PRIVACY POLICY

for customers, suppliers and other business partners

TrichoLAB GmbH takes the protection of your personal data seriously and adheres to the rules of data protection laws. With this data protection declaration we inform you about the data processing in our company.

1. NAME AND CONTACT DETAILS OF THE RESPONSIBLE PERSON AND THE DATA PROTECTION OFFICER

Responsible for data processing within the meaning of data protection laws:

TrichoLAB GmbH
Industriestraße 12
84364 Bad Birnbach
Phone: +49 (0)8563 9999 785
Fax: +49 (0)8563 9999 795
infotricholab.com

Our data protection officer can be contacted at the above address and at the e-mail address [email protected]

2. COLLECTION AND STORAGE OF PERSONAL DATA; TYPE, PURPOSE AND DURATION OF STORAGE

We process regularly the following categories of data of the contact persons of our prospective customers, customers, suppliers and other business partners:

  • Master data, in particular your surname, first name, title,
  • Your company and your function/position;
  • Contact data, in particular your address, postal address and
  • if necessary also telephone, telefax and e-mail;
  • Contract data, in particular data that you communicate to us for the execution of a contract;
  • Invoice/payment data, in particular information on your method of payment and other data in the context of invoicing and payment processing;
  • Content data, in particular the data exchanged between us in correspondence;
  • Depending on the content of our business relationship, further data may be required to fulfil the contract.

Personal data is collected and processed,

  • to identify you as a customer or business partner; to advise you appropriately and to submit offers to you;
  • in order to fulfil our contractual obligations towards you;
  • to comply with our legal obligations;
  • to correspond with you, in particular in connection with the performance of the contract and the maintenance of our business relationship;
  • for invoicing or, as the case may be, for dunning purposes;
  • for the purposes of permissible direct advertising;
  • to assert any claims against you.

The processing of personal data is particularly necessary for the fulfilment of obligations arising from the underlying contract or its initiation. Without this data we will not be able to conclude and fulfil the contract with you. The data collected by us will only be stored for as long as is necessary to achieve the purposes for which the data was collected, unless we are required by law to store more data or you consent to longer storage.

3. LEGAL BASIS

We process your data exclusively on the basis of one of the legal bases mentioned here:

Art. 6 GDPR para. 1, 1 b for the fulfilment of the contract and for contract initiation:

Within the framework of contract fulfilment, we process your first name and surname as well as your address, telephone number and e-mail address and similar data for the preparation of offers and order confirmations, for the handling of ongoing business relationships, for the conclusion after service provision (e.g. invoicing), for the internal maintenance and processing of the contract (e.g. accounting), but also for the implementation of training and information events and the processing of warranty claims. The data retrieval and its use is carried out here exclusively within the scope of necessity, since without this data we are not in a position to initiate and execute the contract with you.

Art. 6 GDPR para. 1, 1 c for the fulfilment of legal obligations:

The processing of your data can also take place because we as a company are subject to certain legal obligations, including the requirements of trade law, export control law, tax law, money laundering law, financial law and criminal law.

Art. 6 GDPR para. 1, 1 f insofar as data processing is necessary to safeguard our legitimate interests; in particular, the continuous maintenance and optimization of our business relationship with our business partners is in our legitimate interest. The following measures, among others, serve this purpose:

    • Improvement of business processes and further development of products and services
    • Evaluate sales data to offer individual discounts and rebates
    • Advice and data exchange with credit agencies to determine creditworthiness or default risks
    • Market and opinion research and advertising measures, provided that you have not objected to the use of your data.

Art. 6 GDPR para. 1, 1 a insofar as you have given us your consent to the processing of your personal data for specific purposes.

Your data will only be processed on the basis of your consent within the scope of your specific consent, i.e. for the purpose stated there, for the duration and within the scope stated. You may revoke your consent at any time without affecting the legality of the processing carried out on the basis of your consent until revocation (see point 6).

4. TRANSFER OF DATA TO THIRD PARTIES

Your data will not be passed on to third parties. Exceptions to this only apply to the extent necessary for the processing of contractual relationships with you. This includes in particular the transfer to service providers commissioned by us (so-called contract processors) or other third parties whose activities are necessary for the execution of the contract (e.g. mail order companies or external subcontractors). The passed on data may be used by the third parties exclusively for the named purposes. Data will only be transferred to third countries (countries outside the EU and the European Economic Area - EEA) if this is necessary for the execution of the contract (e.g. payment orders) or if you have given us your consent or if this is otherwise legally permissible. In this case, we take measures to ensure the protection of your data, for example through contractual regulations that ensure that the recipient has an adequate level of data protection. We only transfer data to recipients who ensure the protection of your data in accordance with the provisions of the GDPR for transfer to third countries (Art. 44 to 49 GDPR).

5. Newsletter

We verify your consent to receive our newsletter or other communications by e-mail by using the double opt-in procedure. This means that we first request active confirmation of your consent to receive the newsletter or other communication by e-mail to the e-mail address you provide in the course of your subscription before we begin to send it. We use the information about the confirmation to document your consent and, if necessary, to prove it.

For this purpose, it may also be necessary for us to pass on your data to audited external service providers within the scope of order data processing. However, such data will only be passed on if this is permissible in accordance with the applicable provisions of data protection law. TrichoLAB always obliges service providers to comply with the applicable data protection regulations (currently EU - GDPR and BDSG).

If we obtain the consent of the person concerned for processing personal data, Art. 6 Para. 1 lit. a EU Data Protection Basic Regulation (GDPR) serves as the legal basis. The other legal bases of Art. 6 apply depending on the purpose. In addition, we store your usage behaviour in an anonymous manner in order to improve our services. Further evaluations also take place only in anonymous form (user and click behaviour).

You can revoke your consent to the sending of the newsletter or other communications and to the relevant use of your personal data at any time with effect for the future.

6. YOUR RIGHTS AS AN AFFECTED PERSON

As a data subject whose data we process, you have the following rights:

    • Right to information pursuant to Art. 15 GDPR
    • Right to rectification under Art. 16 GDPR
    • Right to cancellation ("being forgotten") pursuant to Art. 17 GDPR
    • Right to limitation of processing pursuant to Art. 18 GDPR
    • Right to transfer your data in a structured, common and machine-readable format in accordance with Art. 20 GDPR
    • Right to appeal to the supervisory authority Art. 77 GDPR

7. YOUR RIGHT TO OBJECT AND REVOKE

7.1 Your right to appeal

If we process your personal data on the basis of our legitimate interest, you have the right to object to this processing. You also have the right to object to any processing of data for direct marketing purposes. If you wish to make use of your right of objection, a message in text form is sufficient. You are therefore welcome to write to us, send us a fax or contact us by e-mail. You will find our contact details under point 1 of this data protection declaration.

7.2 Your right of revocation

As far as we carry out the processing for certain purposes of your personal data on the basis of your consent, we will not use your personal data for any other purpose.

The cookies serve to improve our services and the use of certain features. You can prevent the setting of cookies at any time by means of an appropriate setting in your Internet browser and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If you deactivate the setting of cookies in the Internet browser used, not all functions of our website may be fully usable under certain circumstances.

8. Privacy policy at our website www.tricholab.com

a) Cookies

We use cookies at various points on our website. Cookies are small identifiers that a server stores on the terminal device that you use to access our website or services. They contain information that can be retrieved when you access our services and thus enable a more efficient and better use of our offers. Session cookies are deleted when you close your web browser. Permanent cookies remain on your end device until they are no longer required to achieve their purpose and are deleted.

The cookies serve to improve our services and the use of certain features. You can prevent the setting of cookies at any time by means of an appropriate setting in your Internet browser and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If you deactivate the setting of cookies in the Internet browser used, not all functions of our website may be fully usable under certain circumstances.

b) We use the following tracking and analysis tools

Google Analytics:

The operating company of the Google Analytics component is Google Inc 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.  The purpose is to analyze the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website in order to compile online reports for us. Google Analytics places a cookie in your browser. When the cookie is set, Google is able to analyze the use of our website. Each time a website is accessed on which a Google Analytics component has been integrated, the Internet browser is automatically prompted to transmit data to Google. No personal data will be transmitted to Google. The IP address collected by us is only forwarded to Google after it has been made anonymous. It is possible to object to the collection and processing of this data by Google. To do this, you must download and install a browser add-on under the link tools.google.com/dlpage/gaoptout . Further information and the valid data protection regulations of Google can be called up under www.google.de/intl/de/policies/privacy/ and under www.google.com/analytics/terms/de.html.

Google adwords:

The company operating the Google AdWords services is Google Inc 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. If you access our website via a Google advertisement, a so-called conversion cookie is stored on your browser by Google. A conversion cookie loses its validity after thirty days and is not used for identification purposes. If the cookie has not yet expired, the conversion cookie is used to track whether certain subpages have been accessed on our website. Through the conversion cookie, both we and Google can track whether our visitors have reached our website via an AdWords ad.

The data and information collected through the use of the conversion cookie is thus used to determine the success or failure of the respective AdWords ad and to optimize our AdWords ads for the future. Neither we nor other Google AdWords advertisers receive information from Google that could be used to identify our website visitors. No personal data is transmitted to Google. The IP address collected by us is only forwarded to Google after it has been made anonymous.

It is possible for you to object to the interest-related advertising by Google. To do this, you must call up the link support.google.com/ads/answer/2662922 and make the desired settings there. Further information and the valid data protection regulations of Google can be called up under www.google.de/intl/de/policies/privacy/

d) YOUTUBE VIDEO PLUGIN

On this web page contents of third offerers are merged. YouTube is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

YouTube videos that are embedded on our site have the advanced privacy setting enabled. This means that no information about website visitors is collected and stored on YouTube unless they play the video.

The purpose and scope of the data collection and the further processing and use of the data by the providers as well as your rights in this regard and setting options to protect your privacy can be found in Google's data protection information: www.google.com/intl/de/+/policy/+1button.html.

e) Contact page

If the opportunity for the input of personal or business data (email addresses, name, and addresses) is given, the input of these data takes place voluntarily. Your data will also be treated confidentially and will not be passed on to third parties. The transmission of the data from the contact form takes place by means of SSL coding.

The information you provide in the contact form will be forwarded to our respective sales partner in your country of origin for further processing if you request further information (offer, service lines etc.).

9. PROFILING

We do not perform automatic decision making or profiling.

10. Miscellaneous

From time to time it may be necessary to amend the content of this Privacy Policy. We therefore reserve the right to change these at any time.

Sept.2019