not. You can prevent this assignment to your YouTube account by logging out of your YouTube account. You can find more information about the handling of user data in YouTube's privacy policy at: https://policies.google.com/privacy?hl=en&gl=de

Facebook 

Provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland 
Data policy: https://www.facebook.com/about/privacy/
Opt-out: https://www.facebook.com/settings?tab=ads
Specific information on Facebook fanpages: Facebook processes your personal data (Facebook Insights) when you visit our Facebook fanpage. This data is made anonymous and transmitted to us by Facebook within the framework of Facebook Insights. This anonymised data concerns statistical data about our fanpage subscribers. 
In addition to this, we receive profile data from Facebook when you interact with us or our page, e.g. when you like or comment on posts or write to us via Facebook or follow our page.

LinkedIn (web presence / link)

Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Privacy statement: https://www.linkedin.com/legal/privacy-policy
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Specific information on LinkedIn company pages: When visiting our LinkedIn company page, LinkedIn will process your personal data. LinkedIn will use LinkedIn Analytics to provide us with this information in an anonymised form. This anonymised data is statistical data of our subscribers. 
In addition, LinkedIn will also provide us with your profile name when you interact with us or our site, for example when you link or comment on accounts or follow our site.

Xing (web presence / link)

Provider: XING SE, Dammtorstraße 30, D-20354 Hamburg, Germany
Privacy statement: https://privacy.xing.com/en/privacy-policy
Specific information on Xing company profile: When visiting our Xing company profile, Xing processes your personal data. 
In addition, Xing will communicate your profile name to us when you interact with us or our site, for example when you link or comment on accounts or follow our profile.

LEAD Forensics

The products and services of the company Lead Forensics (http://www.leadforensics.com) are used on this website for marketing and optimisation purposes. Lead Forensics is headquartered in Communication House 26 York Street, London, W1U 6PZ, Great Britain. Lead Forensics identifies details of your organisation including telephone number, web address and SIC code, and a description of the company, and shows the course which your visit to this website actually took, including all the pages visited and viewed by you and how long you spent on this site. The data will not be used for personal identification of an individual visitor under any circumstances. If IP addresses are collected, they are immediately anonymised after collection. Lead Forensics will use the information collected on behalf of the website operator to analyse your visit to the website, to compile reports about website activities and to render other services connected with website usage and internet usage for the website operator. If you do not agree to this, you can object to future data collection, processing and storage at any time by clicking on the following link: Exclude from Website-Tracking

Online applications

If you send us an application either in response to an advertisement or on your own initiative, then we will collect the personal data which you have provided to us. In the course of the application procedure, the data will only be collected, stored, processed and used for purposes which are related to your application to us and which are necessary to process your application. Your personal data will only be disclosed to persons who process the application procedure. If your application is successful, we will use the data communicated by you for administrative purposes in the course of the employment. If your application cannot be considered, we will store the information communicated by you for up to six months for the purpose of facilitating a response to queries related to your application and rejection.

Disclosure of personal data in response to court orders or official instructions

Please note that we may be obliged to disclose your personal data and associated information, due to a court order or official instructions.

Updating this privacy policy

This privacy policy will be updated if we introduce other services, change internet practices or following advances in Internet and IT security technology or changes in the legal basis. We therefore reserve the right to change or supplement the Privacy Policy. We will publish the currently valid version in this location.

Right to be informed, right to erasure and right to block

You have the right at any time to receive information, free-of-charge, about your saved personal data, its origin and recipients and the purpose of the data processing. Furthermore, you have the right to rectification, blocking or erasure of this data. For this purpose as well regarding any other questions on the subject of personal data, you can contact the following address at any time.

Data Protection Officer:

Phoenix Mecano Komponenten AG
Data Security Officer
Hofwisenstrasse 6
CH-8260 Stein am Rhein

Telephone +41 (0)52 742 75 00
Fax +41 (0)52 742 75 90
datenschutz@phoenix-mecano.ch

Please understand that we will require proof of identity for information requests about data concerning you stored by us. The responsible bodies within the meaning of the Data Protection Law (DSG)

Phoenix Mecano Komponenten AG
Hofwisenstrasse 6
CH-8260 Stein am Rhein

Telephone +41 (0)52 742 75 00
Fax +41 (0)52 742 75 90
info@phoenix-mecano.ch

Version: 28 February 2019

 

Information on the processing of customer/supplier data

1    General

Phoenix Mecano Komponenten AG takes the protection of your personal data very seriously. Your privacy is extremely important to us. We process your personal data in accordance with the applicable statutory data protection requirements and for the purposes described below. Personal data for the purposes of this privacy statement means any information relating to you as a person.

Below you will find information on how we handle this data. For the sake of clarity, we have divided this Privacy Statement into sections.
Controller for data processing

Phoenix Mecano Komponenten AG
Hofwisenstrasse 6
CH-8260 Stein am Rhein
Telephone +41 52 742 75 00
Fax: +41 52 742 75 90
email address: datenschutz@phoenix-mecano.ch

You can also contact our Data Protection Officer if you have any questions or comments relating to data protection (e.g. regarding access to or updating your personal data),

Phoenix Mecano Komponenten AG
– Data Protection Officer –
Hofwisenstrasse 6
CH-8260 Stein am Rhein
email: datenschutz@phoenix-mecano.ch
 

2    Scope of processing

2.1    Source used for data collection

We process personal data which we have collected directly from you.
As far as this is necessary for the provision of our services, we process personal data legitimately received from other companies or other third parties (e.g. credit agencies, address publishers). In addition, we process personal data which we have lawfully collected, received or acquired from publicly accessible sources (such as telephone directories, trade and association registers, civil registers, debtor registers, land registers, press, Internet and other media) and which we are permitted to process.
 
 

2.2    Origin and data categories of data which was not collected directly from you

As far as this is necessary for the provision of our services, we process personal data legitimately received from other companies or other third parties. In addition, we process personal data which we have lawfully collected, received or acquired from publicly accessible sources (press, Internet and other media) and which we are permitted to process. Relevant personal data categories may in particular include the following:
-    Personal data (name, date of birth, place of birth, nationality, marital status, occupation/sector and comparable data)
-    Contact data (address, email address, telephone number and comparable data)
-    Payment/cover confirmation for bank and credit card customer history
-    Data on your use of our offered telemedia (e.g. date and time of access to our web pages, apps or newsletters, clicks on our pages/links or postings and comparable data)
-    Creditworthiness data

2.3    Purposes of and legal bases for data processing

We process personal data in accordance with the provisions of the German Federal Data Protection Act (BDSG) and the EU General Data Protection Regulation (EU GDPR) as well as all other applicable laws.
If the EU GDPR applies to you, we hereby provide you with all information pursuant to Art. 13 EU GDPR.
The specific data processed in each case and the manner in which it is used depends primarily on the services requested and/or agreed upon. Please refer to the respective contract documents, forms, a declaration of consent and/or other information made available to you (e.g. in conjunction with the use of our website or in our terms and conditions) for further details or additions to the purposes of the data processing.
Purposes of fulfilling a contract or implementing pre-contractual measures (Art. 6 (1) (b) EU GDPR)
The processing of personal data is carried out for implementing our contracts with you and executing your orders, as well as for implementing measures and activities within the framework of pre-contractual relationships, e.g. with interested parties. These include in essence: contract-related communication with you, the corresponding billing and related payment transactions, the traceability of orders and other agreements as well as quality control by means of corresponding documentation, goodwill procedures, measures for controlling and optimising business processes as well as for fulfilling the general due diligence obligations, management and control by affiliated companies; statistical evaluations for corporate management, cost recording and controlling, reporting, as well as internal and external communication.
Emergency management, billing and fiscal evaluation of operational services, risk management, assertion of legal claims and defence in the event of legal disputes; guaranteeing IT security (including system and/or plausibility tests) and security in general, ensuring and exercising domiciliary rights (for example by means of access controls); ensuring the integrity, authenticity and availability of the data, prevention and investigation of criminal offences as well as monitoring by supervisory bodies or controlling authorities (e.g. audits).
Purposes within the framework of a legitimate interest on our part or of third parties (Art. 6 (1) (f) EU GDPR)
In addition to the actual fulfilment of the contract or the preliminary contract, we may process your data, where necessary, for protecting our legitimate interests or those of third parties, in particular for the purposes of

  • Advertising or market and opinion research, provided that you have not objected to the use of your data;
  • Verifying and optimising procedures for requirement analysis;
  • Further developing services and products as well as existing systems and processes;
  • Enriching our data, including using or researching publicly accessible data;
  • Statistical evaluations or market analysis; benchmarking;
  • Asserting legal claims and defence in the event of legal disputes which are not
  • directly attributable to the contractual relationship;
  • Restricted storage of the data if erasure is not possible due to the special type of storage or is possible only at a disproportionately high expense due to the special type of storage;
  • Developing scoring systems or automated decision-making processes;
  • Preventing and investigating criminal offences, unless these are exclusively to fulfil legal requirements;
  • Building and plant security (for example through access controls) if this exceeds the general duties of care;
  • Preserving and maintaining certifications under private law or of official nature;
  • Ensuring and exercising domiciliary rights by means of corresponding measures (such as video surveillance) as well as preserving evidence in the event of criminal offences and their prevention.

Purposes on the basis of your consent (Art. 6 (1) (a) EU GDPR)
Your personal data can also be processed for specific purposes (e.g. the use of your email address for marketing purposes) with your consent. You can usually withdraw this consent at any time. You will be informed separately about the purposes and about the consequences of a withdrawal or refusal of consent in the respective text of the declaration of consent. As a general principle, withdrawing consent only has future effect. Any processing of data which took place before consent was withdrawn is not affected by this and remains lawful.
Purposes for fulfilling legal requirements (Art. 6 (1) (c) of the EU GDPR or in the public interest (Art. 6 (1)(e) of the GDPR)
As is the case with all parties involved in economic activities, we are subject to a number of legal obligations. These are primarily legal requirements (such as trade and tax legislation), as well as supervisory or other official regulations. The purposes of the processing include the fulfilment of fiscal monitoring and reporting obligations as well as archiving of data for purposes of data protection and data security and inspection by tax and other authorities. Furthermore, the disclosure of personal data may be required in the context of official/judicial measures for the purposes of evidence collection, prosecution or the enforcement of claims under civil law.


Extent of your duties to provide us with data
You only need to provide the information required for entering into and conducting a business relationship or a pre-contractual relationship with us or information which we are obliged to collect by law. As a rule, we are unable to conclude or execute the contract without this data. This may also apply to data required later in the business relationship. If we request additional data from you, reference will be made to the voluntary nature of the information.

2.4    Consequences of the failure to provide data

In the context of the business relationship, you must provide the personal data required for establishing, conducting and ending the legal transaction and complying with the thereby associated contractual obligations as well as data which we are legally required to collect. We will not be able to conduct the legal transaction with you in the absence of this data.

2.5    Recipients of the data

Within our company, your data will be received by the internal departments or organisational units which require it to fulfil our contractual and statutory obligations or in the context of processing and implementing our legitimate interest.
The data will only be forwarded to external agencies

  • in connection with the execution of the contract;
  • for the purpose of fulfilling legal requirements, according to which we are obliged to provide information, notification or the disclosure of data, or pass on data in the public interest (see Section 2.4);
  • if external service providers process data on our behalf as order data processors or acquirers of functions (e.g. computer centres, support/maintenance of EDP/IT applications, archiving, voucher processing, call-centre services, compliance services, controlling, data validation or plausibility checking, data destruction, purchasing/procurement, customer administration, letter shops, marketing, media technology, research, risk controlling, settlement, telephony, website management, audit services, financial institutions, printing companies or data disposal companies, courier services, logistics);
  • on the basis of our legitimate interest or the legitimate interest of the third party in the context of the purposes mentioned (e.g. to authorities, credit bureaus, debt collection agencies, lawyers, courts, experts, subsidiaries, committees and controlling authorities);
  • if you have given us your consent for transmission to third parties.

We will not forward your data to third parties other than for these purposes. If we commission service providers as part of order processing, your data will be subject to the same security standards there as those which apply to us. In all other cases, the recipients may use the data only for the purposes for which it was transmitted to them.

2.6    Recipients of the data outside Switzerland

Data is transferred to agencies in countries outside the European Union (EU) or the European Economic Area (EEA) (so-called third countries).

2.7    Retention periods

We process and store your data for the duration of our business relationship. This also includes the initiation of a contract (pre-contractual legal relationship) and the performance of a contract.
Furthermore, we are subject to various statutory retention and documentation obligations. The retention and documentation periods specified therein extend up to 15 years. In addition, it may be necessary to retain personal data for the time during which claims can be asserted against us (statutory limitation period).

Specific legal requirements may also require a longer storage period.
If data is no longer required for fulfilling contractual or statutory rights and obligations, it will be erased on a regular basis, unless temporary further processing of the data is necessary to fulfil the purposes arising from an overriding legitimate interest. Such an overriding legitimate interest also exists for instance, if erasure is not possible or is possible only at a disproportionately high expense due to the special type of storage and if processing of the data for other purposes is excluded by means of appropriate technical and organisational measures.
 

2.8    Your rights

You can assert your data protection rights against us under certain conditions.

  • For example, you have the right to receive information from us concerning your data stored by us pursuant to the provisions of Art. 15 EU GDPR.
  • At your request, we will correct the stored data relating to you pursuant to Art. 16 EU GDPR if it is inapplicable or incorrect.
  • If you wish, we will erase your data in accordance with the principles of Art. 17 EU GDPR, provided that this does not conflict with other statutory regulations or an overriding legitimate interest on our part (e.g. for defending our rights and claims).
  • Taking into account the prerequisites of Art. 18 EU GDPR, you can ask us to restrict the processing of your data.
  • Furthermore, you can object to the processing of your data pursuant to Art. 21 EU GDPR on the basis of which we must discontinue the processing of your data. However, this right to object only applies in the event of very special circumstances concerning your personal situation, whereby rights of our company may conflict with your right to object.
  • You also have the right to obtain your data subject to the prerequisites of Art. 20 EU GDPR in a structured, common and machine-readable format or to transmit it to a third party.
  • In addition, you have the right to withdraw the consent granted to us for the processing of personal data at any time with future effect (cf. Section 2.3).
  • Furthermore, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 EU GDPR). However, we recommend that you always address a complaint to our Data Protection Officer first.
  • If possible, your requests to exercise your rights should be made in writing or by email to the address stated above or sent directly in writing or by email to our Data Protection Officer.


Specific reference to your right to object pursuant to Art. 21 GDPR

You have the right at any time to object to the processing of your data which is carried out on the basis of Art. 6 (1) (f) EU GDPR (data processing on the basis of the balancing of interests) or Art. 6 (1) (e) GDPR (data processing in the public interest), if there are reasons for this which arise from your particular situation.

This also applies to profiling based on this provision within the meaning of Art. 4 (4) EU GDPR. If you object, we will no longer process your personal data unless we can prove that there are compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms or the processing serves to establish, exercise or defend legal claims.

We may also process your personal data for the purposes of direct advertising. If you do not wish to receive any advertising, you have the right to object to this at any time; this also applies to profiling provided that it is associated with such direct advertising. We will comply with this objection for the future. We will no longer process your data for direct advertising purposes if you object to processing for these purposes.

Objections can be made informally and should preferably be addressed to:

Phoenix Mecano Komponenten AG
– Data Protection Officer –
Hofwisenstrasse 6
CH-8260 Stein am Rhein
email: datenschutz@phoenix-mecano.ch

You also have the option of submitting a complaint to the Data Protection Officer stated above or to a data protection supervisory authority.

We have also appointed an EU representative pursuant to Art. 27 (1) GDPR. The representative can be reached under the following contact data:

Ifina GmbH
Erbeweg 13-15
D-32457 Porta Westfalica

Telephone: +49 571 5041-114
email: Imort@Ifina.de

The data protection supervisory authority responsible for us is:

Landesbeauftragte für Datenschutz und Informationsfreiheit
Nordrhein-Westfalen
Postfach 20 04 44
D-40102 Düsseldorf

Tel.: +49 211/38424-0
Fax: +49 211/38424-10
email: poststelle@ldi.nrw.de

Version: 8 April 2018