Privacy Statement
The following information provides an overview of what happens to your personal data when you visit this website. Personal data are all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our privacy statement below.
1. Responsible party and data protection officer
This privacy statement applies to data processing by:
Lefatex Chemie GmbH
Stiegstrasse 64
41379 Brueggen-Bracht | DE
sale@lefatex.de
T +49 2157 8789-0
Data protection officer
We have appointed a data protection officer for our company.
DEUDAT GmbH
Zehntenhofstrasse 5b
65201 Wiesbaden
T +49 611 950008-33
External hosting
This website is hosted by an external service provider (hoster). The personal data recorded on this website are stored on the hoster’s servers. This can mainly be IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website. The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 Para. 1 lit. b GDPR) and in the interest of a safe, fast and efficient provision of our online service by a professional provider (Art. 6 Para. 1 lit. f GDPR). Our hoster will only process your data insofar as this is necessary to fulfil its performance obligations and follow our instructions with regard to this data.
Execution of a contract data processing agreement
In order to ensure data protection compliant processing, we have concluded an order processing contract with our hoster.
2. Collection and storage of personal data as well as the type and purpose of their use
a) When you visit our website www.lefatex.com, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your part and stored until it is automatically deleted:
-
IP address of the requesting device
-
Date and time of access
-
Name and URL of the file accessed
-
Website from which access is made (referrer URL)
-
Browser used and, if applicable, the operating system of your device and the name of your access provider
We collect, process and use your data only within the framework of the statutory provisions for the following purposes:
-
ensuring a smooth connection to the website
-
ensuring comfortable use of our website
-
evaluation of system security and stability as well as
-
for further administrative purposes
We do not carry out so-called “profiling” based on your data.
The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. f GDPR. Our legitimate interest results from the data collection purposes listed above. In no case do we use the collected data for the purpose of drawing conclusions about you personally. In addition, we use cookies and analysis services when you visit our website. You will find more detailed explanations under sections 4 and 5 of this privacy statement.
b) Using our contact form, we offer you the opportunity to contact us if you have any questions. It is necessary to provide a valid email address so that we know who sent the request and to be able to answer it. Further information can be provided voluntarily. The data processing for the purpose of contacting us takes place in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR based on your voluntarily given consent. The personal data collected by us for using the contact form will be automatically deleted after your request has been dealt with.
3. Duration of storage
Personal data will be deleted after the statutory retention period has expired, provided that they are no longer required for contract fulfilment or contract initiation.
4. Transfer of data
A transfer of your personal data to third parties is not planned.
5. Cookies
We use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (PC, laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your device and do not contain viruses, Trojans or other malware. Information is stored in the cookie that results in connection with the specific device used. However, this does not mean that we are immediately aware of your identity.
The use of so-called session cookies serves to make the use of our offer more pleasant for you, e.g. to recognise if you have already visited individual pages on our website. The cookies are automatically deleted after you leave our website.
The data processed by cookies are necessary for the purposes mentioned to safeguard our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, if you completely deactivate cookies, you may not be able to use all the functions of our website.
6. Contact form and email contact
6.1. Description and scope of data processing
A contact form is available on our website that can be used to contact us electronically. If a user uses this option, the data entered in the input mask will be transmitted to us and saved. These data are:
-
Your name
-
Your email address
-
Your message
-
At the time the message is sent, the following data is also stored:
-
The user’s IP address
-
Date and Time
Your consent is obtained for the processing of the data during the sending process and reference is made to this privacy statement.
Alternatively, you can contact us using the email address provided. In this case, the user’s personal data transmitted with the email will be saved.
In this context, the data will not be passed on to third parties. The data will only be used to process the conversation.
6.2. Legal basis for data processing
The legal basis for the processing of the data is Art. 6 Para. 1 lit. a GDPR. The legal basis for the processing of the data that is transmitted in the course of sending an email is Art. 6 Para. 1 lit. f GDPR. If the aim of the email contact is to conclude a contract, the additional legal basis for processing is Art. 6 Para. 1 lit. b GDPR.
6.3. Purpose of data processing
The processing of the personal data from the input mask serves us only to process the contact. If you contact us by e-mail, there is also the necessary legitimate interest in processing the data.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
6.4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with the user has ended. The conversation is over when it can be inferred from the circumstances that the matter in question has been finally clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
6.5. Objection and removal option
The user has the option of revoking their consent to the processing of personal data at any time. If the user contacts us by e-mail, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. The revocation can be made at any time by email or by post to the responsible party (see above). In this case, all personal data that was stored in the course of making contact will be deleted.
7. Audio and video conferencing
7.1 Data processing
We use online conference tools to communicate with our customers. The tools we use are listed below. If you communicate with us via video or audio conference via the internet, your personal data will be recorded and processed by us and the provider of the respective conference tool.
The conference tools collect all data that you provide / use to use the tools (e-mail address and / or your telephone number). The conference tools also process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” in connection with the communication process (metadata).
Furthermore, the provider of the tool processes all technical data, that are required to handle online communication. This includes in particular IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker, as well as the type of connection.
If content is exchanged, uploaded or made available in any other way within the tool, it is also stored on the server of the tool provider. Such content includes in particular cloud recordings, chat / instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information that is shared while using the service.
Please note that we do not have full influence on the data processing operations of the tools used. Our options are largely based on the company policy of the respective provider. Further information on data processing by the conference tools can be found in the data protection declarations of the tools used, which we have listed below.
7.2 Purpose and legal basis
The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 b) GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 f) GDPR). If consent has been requested, the tools concerned are used on the basis of this consent (Art. 6 para. 1 a) GDPR); the consent can be revoked at any time with effect for the future.
7.3 Storage period
The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you ask us to delete them, revoke your consent to storage or the purpose for data storage no longer applies. Saved cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected. We have no influence on the storage period of your data which are stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.
7.4 Conference tools used
We use the following conference tools:
Zoom
We use Zoom. The provider of this service is Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Details on data processing can be found in Zoom’s privacy policy: https://zoom.us/privacy
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://zoom.us/privacy
Conclusion of an order processing contract
We have concluded an order processing contract with the provider of Zoom and fully implement the strict requirements of the German data protection authorities when using Zoom.
Microsoft Teams
We use Microsoft Teams. Provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. For details on data processing, see the Microsoft Teams privacy policy: https://privacy.microsoft.com/en-us/privacystatement
Conclusion of an order processing contract
We have concluded an order processing contract with the provider of Microsoft Teams and fully implement the strict requirements of the German data protection authorities when using Microsoft Teams.
8. Rights of data subjects
You have, at any time, according to Art. 15 GDPR, the right to free information about your stored personal data, their origin, the recipients and the purpose of the data processing, as well as according to Art. 16 GDPR a right to correction or according to Art. 17 GDPR for deletion of your data. In addition, according to Art. 18 GDPR, the right to request the restriction of the processing of your personal data.
You also have, at any time, according to Art. 20 GDPR, the right to have your data handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done if it is technically feasible. As far as the processing of your personal data according to Art. 6 Para. 1 f) GDPR is carried out to safeguard our legitimate interests, you have the right, in accordance with Art. 21 GDPR, to object to the processing of this data at any time for reasons that arise from your particular situation.
In the event of violations of the GDPR, and in accordance with Art. 77 GDPR you have the right of appeal to a supervisory authority.
Many data processing operations are only possible with your express consent. You can revoke your already given consent in accordance with Art. 7 Para. 3 GDPR at any time. The legality of the data processing carried out before the revocation remains unaffected by the revocation.
9. Right of objection
If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided there are reasons for this that arise from your particular situation or the objection is directed against direct mail. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.
If you would like to make use of your right of revocation or objection, an email to sale@lefatex.de is sufficient.
10. Applications
If you apply to work with us, your data will be used for the purpose of deciding whether to establish an employment relationship on the basis of Art. 88 GDPR in conjunction with Section 26 (1) sentence 1 FDPG (Federal Data Protection Law). For the purpose of carrying out the application process, they are stored by us for a maximum of 6 months after receipt of the application and are then deleted. Processing beyond this is permitted for the purpose of establishing and implementing an employment relationship in accordance with the above legal basis, provided that you take up employment with us after completing the application process. The provision of your data is neither contractually nor legally required.
11. Data security
We use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
12. Current status and changes to this privacy statement
This privacy statement is currently valid and was last updated in March 2021.