Controller in sense of the GDPR is:

Elementar Analysensysteme GmbH
Elementar-Straße 1
63505 Langenselbold

Germany

Tel: +49 6184 9393 – 0
E-Mail: info@elementar.com

(hereinafter „we“, „us“)

Not only our analysis products provide clarity, but also we create the highest possible transparency in data protection: In following we would like to inform you whether, and if so, to what extent and for how long, we process your personal data.

Please note that use of individual services that go beyond the mere use of our website may require prior registration and/or confirmation of further, possibly overriding, regulations.

We reserve the right to adapt the content of this data protection information to legal and actual circumstances from time to time. The privacy policy, which is published at the time when you visit our website, is the one that applies.

1. Personal data

Personal data is any information relating to an identified or identifiable natural person. This includes information such as your name, adress and e-mail adress. Information that is not directly associated with your real identity – such as pages in our website that are generally favoured by users or the number of users of a page – is not personal data.

2. Data collection on this web page and other processing

a) If you only visit our website

If you visit our website, our web servers temporarily store connection data of requesting computer (e.g. IP adress), time of server request, pages you visit on our website, date and duration of visit, identification data of browser and operating system type used as well as the website from which you visit us (referrer). It is not possible for us to deduce identity of a natural person from this data.

Our interest in processing of usage data mentioned consists in particular in ensuring functionally and security of our information technology systems and in optimising our website.

Processing is necessary to protect our aforementioned legitimate interests (Art. 6 para. 1 s. 1 lit. f GDPR).

b) If you register in our customer portal

If you register on our customer portal, we process your name, title, e-mail address, name of the company you work for, company adress including zip code, city and country, telephone number, whether you wish to receive newsletter and passwort you have chosen.

If you also provide other voluntary information, sush as the region and state, VAT identification number of the company and a business sector (market) and a relevant application, we will also process this information.

We process these data exclusively in order to set up and confirm your user account. If you are already an Elementar customer, your personal data will be compared with existing data records (e.g. to transfer existing discounts) in order to individually set up your user account.

Processing is carried out to fulfil user contract concluded with you and to initiate further contracts (e.g. through online orders; Art. 6 para. 1 s. 1 lit. b GDPR).

c) If you place orders via the customer portal

If you order via customer portal (e.g. consumables, spare parts, devices or services), we process data provided during registration, any other data stored for you as well as special order data. Special order data includes, for example, which products you order, a delivery and billing adress, payment data, an order number as well as any comments you may have made.

If you pay by credit card („Visa“, „Mastercard“ or „American Express“), necessary data will be transmitted to respective payment service provider.

Processing is carried out to fulfil a contract or to implement precontractual measures (Art. 6 para 1 s. 1 lit. b GDPR).

If you order as a new customer and your order volume is over EUR 5,000.00, we will send your order details to our credit insurer EULER Hermes Deutschland, a branch of Euler Hermes SA (Hamburg). Processing is carried out to protect us against payment defaults. Euler Hermes also checks your creditworthiness when determining the insured goods credit limit. Processing is either necessary to initiate the conclusion of a contract (Art. 6 para. 1 s. 1 lit. b GDPR) and/or is necessary for the purposes of our legitimate interest in securing a transaction (Art. 6 para. 1 s. 1 lit. f GDPR).

d) If you use our contact form, our Live Support or our Service Hotline

If you use our contact form, our live support or our service hotline, we process your name, the name of the company you work for, the country in which the company is located, your e-mail address and any other information you provide to us in order to process your request or provide the support you have requested.

Processing is either necessary to fulfil the contract concluded with you (Art. 6 para. 1 s. 1 lit. b GDPR) or is based on our legitimate interest in offering the respective services and increasing customer satisfaction (Art. 6 para. 1 s. 1 lit. f GDPR).

When using the live support offered by us, we use "GoToAssist", a software from LogMeIn Ireland Limited from Ireland. We do not transfer any personal data to them. Please note that remote access may result in additional personal data being visible to our support staff. We do not actively collect this information. If necessary, corresponding data protection agreements exist.

e) If you subscribe to our e-mail newsletter

If you subscribe to our e-mail newsletter, we store your IP address and the time of registration and confirmation. The legal basis for this is Art. 6 para. 1 s. 1 lit. f GDPR (legitimate interests). Our legitimate interest consists in being able to prove your registration and, if necessary, to investigate any possible misuse of your personal data.

In addition, when you register, we process your name, the name of the company you work for, your e-mail address and, if applicable, details of your title and areas of interest in order to adapt the information in the newsletter to your personal needs.  The newsletter contains information about our company, analytical systems, services and after-sales services, interesting offers, invitations to expert meetings or trade fairs as well as technical information based on your details and customized to your interests. The legal basis for these mentioned processings of personal data concerning data protection law is Art. 6 para. 1 s. 1 lit. a GDPR (consent).

In addition, we evaluate your user behaviour within the sent newsletters by combining receipt and reading confirmations as well as information about the links you have clicked on for statistical purposes.  We analyse the interests that you indicate when registering for the newsletter and your personal data as well as your reading behaviour with regard to the newsletter and - if you are a customer - merge these with your data in the customer database. The legal basis for such processing is Art. 6 para. 1 s. 1 lit. a GDPR if you have declared your consent, otherwise Art. 6 para. 1 s. 1 lit. f GDPR (legitimate interests).

You may withdraw your consent at any time with effect for the future. The processing of your data until withdrawing remains lawful. You can withdraw your consent by clicking on the link provided in every newsletter e-mail, by sending an e-mail to datenschutz@elementar.de or by sending a message to the contact details given in the imprint.

3. Storage of personal data

After complete provision of services, withdrawal of any consent given or successful objection to the processing of your personal data and after expiry of tax and commercial storage regulations, your personal data will be completely deleted unless you have expressly agreed to a further use of data or this should otherwise be legally permissible or necessary.

4. Obligation to provide personal data

As a matter of principle, you are not legally obliged to provide your data. If personal data is required for certain purposes, this information is marked with an asterisk. The special purpose cannot be achieved without this data.

5. Transfer of your personal data to third parties

Your personal data will not be transferred on or otherwise transmitted to third parties unless this is stated in this privacy policy and the transfer is necessary to achieve the stated purpose (e.g. to contracted technical service providers) or you have expressly declared your consent to this.

6. Cookies

Our website uses so-called cookies in several places. They serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer. Unless otherwise stated below, we do not collect any information that we can assign to a natural person.

Many of the cookies we use are so-called session cookies. They are automatically deleted at the end of your visit.

In addition to the cookies for Google Analytics (see section 7) and LinkedIn (see section 8), the following cookies are used:

 

Cookie

Purpose

Expiration

PHPSESSID

Stores session ID

Approx. 1 hour

X-Magento-Vary

Stores configuration settings to improve performance

Approx. 1 hour

feffec2a0dcd408b518e022a4e7d33d5

Stores session ID for shop software Magento

When exiting the browser session

form_key

For security reasons, causes a random character string to be appended to all form submissions. This security measure serves in particular to protect against Cross-Site Request Forgery (CSRF).

Approx. 1 hour

mage-cache-sessid

Clears the local cache memory.

1 day

mage-cache-storage

Storage of visitor information for the Magento shop software to enable shop functions.

1 day

mage-cache-storage-section-invalidation

Forces the local storage of certain content areas that are to be invalidated.

1 day

mage-messages

Tracks error messages and other notifications displayed to the user, such as various error messages.

Approx. 1 day

mage-translation-file-version

Required for the shop software Magento. Saves the version number within the dictionary option.

When exiting the browser session

mage-translation-storage

Required for the shop software Magento. Saves the translated contents of the user.

When exiting the browser session

private_content_version

Appends a random, unique number and timestamp to pages containing customer content to prevent it from being stored in server cache memory.

3 days

product_data_storage

Stores already viewed or compared product information

1 day

recently-compared_product

Stores already viewed or compared product information

1 day

recently-compared_product_previous

Stores IDs of previously compared products for easy navigation.

1 day

recently-viewed_product

Stores already viewed or compared product information

1 day

recently-viewed_product_previous

Stores IDs of previously viewed products for easy navigation.

1 day

section_data_ids

Stores section data, such as payment information, customer information. Required for the order process.

1 day

wallee_decive_id

Stores the session ID for payment processing.

1 hour

cookiesAccepted

Stores whether the cookie banner has been closed.

Approx. 48 years

cookie_usp_popup

Stores pop-up sessions that have already been shown.

 1 month

Local memory

Allows preferences when using the website to be stored and used on the computer.

No expiration date

 

Cookies do not damage your computer and do not contain viruses. You can set your browser settings so that no cookies are stored. In this case, you may not be able to use all functions of our website. The cookies are processed exclusively on the basis of our legitimate interest (Art. 6 para. 1 s. 1 lit. f GDPR). This also applies to the use of the cookies described in section 7. Our legitimate interest consists in making it possible for you to use our website more conveniently and to improve our services.

7. Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google LLC ("Google"). Google Analytics uses cookies (see also section 6 - Cookies), which are stored on your computer for up to 2 years and enable an analysis of the use of the website by you. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States. If IP anonymisation is activated on these websites, your IP address will be shortened beforehand by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. The full IP address will only in exceptional cases be transmitted to a Google server in the USA and shortened there. IP anonymization is activated.

User-level and event-level data are stored for 14 months. User-level and event-level data are data which are associated with cookies, user-identifiers (e.g., User-ID) and advertising identifiers (e.g., DoubleClick cookies, Android’s Advertising ID, Apple’s Identifier for Advertisers).

On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.

You can prevent the storage of cookies by setting your browser software accordingly. In this case you may not be able to use all functions of the website.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and Google from processing this data by downloading and installing the browser plugin available under the following link: tools.google.com/dlpage/gaoptout.

As an alternative to the browser plugin, you can click on this link to prevent Google Analytics from capturing data on the website in the future. An opt-out cookie is stored on your end device. If you delete your cookies, you must click the link again.

For more information about privacy at Google Analytics, please visit https://policies.google.com/privacy?hl=en.

8. Security

We take all necessary technical and organizational security measures to protect your personal data from loss and misuse. We store your data in a secure operating environment that is only accessible to authorized persons. If you wish to contact us by e-mail, please bear in mind that the confidentiality of the information transmitted can never be 100% guaranteed due to the circumstances of the Internet and that the content of e-mails could possibly be viewed by unauthorised third parties.

9. Further legal information

We do not permit third parties to use the contact data such as postal addresses, telephone or fax numbers or e-mail addresses published in the imprint or comparable information to send information that has not been expressly requested. Requests to assert the rights set out in Section 11 and other requests regarding data protection are excluded from this and can be made at any time.

10. Right of acces, rectification, erasure, restriction of processing, data portability, objection, withdrawal, complaint

If you have any questions that are not answered by this data protection information or if you wish to receive more detailed information on a specific point, please contact our data protection officer: Dr. Thomas Lapp, Datenschutz dr-lapp.de GbR, Berkersheimer Bahnstraße 5, 60435 Frankfurt a.M., e-mail datenschutz@elementar.de, phone +49 69 95408864. Furthermore, you have the right

  • of access to obtatin information about your personal data processed by us in accordance with Art. 15 GDPR;
  • to obtain without undue delay the rectification of inaccurate personal or completion of incomplete personal data stored by us in accordance with Art. 16 DS-GVO;
  • to obtain the erasure of your personal data stored by us in accordance with Art. 17 GDPR;
    • to obtain restriction of the processing of your personal data in accordance with Art. 18 GDPR;
    • to receive your personal data which you have provided to us, in a structured, commonly used and machine-readable format or to request transmission to another controller in accordance with Art. 20 GDPR;
    • to object to the processing of your personal data pursuant to Art. 21 GDPR;
    • to withdraw your consent to us at any time in accordance with Art. 7 para. 3 GDPR. The consequence of this is that we may no longer continue the processing based on this consent in the future, but this shall not affect the lawfulness of processing based on consent before its withdrawal;
    • to lodge a complaint to a supervisory authority pursuant to Art. 77 GDPR.

Please use the contact details given above for this purpose.

 

Release: September 2020