Data Privacy Notice
(Updated June 2021)
The protection of your personal data is important to us. Pursuant to EU General Data Protection Regulation (Art. 13 GDPR) we must inform you about the purpose for which we collect, save or forward data, and about your rights to data protection. The content and scope of the data processing corresponds essentially to the respective data that you provide or the data that are required for the business relationship or communication.
The Responsible Parties, the contact details of the Data Protection Officer and the address of the supervisory authority can be found in the Imprint of this website.
We process personal data that we receive from you, from a partner commissioned by you or from one of our business partners in the context of our business relationship. In addition, we process data that we have legitimately received from publicly accessible sources (e.g., commercial register, address directory, media, trade fair participants). Personal data include your personal details (e.g., title, name, country, address, e-mail address and telephone number, delivery addresses, order and invoice data, information on creditworthiness, documentation data, log of trade fair talks, etc.).
Personal data are processed especially in the following business processes:
- Visits to the website, Online-Shop
- Initiation of contact
- Visitor registration, WLAN guest access
- Job applications and vocational training
- Trade fairs, events and product training
- Customer Hotline
- Advising by our employees or by trade partners
- Order processing, delivery, invoicing
- Marketing actitivities
- Based on legal obligations (customs and compliance screening, reporting of accidents)
- Temporary work, training, vacation assistant programs
- Quality inspections and quality certificates, claims
- Service accounting of subcontractors
- Communication and Videoconferencing (especially via Microsoft Teams)
Purposes and Legal Basis of the Processing
We process personal data only in the context of our business activity.
The legal basis for the processing is based on a contractual relationship or a relationship of mutual trust preceding conclusion of a contract, or legal requirements, or based on legitimate interest of our company or based on your consent or if you contact us (e.g., at trade fairs, by e-mail, by post, by telephone or via this website).
In the context of the business relationship, you must provide the personal data required to initiate and maintain the business relationship, and also those that we are legally obligated to collect. If you do not provide us with these data, then we will, as a rule, have to reject your requests or your contact query, conclusion of the contract, or explanation of the order, or have to end an existing contractual relationship.
If you have granted us your consent to processing your personal data, then the processing is carried out only according to the purposes set out in the declaration of consent and in the scope agreed therein. Once granted, your consent can be revoked at any time with future effect without stating reasons, as long as this is legally permissible. Please be aware that lawmakers classify job applications as a pre-contractual business relationship, and application documents are stored for 6 months after conclusion of the application process.
Moreover, we reserve the right to store your first and last names, your mailing address and – if we have received this additional information from you in the context of a contractual relationship – your title, academic degree and your professional, sectoral or business designation in compiled lists and use for own advertising purposes, e.g., for sending interesting offers and information on our products by mail. You can object to the storage and use of your data for these purposes at any time by giving notice at the address stated in the mailing.
If we provide services in advance, e.g., in the case of a purchase on account, we reserve the right to procure information on identity and creditworthiness from service companies specializing in this (credit agencies) to protect our justified interests.
Recipients and Data Transfers
We only transfer your data to third parties if this is permitted by law, if you have provided consent or the transfer is required for fulfilment of our business aims.
If possible the data are anonymized or pseudonymized for this purpose.
Within our corporate group, only the offices or employees that require your data to meet our contractual, legal or supervisory obligations or for protection of justified interests will receive them.
In addition to this, we transfer your data to processors commissioned by us:
- IT and hosting service providers (internal within the Freudenberg Group and external like Microsoft 365, SAP, Newsletter systems and hosting services)
- Security services, visitor registration and registry
- Credit institutions and payment providers to settle the payment transactions if orders have been placed
- Back office service providers for handling advertising mailings
- Suppliers for settlement of product and sample orders
- Laboratories and institutes for testing of products
- Transport and logistic fulfillment
- Marketing partners if they require your data to carry out your assignment
- Agencies for surveys, marketing measures and organization of events.
Furthermore, data are transferred to public agencies and institutions (tax authorities, other authorities, customs offices), if there is a legal or supervisory obligation to do so.
All processors and marketing or trade partners are obligated by contract to process your data only in the context of the provision of services and pursuant to provisions of data protection law in force.
We store your data only as long as is required for processing of the business transaction or compliance with documentation obligations. Legal requirements stipulate that trade letters be stored at least 6 years, but at least 10 years if their content is relevant for tax purposes. Our IT systems are equipped, moreover, with comprehensive data backup concepts that do not permit premature deletion. In this case, access to data is restricted after expiry of the allowed storage period. Job application documents are saved or stored 6 months after the position has been filled, but if the application is made through an employment agency, then master data must be stored for a longer time.
Rights of the Individual
You have the right to access the information free of charge regarding data that we have saved about you, as well as a right to correction, blocking or deletion of these data. If you have granted your consent for data processing, then you can revoke your consent for future processing.
To do so, please contact at first the contact person which whom you have been recently in contact. In addition, you can contact our Data Protection Officer.
If you believe that we breach European data protection law by processing your data, then we request that you contact us so that we are able to clarify your concerns. Furthermore, you have the right to lodge a complaint with the competent supervisory authority for data protection, if you believe that your personal data is being processed unlawfully.
Technical and Organizational Measures
We make use of state-of-the-art security measures to protect your data appropriately. We have implemented an Information Security System related to ISO 27001. Our employees, subcontractors and trade partners must observe our guidelines on information security.
Additional Information for this Website, for Online Services and for Marketing
You can visit our web pages without providing information about yourself. We store only access data in so-called server log files, such as the name of the requested file, data and time of its retrieval, amount of transferred data and the requesting provider. These data are assessed only for ensuring smooth operation of the webpage and for improving our offerings, and they do not allow us to infer your identity.
Personalized Marketing Information
Subscribers can opt-in to receive personalized emails based on your interests and interactions with each email. The personal data collection and evaluation as well as the use of various system functionalities is only permitted if the consent of the subscriber is granted.
You can revoke your consent for personalized marketing at any time using the link in the footer of every email or by contacting us directly at firstname.lastname@example.org
If we received your e-mail address in connection with the purchase of goods or services, and if you have not objected to this, then we reserve the right to send you regularly offers on our products similar to the one you have already purchased from our product line. You can object to receive marketing information at any time using a link provided for that purpose in the e-mail.
To make the design of our website attractive to visit and to enable the use of certain functions, we use so-called cookies on different pages. Cookies are small text files that are stored on your terminal. Some of the cookies used by us are deleted at the end of your browser session, i.e., when you shut down your browser (so-called session cookies). Other cookies remain on your terminal and enable us to recognise your browser again on your next visit (persistent cookies). You can configure your browser so as to be notified when cookies are saved and to decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general. If you do not accept cookies, then the operation of our website may be restricted.
This website uses Google Adwords and Google (Universal) Analytics, a web analysis service of Google Inc. (www.google.de). Google (Universal) Analytics uses methods that enable an analysis of your use of the website, e.g., so-called “cookies,” text files that are stored on your computer. The information generated by your use of this website is as a rule transferred to one of Google’s servers in the USA and stored there. If IP anonymization is activated on this website, then the IP address is abbreviated before transfer within EU Member States or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases is the complete IP address transferred to one of Google’s servers in the USA and abbreviated there. The anonymized IP address transferred in the context of Google Analytics by your browser is not combined with other data by Google.
You can prevent the collection of data generated by the cookie referring to your use of the website (including your IP address) by Google and its processing by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en Instead of the browser plugin you can click on this link in order to prevent data collection by Google Analytics on this website in the future. If you do so, then an opt-out cookie is deposited on your terminal. If you delete your cookies, then you must click on the link again.
Some of the webpages use video plugins from the video-sharing website YouTube. YouTube belongs to Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“).We embed videos from our official YouTube channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode.
Use of a cookiebot
This website uses the cookiebot service provided by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark. Information on data processing through Cybot and relevant privacy regulations can be found at: https://www.cookiebot.com/de/privacy-policy/.
If an end user provides his or her approval on our websites, the following data are automatically recorded by Cybot: Anonymized IP number of the end user (the last three digits are set to “0”), date and time of approval, browser’s user agent of the end user, the URL from which approval was sent, an anonymous, random, encrypted key, the consent status of the end user serving as a verification of approval.
In the end user’s browser, the key and the approval status are also saved in the “CookieConsent” cookie so that the website can automatically read and comply with the end user’s approval and all subsequent website requests and future end-user sessions for up to 12 months. The key is used for verifying the consent and also for an option which checks whether the approval status saved in the end user’s browser remains unchanged from the original approval which was sent to Cybot.
Additional Information for Social Media Activities
We have our own presence in various social media to present ourselves, provide information, get in touch with the respective users and to communicate with them. Social networks such as LinkedIn, Twitter, Xing, Facebook, Instagram, etc. can generally analyze user behavior extensively.
Even if you are not logged in to your social media account they can recognize you as an unlogged/non-registered user via “cookies” and use statistical data obtained from your next login.
Although some of the social networks provide user information to the owners of business accounts or fanpages, we do not use this information.
Additional Information for Videoconferencing and Microsoft365
Microsoft Teams is part of M365, which we use as a productivity, collaboration, and exchange platform for individual users, teams, communities and networks across our Freudenberg group of companies. As part of our online meetings using Microsoft Teams, we process the following personal data:
- Communication data (e.g. email address),
- Metadata (e.g. IP address, time of participation),
- Profiles (e.g. username).
Through the video conferencing feature of Microsoft Teams, we enable meetings and online events to be held. There is no recording of the videoconference, unless this is expressly agreed upon. We carry out the data processing on the basis of a legitimate interest.
We use Microsoft as a processor according to Article 28 GDPR.
M365 is a software from the company: Microsoft Ireland Operations Limited, One Microsoft Place,
South County Business Park Leopardstown, Dublin 18 D18 P521, Ireland
Microsoft Teams is part of the cloud application M365. A user account is automatically created for use. Data processing with M365 is done on servers in data centers in the European Union in Ireland and the Netherlands. For this purpose, Freudenberg has concluded a controller-processor agreement with Microsoft.
For the purpose of remote maintenance, Microsoft may request access. This access will then be checked by us on a case-by-case basis and granted if approved. In this case, such access may also be made by Microsoft affiliates from outside the European Union. Only in this case of access from outside the European Union in the individual case we have approved, we have concluded standard EU contracts with Microsoft. In order to guarantee an adequate level of data protection when transferring personal data to a third country, we have, as described above, additional measures in the form of state-of-the-art technical and organizational measures, such as access and encryption concepts for networks, databases, and servers.
Microsoft reserves the right to process customer data for its own legitimate business purposes. We have no influence on these Microsoft data processing operations. To the extent that Microsoft Teams processes personal information in connection with legitimate business purposes, Microsoft is an independent controller of such data processing activities and, as such, is responsible for compliance with all applicable privacy policies.
Login data and IP addresses are deleted in accordance with legal requirements.
Extensive technical and organizational measures have been agreed with Microsoft, which correspond to the current state-of-the-art technology.
Adjustment of the Data Privacy Notice
Please be aware that we can make adjustments of this Data Privacy Notice at any time.