Data Protection Statement

The following Data Protection Statement applies to the use of our website http://www.invent-gmbh.de (hereinafter referred to as “Website”).

Data protection is very important to us. We comply with all applicable data protection regulations, in particular the General Data Protection Regulation (GDPR), when we collect and process your personal data. We collect and process your personal data in order to be able to offer you the portal referred to above. This statement describes how and for what purposes your data are collected and used and your options in connection with your personal data.

By using this website you agree that your data may be collected, used and transmitted pursuant to this data protection statement.

1        Controller

The controller responsible for the collection, processing and use of your personal data in the sense of Article 4 point 7 of the GDRP is

INVENT Innovative Verbundwerkstoffe Realisation und Vermarktung neuer Technologien GmbH
Christian-Pommer-Straße 47
38112 Braunschweig
Germany

Tel.: +49 531 24466-0
Fax: +49 531 24466-88
E-mail: INFO(at)INVENT-GMBH.DE

If you wish to object to the collection, processing or use of your data by us to the extent of this data protection policy as a whole or to the extent of individual stipulations, please address your objection to the controller.

You can download and print this data protection statement at any time.

2        General use of the website

2.1       Hosting

The hosting services engaged by us provide the following: infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services which we make use of for the purposes of operating the website.

We and/or our hosting provider process inventory data, contact details, content data, contractual data, usage data, meta data and communication data of customers, potential customers and visitors to this website based on our justified interest in the efficient and secure provision of this website pursuant to Article 6 Paragraph 1 f) of the GDRP cross ref Article 28 GDRP.

2.2       Access data

We collect information about you whenever you use this website. We automatically collect information about your user behaviour and your interaction with us, and we save data to your computer or mobile device. We collect, save and use data concerning each time that our website is accessed (known as server log files). Access data include:

  • Name and URL of the file accessed
  • Date and time that the file is called up
  • Data volumes transmitted
  • Notifications of successful requests (HTTP response code)
  • Browser type and browser version
  • Operating system

We use these log data with no link to your person or other profile created for the purposes of the statistical analysis of the operation, or for the security and improvement of our website, but also to anonymously record the number of visitors to our website (traffic) as well as the scope and type of use of our website and services, we also use them for tracking purposes in order to count the number of clicks received from cooperation partners.

We also have a justified interest here pursuant to Article 6 Paragraph 1 f) of the GDRP.

We reserve the right subsequently to check log data if we have a sound reason for suspecting that the website has been used illegally. We save IP addresses in the log files for a specified period of time if required for security purposes. We only save IP addresses if we have a sound suspicion of a crime in connection with use of our website.

2.3       Cookies

We use session cookies in order to improve our website. A session cookie is a small text file which is sent out by the server concerned when a webpage is visited, it is then stored temporarily on your hard drive. This file contains a session ID used to classify the various requests made by your browser during the same session. It means that we are able to recognise your computer when you return to our website. These cookies are deleted when you close your browser.

Our justified interest in the use of cookies pursuant to Article 6 Paragraph 1 f) of the GDRP exists in our desire to make our website more user friendly, more efficient and more secure.

When these cookies are activated they are assigned an identification number which is not linked to your personal data. Your name, IP address or similar data which could enable the cookies to be linked to you, are not included in the cookie. We only receive pseudonymised information based on this cookie technology, for example, information about which pages have been visited in our online shop, which products were viewed, etc.

You can adjust your browser settings so that you are informed about cookies in advance and can decide in each individual case whether you choose to accept cookies for particular cases or reject them completely, This may limit the functionality of the website.

2.4       E-mail contact

If you get in contact with us (e.g. via the contact form or by e-mail), we retain your details in order to process your request and in case you have any subsequent questions.

We also have a justified interest here pursuant to Article 6 Paragraph 1 f) of the GDRP.

We only retain or use other kinds of personal data if you give your consent or if permitted by law without your specific consent.

2.5       Contact form

A contact form is available on our website and can be used for getting in touch with us electronically. If users avail themselves of this opportunity, the data entered into the form are transmitted to us and stored. These data are:

  • Name
  • Address
  • E-mail address
  • Telephone and fax number
  • Message text

During the submission process we ask for your consent to the processing of the data and direct your attention to this Data Protection Statement.

No data are forwarded to third parties in connection with this process. The data are used exclusively for the processing of the conversation between you and us.

The legal basis for the processing of the data is the consent of the user Article 6 Paragraph 1 a) of the GDRP.

We only process the personal data from the input fields for the purposes of processing your initial contact with us.

We erase your data as soon as they are no longer required for achieving the purpose of your enquiry. For the personal data from the input fields on the contact form this applies when the particular conversation with the user comes to an end. The conversation comes to an end when circumstances suggest that the matter concerned has been completely dealt with.

The user has the option at any time to withdraw his or her consent to the processing of his or her personal data. If consent is withdrawn the conversation cannot be continued. All personal data retained from the initial enquiry will be erased in this case.

2.6       Google Analytics

We use Google Analytics, a web analysis service from Google Inc. (“Google”), to evaluate visitor information from this website. (“Google”). Google has signed up to the Privacy Shield agreement between the European Union and the USA and is certified accordingly. The agreement obliges Google to comply with the standards and regulations of European data protection law. You can find more information by following this link: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

Google Analytics uses cookies, text files which are stored on your computer and permit the analysis of your use of this website. The information generated by the cookie about the use of this website by a visitor is normally transmitted to a Google server in the USA and stored there.

We also have a justified interest here pursuant to Article 6 Paragraph 1 f) of the GDRP.

If IP masking is activated on this website however, within member states of the European Union or in other signatory states to the Agreement on the European Economic Area your IP address will be abbreviated before transmission to the USA. Only in exceptional circumstances will the full IP address be transmitted to a Google server in the USA and abbreviated there. IP masking is active on this website. On our behalf, Google will use this information in order to evaluate your use of the website, compile reports about website activities and provide other services connected with website usage and Internet usage to us.

Furthermore, the IP addresses are only processed in shortened form. You may refuse the use of cookies by selecting the appropriate settings on your browser; however please note that if you do so you may not be able to enjoy the full functionality of this website.

Additionally, you can opt out of the transmission of information to Google related to your use of the website (including your IP address) and generated by the cookie by downloading and installing the browser plug-in available at http: https://tools.google.com/dlpage/gaoptout?hl=en-GB.

As an alternative to the browser plug-in, or within browsers on mobile devices, you can click on the following link to set an opt-out cookie which will prevent Google Analytics from collecting data within this website in future (this opt-out cookie will only function in this browser and only for this domain. If you delete cookies in your browser you must click on this link again): Deactivate Google Analytics

2.7       Retention period

Unless specifically stated, we only retain your personal data for as long as is necessary to fulfil the purpose pursued.

3        Your rights as the data subject

In accordance with applicable laws, you have a range of rights with regard to your personal data. If you wish to assert these rights, please direct your enquiry by email or by post to the address given in point 1, clearly stating your name.

An overview of your rights follows.

3.1       Right to confirmation and information

You have the right at any time to receive confirmation from us as to whether or not we are processing personal data concerning you. If this is the case then you have the right to request from us, free of charge, information about the personal data concerning you which we are processing as well as a copy of this data. Further, you have the right to the following information:

  1. the purposes for which the data is being processed;
  2. the categories of personal data being processed;
  3. the recipients or categories of recipients to whom the personal data have been made available or will be made available, in particular in the case of recipients in third countries or in the case of international organisations;
  4. if possible, the planned period for which the personal data will be retained or, if this is not possible, the criteria for establishing this period;
  5. the existence of a right to correction or erasure of personal data related to you or to the limitation of the processing by the controller or a right to withdraw consent to this processing;
  6. the existence of a right to complain to a supervisory authority;
  7. if the personal data have not been collected from you, all available information about the source of the data;
  8. the existence of automated decision-making, including profiling, referred to in Article 22 Paragraphs 1 and 4 of the GDRP and – at least in those cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.

Where personal data are transferred to a third country or to an international organisation, you have the right to be informed of the appropriate safeguards pursuant to Article 46 of the GDRP relating to the transfer.

3.2       Right to rectification

You have the right to request that we immediately rectify personal data concerning you which is incorrect. Taking into account the purposes of processing, you have the right to request that incomplete personal data are rendered complete – including through the provision of an explanatory note.

3.3       Right to erasure (“right to be forgotten”)

Pursuant to Article 17 Paragraph 1 of the GDRP you have the right to request from us that personal data related to you are immediately erased and we are obliged to immediately erase personal data if one of the following reasons applies:

  1. The personal data are no longer necessary for the purposes for which they were collected or in any other way processed.
  2. You withdraw your consent on which processing of the personal data was based pursuant to 6 Art. 9 Paragraph 1 a) of the GDRP or Paragraph 2 a) of the GDRP, and there is no other legal basis for processing the information.
  3. You object to the processing of the personal data pursuant to 21 Paragraph 1 of the GDRP and there are no overriding legitimate grounds for processing the data, or you object to the processing pursuant to Art. 21Paragraph 2 of the GDRP.
  4. The personal data were processed unlawfully.
  5. The erasure of personal data is required in order to fulfil a legal obligation under Union law or under the law of the member states to which we are subject.
  6. The personal data were collected in relation to information society services offered as described in 8 Paragraph 1 of the GDRP.

If we have published personal data and if we are obliged to erase them pursuant to Article 17 Paragraph 1 of the GDRP, then in consideration of the available technology and the costs of implementation we will take appropriate measures, including of a technical nature, to inform the controllers processing this data that you have requested that they erase all links to this personal data or all copies or replications of this personal data.

3.4       Right to restriction of processing

You have the right to request from us that we restrict the processing of your data if one of the following conditions is met:

  1. you contest the accuracy of the personal data, for a period enabling us to verify the accuracy of the personal data,
  2. the processing is unlawful and you have rejected the erasure of the personal data and have instead requested the restriction of their use;
  3. we no longer need the personal data for the purposes of processing, but you require them for the establishment, exercise or defence of legal claims, or
  4. you have objected to the processing pursuant to 21 Paragraph 1 of the GDRP pending verification of whether the legitimate grounds of the controller override your own grounds.

3.5       Right to data portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, so long as

  1. the processing is based on consent pursuant to 6 Paragraph 1 a) of of the GDRP or Art. 9 Paragraph 2 a) of the GDRP or on a contract pursuant to Art. 6 Paragraph 1 b) of the GDRP and
  2. the processing is carried out by automated means.

In exercising your right to data portability pursuant to Paragraph 1, you have the right to have the personal data transmitted directly from one controller to another, where technically feasible.

3.6       Right to object

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Art. 6 Paragraph 1 e) or f) of the GDRP, including profiling based on those provisions.  We will no longer process the personal data unless we are able to demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

If we process personal data for the purposes of direct marketing then you have the right to object to the processing of personal data concerning you for the purposes of this kind of marketing; this also applies for profiling in so far as it is connected with this kind of direct marketing.

You have the right, for any reason arising from your particular situation, to object to processing related to you of personal data related to you carried out for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 Paragraph 1 of the GDRP, unless the processing is required for the fulfilment of a task or operation in the public interest.

3.7       Right to withdraw consent under data protection law

You have the right to withdraw consent to the processing of personal data at any time.

3.8       Right to complain to a supervisory authority

You have the right to complain to a supervisory authority, in particular in the member state in which you reside, in which you work or in which the alleged infringement took place, if you believe that the processing of your personal data is unlawful.

4        Data security

We do our very best to protect your data within the bounds of applicable data protection legislation and what is technically possible.

We transmit your personal data using encrypted communication. This applies to your orders and to your customer login. We use the SSL encryption system (Secure Socket Layer), but nevertheless point out that the transmission of information over the Internet (e.g. when communicating by e-mail) is never completely secure. It is impossible to completely secure information against access by third parties.

In order to secure your data, we take technical and organisational security measures pursuant to Article 32 of the GDRP and are constantly updating them to the latest standards.

We cannot guarantee that our website will be available at any particular time; faults, interruptions and breaks in service cannot be ruled out. The servers which we use are carefully secured on a regular basis.

5        Forwarding of data to third parties, no data transmission to non-EU countries

In principle we only use your personal data within our own company.

If ever we engage third-party providers for the fulfilment of contracts (for example, logistics providers), these providers only receive personal data to the extent that they are required for the service concerned.

If ever we outsource certain parts of the data processing work (“data processing”), the data processor is contractually obliged by us to use personal data in compliance with the regulations set out in data protection legislation and to guarantee the protection of the rights of the affected person.

We do not transmit nor do we plan to transmit data to offices or individuals outside of the EU outside of the situations named in point 2 of this statement.

6        Data Protection Officer (optional)

If you have any further questions or concerns relating to data protection, please contact our data protection officer:

Richard Schütze
evers Arbeitsschutz GmbH
schuetze(at)eversonline.de