Data privacy statement

This Data Privacy Statement is to inform you about what kind of personal data are collected to what extent and for what purpose by us in our capacity as Data Controller on this website.

I. Definitions

This Data Privacy Statement is based on concepts used by the European body issuing regulations and directives when establishing the General Data Protection Regulation (GDPR). In order to make sure that this Statement is understood, we will explain the concepts used as a preliminary point. Insofar as reference is made to legal provisions without specifying the name of the law in question, we mean the GDPR.

1. Personal data

“Personal data” shall mean information referring to an identified or identifiable natural person (hereinafter "Data Subject"); “identifiable” means that the natural person can be identified, directly or indirectly, in particular by reference to an identifier such as a name, to an identification number, to location data, to an online ID, or to one or more factors specific to the Data Subject’s physical, physiological, mental, economic, cultural or social identity.

2. Data Controller

“Data Controller” shall mean the Community institution or body, the Directorate-General, the unit or any other organizational entity which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by a specific Community act, the Controller or the specific criteria for its nomination may be designated by such Community act.

3. Data Processing

“Data processing” shall mean any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.

4. Third Party

“Third Party” shall mean a natural or legal person, public authority, agency or body other than the Data Subject, the Controller, the processor and the persons who, under the direct authority of the Controller or the processor, are authorized to process the data.

5. Consent

“The Data Subject's consent” shall mean any freely given specific and informed indication of his or her wishes by which the Data Subject signifies his or her agreement to personal data relating to him or her being processed.

6. Profiling

“Profiling” means any type of automated personal data processing that consists in using such personal data to evaluate certain personal aspects related to a natural person, in particular to analyse or predict aspects relating to this natural person’s job performance, economic situation, health, personal preferences, interests, reliability, behaviour, residence or change of location. For your protection, we do not use profiling on our website.

II. Contact details of the Data Controller and the Data Protection Officer

Data Controller:

Lohmann Gleit- und Wälzlagertechnik GmbH & Co. KG

Carl-Zeiss-Str. 4
32278 Kirchlengern

Tel. +49 5223 99 87-0
Fax +49 5223 99 87-22
Email: info(at)lohmann-gleitlager.de

 

Contact details of the Data Protection Officer:

Volker von Jagow

Panoramaweg 17
57482 Wenden

Tel. +40 2762 6007432
Email: vj(at)novus.nrw

 

III. Type and scope of the processing of personal data

As a rule, we shall only process your personal data to the extent necessary for the provision of this website and our services. Data shall only be processed if permitted by law. In case you give your consent, further processing may occur.

1. Visiting our website

On visiting our website, your browser will automatically transmit information to the server of our website. The following information will be stored temporarily in logfiles:

  • date and time of access to the website,
  • your Internet protocol address (IP address),
  • the Internet service provider of the accessing system,
  • browser type and operating system used,
  • the website from which you accessed our website,
  • websites your system accesses through our website.

The legal basis for the storage of data and logfiles is Art. 6 (1) lit. f GDPR. Data are processed in order to ensure the functionality of our website. Moreover, such data serve for the technical optimization of the website and for the safety and stability of our IT systems. We shall not use such data for marketing purposes, nor to identify you as a person.

Personal data shall be deleted as soon as they are no longer required for achieving the purpose of their collection.
  Data stored in logfiles will be deleted within 7 days. Should they be stored for a longer period, your IP address will be deleted or masked. Processing these data in logfiles is indispensable for the provision of the website. Therefore, you have no opt-out option here.

When you visit our website, we process further personal data by using certain analysis services. For further explanations please refer to item IV. of this Statement. For safety reasons and in order to protect the transmission of confidential contents, e.g. enquiries you send to us, our website uses an SSL- or TLS encryption. You can recognize an encrypted connection from the lock symbol in your browser line and from the fact that the address line of your browser changes from http:// to . If the encryption is activated, the data you are transmitting to us cannot be read by any third parties.

2. Making contact

When you contact us (e.g. via email, contact form, phone or Social Media), your personal data will be stored for processing and handling your query. The legal basis for the processing of these data is Art. 6 (1) lit. b GDPR. We shall delete these data as soon as they are no longer required for achieving the purpose of their collection; i.e. generally as soon as the respective correspondence with you is finished. The correspondence is deemed finished once the matter in question has been settled. Otherwise, statutory retention periods apply. These data will not be disclosed to third parties.

IV. Analysis services: cookies and tracking

1. Use of cookies

On our website, we use so-called cookies. These are small text files that are stored automatically on the Internet browser or by the Internet browser on your terminal device (e.g. desktop PC, tablet, smartphone etc.) when you visit our website. These cookies contain distinctive character strings that facilitate the clear identification of the Internet browser if the website is accessed again.

We use cookies in order to make our website more user-friendly. If you come back to our website, these cookies enable us to automatically recognize that you have already visited us, e.g. as a logged-in user. These cookies will be deleted automatically after a defined period of time. The data processed in this context are required for the purposes of the legitimate interests pursued by us or by a third party as stipulated in Art. 6 (1) lit. f GDPR.

You may also configure your browser settings according to your wishes and e.g. refuse acceptance of third-party cookies or all cookies altogether, or delete cookies set earlier. Should you choose not to accept cookies, please note that in that case our offer might not work faultlessly.

2. Integration of other third-party services

For the optimization of our Internet presence, we use third-party offers in order to include their contents and services (hereinafter referred to as “services”), namely maps, in our website. This integration requires that the providers of such services process your IP address. As this is technically unavoidable, processing your IP address is thus necessary for using and realizing such services. We continuously strive to use only services whose providers process the IP address only for the direct operation of the services. Third-party providers may also use so-called pixel tags (invisible graphics, also referred to as “web beacons”) for statistics- or marketing purposes. By means of the web beacons, various pieces of information, e.g. the visit to our website, can be analysed and evaluated. Information in pseudonymized form can also be stored in cookies on your terminal device, which facilitates the processing of technical information about your browser and operating system used, linked websites, visiting time, and other information regarding the use of our website. The legal basis for this processing of the transmitted data is Art. 6 (1) lit. f GDPR. The services potentially used are:

Google Maps

Integration of maps provided by the “Google Maps” service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. For this third-party provider’s Data Privacy Statement please go to www.google.com/policies/privacy/. Information on restricting/deactivating information transfer/advertising can be obtained from adssettings.google.com/authenticated.

YouTube

Integration of videos on the “YouTube” platform of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. For this third-party provider’s Data Privacy Statement please go to www.google.com/policies/privacy/. Information on restricting/deactivating information transfer/advertising can be obtained from adssettings.google.com/authenticated.

V. Your rights as a Data Subject

If your personal data are processed, you are a Data Subject for the purposes of the GDPR. This means that you have the following rights vis-à-vis the Data Controller:

1. Right of information

As a Data Subject you are entitled to obtain information from the Data Controller as to whether your personal data are being processed; if that is the case, you are entitled to obtain information on the personal data in question (Art. 15 GDPR). You are entitled to obtain information on the following details:

a. the purposes of the processing;

b. the categories of personal data concerned;

c. the recipients or categories of recipient to whom the personal data have been or will be disclosed;

d. if possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria for the determination of that period;

e. the existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data or to object to such processing;

f. the right to lodge a complaint with a supervisory authority;

g. where the personal data are not collected from you, any available information as to their source;

h. the existence of automated decision-making, including profiling as per Art. 22 (1) and (4), and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the Data Subject.

Furthermore, you are entitled to obtain information as to whether your personal data are transmitted to a third country or to an international organization. In this context, you are entitled to request information on the suitable safeguards as per Art. 46 GDPR in connection with the data transmission.

2. Right of rectification

As a Data Subject you are entitled to obtain from the Data Controller without undue delay the rectification of inaccurate personal data, or, taking into account the purpose of the processing concerned, to have incomplete personal data completed, also by means of an explanatory statement (Art. 16 GDPR).

3. Right of erasure

As a Data Subject you are generally entitled to obtain from the Data Controller the immediate erasure of personal data if one of the following reasons applies:

a. The personal data are no longer required for the purposes they were collected or otherwise processed for.

b. The Data Subject withdraws their consent that the processing within the meaning of Art. 6 (1) lit. a or Art. 9 (2) lit. a was based on, and there is no other legal basis for the processing.

c. The Data Subject objects to processing pursuant to Art. 21 (1) and there are no overriding legitimate reasons for processing; or the Data Subject objects to processing pursuant to Art. 21 (2).

d. The personal data have been unlawfully processed.

e. Erasure of the personal data is required to fulfil a legal obligation under Community law or under the national law of the member states that the Data Subject is governed by.

f. The personal data have been collected with regard to information society services as per Art. 8 (1).

If the Data Controller has disclosed your personal data to the public, and if he is obliged to erase them for the aforementioned reasons, he shall, in consideration of the technology available and the implementation costs, take appropriate measures including those of a technical nature to inform any individuals in charge of data processing who are processing said personal data that a Data Subject has requested them to erase all links to these personal data and any copy or replica of said personal data.

This right to have data erased does not exist if processing is necessary

a. to exercise the right of freedom of expression and information;

b. to fulfil a legal obligation that requires processing pursuant to Community law or under the national law of the member states that the Data Subject is governed by, or for the performance of a task carried out in the public interest or subject to the exercise of public authority assigned to the Data Controller;

c. for reasons of public interest in the field of public health pursuant to Art. 9 (2) lit. h and i as well as Art. 9 (3);

d. for public-interest archiving-, scientific- or historical research purposes, or for statistical purposes as per Art. 89 (1), insofar as the right mentioned in Section 1 is likely to render the attainment of the objectives of such processing impossible or affect it seriously; or

e. for the establishment, exercise or defence of legal claims.

4. Right of restriction of processing

As a Data Subject you are entitled to obtain from the Data Controller restriction of processing if one of the following reasons applies:

a. if the accuracy of the personal data is contested by the Data Subject, namely for a period that allows the Data Controller to verify the accuracy of said personal data;

b. if the processing is unlawful and the Data Subject opposes the erasure of the personal data, requesting instead a restriction of use of said personal data;

c. if the Data Controller no longer needs the personal data for the purposes of the processing, but they are required by the Data Subject for the establishment, exercise or defence of legal claims; or

d. if the Data subject has objected to processing pursuant to Art. 21 (1) GDPR, as long as it has not been determined whether the legitimate reasons of the Data Controller outweigh those of the Data Subject.

If processing has been restricted, these personal data may only be processed – apart from their storage – with your consent, or for the establishment, exercise or defence of legal claims, or to protect another natural or legal person’s rights, or for reasons of substantial public interest in the Community or a member state.

If you have obtained restriction of processing, the Data Controller will notify you before the restriction is removed.

5. Right to object

As a Data Subject you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data insofar as processing is necessary for the purposes of legitimate interests pursuant to Art. 6 (1) lit. e or f GDPR. This also applies to any profiling based on these stipulations.

In the event of an objection, the Data Controller will not continue to process the personal data, unless we can provide compelling and legitimate reasons for processing that prevail over the interests, rights and liberties of the Data Subject, or if processing serves the establishment, exercise or defence of legal claims.

If the Data Controller processes personal data for direct marketing purposes, you have the right to object at any time to processing of personal data for the purposes of such advertising. This also applies to profiling insofar as it is related to such direct marketing. If you object to processing for direct marketing purposes vis-à-vis the Data Controller, he will no longer process your personal data for such purposes.

Should you wish to exercise your right to opt out, it suffices to notify our Data Protection Officer (for contact details see item II).

Moreover, in connection with the use of information society services, you have the possibility – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated processes in which technical specifications are used.

6. Right to withdraw your consent to data processing

If you have given consent, you are entitled to withdraw that consent at any time. This withdrawal shall not affect the lawfulness of the data processing performed based on the consent up to the moment of withdrawal.

7. Notification to third parties

Once the right of rectification, erasure or restriction of processing has been asserted vis-à-vis the Data Controller, the Data Subject shall have the right to obtain from the Data Controller the notification to third parties to whom the data have been disclosed of any rectification, erasure or blocking unless this proves impossible or involves a disproportionate effort.

You also have the right to obtain from the Data Controller information on these recipients.

8. Right to data portability

You are entitled to receive the personal data which you have provided to the Data Controller in a structured, commonly used and machine-readable format, and to have those data transmitted to another Controller without being hindered by the Data Controller the personal data were provided to in the first place, insofar as

a. processing is based on consent pursuant to Art. 6 (1) lit. a or Art. 9 (2) lit. a, or on a contract pursuant to Art. 6 (1) lit. b, and

b. processing is done by means of automated processes.

When exercising this right, you are also entitled to have your personal data transmitted directly from one Data Controller to another Data Controller, if technically possible.

You are not entitled to the right of data portability if the processing of said data is necessary for the performance of a task carried out in the public interest or subject to the exercise of public authority assigned to the Data Controller.

9. Automated individual decisions, including profiling

You have the right not to be subject to a decision which produces legal effects concerning you or significantly affects you and which is based solely on automated processing of data, including profiling.

This shall not apply if the decision

a. is necessary for the conclusion or performance of a contract between the Data Subject and the Data Controller;

b. is admissible under Community or member state law that the Data Controller is subject to, and if these legal provisions include appropriate measures to safeguard the Data Subject’s rights and liberties and legitimate interests; or

c. is made with your explicit consent.

In the cases mentioned under (a.) and (b.) above, the Data Controller shall adopt appropriate measures to safeguard the Data Subject’s rights and liberties and legitimate interests, which include at least the right to obtain intervention by an individual on the Data Controller’s side, to express their own view, and to challenge the decision.

For your protection, we do not use profiling on our website.

10. Right of appeal

Without prejudice to any administrative or judicial remedy, you as a Data Subject have the right to lodge a complaint with the responsible supervisory authority of your habitual residence, of your workplace or of the place of the alleged infringement if you are of the opinion that the processing of your personal data is in breach of the GDPR.

The supervisory authority the complaint was lodged with will notify you as the complainant of the status and the results of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

VI. Data security

We apply technical and organizational measures to provide as comprehensive a protection of your personal data as possible. Still, internet-based data transmissions may have security holes, which means that absolute protection cannot be guaranteed. For this reason, you are welcome to transmit personal data to us using alternative methods, e.g. by post, fax or phone.