CheMondis Privacy Notice
Last updated: November 1st, 2019
The CheMondis platform and website is operated by
(“we”, “our”, “us”). We are committed to protecting and respecting your privacy. For the purpose of the General Data Protection Regulation (“GDPR”), we are the data controller.
Our data protection officer is:
Mr. Dr. iur. Christian Borchers
datenschutz süd GmbH
This privacy notice sets out the basis on which we will process any personal data or usage information we collect from you, or that you provide to us, in connection with your access to and use of the CheMondis platform through our website at www.CheMondis.com (“Platform”) in your function as authorized representative of your company which is a user of the Platform. We will only process your personal data in compliance with the GDPR and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). Please read this privacy notice carefully so that you understand your rights in relation to your personal data, and how we will collect, use and process your personal data. If you do not agree with this privacy notice in general or any part of it, you should not access the Platform..
2. What types of information do we collect and for which purposes do we use it?
a) Information you give us.
Information concerning you may be provided by your company in the context of your registration as an authorized representative of your company in relation to the use of the Platform. You may provide information by contacting us via the Platform, by email, telephone, communication channels within the Platform, or otherwise.
As it is in our legitimate interests (Article 6(1)(f) GDPR) to operate and ensure the proper functioning of the Platform, we will use your information to:
• communicate with you;
• contact you via telephone or email;
• administer and provide services and customer support;
• enhance, improve and personalise our services;
• collect statistical information about your use of the Platform
b) Technical usage information.
When you visit and use the Platform, we automatically collect the information sent to us by your computer, mobile device, or other access device. This information includes:
• your IP address;
• device information including, but not limited to, identifier, name, and type of operating system;
• mobile network information; and
• standard web information, such as your browser type and the pages you access on our Platform.
As it is in our legitimate interests (Article 6(1)(f) GDPR) to process your data to provide effective services, we collect this information in order to:
• personalise our Platform to ensure content from the Platform is presented in the most effective manner for you and your device;
• monitor and analyse trends, usage and activity in connection with our Platform and services to improve the Platform;
• administer the Platform, and for internal operations, in order to conduct troubleshooting, data analysis, testing, research, statistical and survey analysis;
• keep the Platform safe and secure; or
• measure and understand the effectiveness of the content and information we provide through the Platform.
We use Google Analytics and Google Tag Manager, which is a web analytics tool that helps us understand how users engage with and use the Platform. Like many services, Google Analytics and Google Tag Manager uses first-party cookies and e.g. Google Analytics User ID to track user interactions, as in our case, where they are used to collect information about how users use the Platform. This information is used to compile reports and to help us improve the Platform. The reports disclose website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit the Platform – for more information on opting out of being tracked by Google Analytics across all websites you use, visit this Google page:
3. How and with whom do we share your personal data?
We do not sell, rent or lease your personal information to others except as described in this privacy notice. We share your information with selected recipients. These categories of recipients include:
• cloud storage provides located in the European Union, to store the personal data you provide and for disaster recovery services, as well as for the performance of any contract we enter into with you;
• IT services providers that provide us with hosting or SaaS (software as a service) services who we use to store our customer relationship management information, etc.; and
• analytics providers located in the European Union that assist us in the improvement and optimisation oft he Platform; and
We will share your information with law enforcement agencies, public authorities or other organisations if legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:
• comply with a legal obligation, process or request;
• enforce our terms and conditions and other agreements, including investigation of any potential violation thereof;
• detect, prevent or otherwise address security, fraud or technical issues; or
• protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction).
We will also disclose your information to third parties:
• in the event that we sell any business or assets, in which case we will disclose your data to the prospective buyer of such business or assets; or
• if we or substantially all of our assets are acquired by a third party, in which case information held by us about our users will be one of the transferred assets.
• Intercom (https://www.intercom.com/de/terms-and-policies)
• Vimeo (https://vimeo.com/privacy)
• Hotjar (https://www.hotjar.com/legal/policies/privacy)
• Facebook (https://www.facebook.com/privacy/explanation)
• LinkedIn (https://www.linkedin.com/legal/privacy-policy)
• Bing (https://privacy.microsoft.com/de-de/privacystatement)
• Google (http://www.google.com/intl/de/analytics/learn/privacy.html)
• Leadfeeder (https://www.leadfeeder.com/privacy/)
4. Where do we store your personal data?
The information that we collect from you will be transferred to, and stored at/processed in the European Union. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this privacy notice.
5. The security of your personal data
The transmission of information via the internet or email is not completely secure.Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted through the Platform or via email; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organisational measures to safe guard your personal data against loss, theft and unauthorised use, access or modification.
The Platform may include links to websites of other users of the Platform or third parties. If you follow a link to any of these websites, these websites will have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any information to those websites.
6. How long do we store your personal data?
We will retain your information as follows:
• if you contact us via email or www.chemondis.com we will keep your data for up to 24 months after;
• your technical usage information for up to 10 years;
• data on your use of the Platform/services: for up to 10 years
After you have ceased being an authorized representative in relation to your company’s use of the Platform, we will store your information in an aggregated and anonymised format.
7. Your rights
You have the right to request access to the personal data we hold about you and be provided with certain information about how and for which purposes we use your personal data and who we share it with.You also have the right to ask us to correct your personal data where it is inaccurate or incomplete.
In certain circumstances, you have the right to ask us to delete the personal data we hold about you:
• where you believe that it is no longer necessary for us to hold your personal data [(for example, if you no longer act as authorized representative of you company)];
• where we are processing your personal data on the basis of legitimate interests and you object to such processing and we cannot demonstrate an overriding legitimate ground for the processing;
• where you have provided your personal data to us with your consent and you wish to withdraw your consent and there is no other ground under which we can process your personal data; or
• where you believe the personal data we hold about you is being unlawfully processed by us.
In certain circumstances, you have the right to ask us to restrict (stop any active) processing of your personal data:
• where you believe the personal data we hold about you is inaccurate during the time we verify accuracy;
• where the processing of your personal data is unlawful but you do not want us to delete it, but instead want to restrict the processing;
• where we no longer need your personal data fort he purposes of our processing but you require us to retain the data for the establishment, exercise or defense of legal claims; or
• where you have objected to us processing your personal data based on our legitimate interests during the time we are considering your objection.
You have the right to ask us for a copy of the data concerning you in a structured, machine-readable format and to ask us to share (port) this data to another data controller.
You can object to our processing of your personal data to the extent it is based on our legitimate interests. In such case we will no longer process your personal data unless we can demonstrate over riding compelling legitimate grounds for the processing.
To exercise any of these rights above, please contact Sebastian Brenner at firstname.lastname@example.org. In addition, you have the right to complain to the Information Commissioner’s Office or other applicable data protection supervisory authority.
Please note that these rights are limited, for example, where fulfilling your request would adversely affect other individuals or Company trade secrets or intellectual property, where there are overriding public interest reasons or where we are required by law to retain your personal data.
8. Withdrawal of Consent
Where you have provided your consent for us to process your personal data, you can withdraw your consent at any time by contacting our data privacy officer. The withdrawal of consent does not affect the lawfulness of the processing of your personal data based on consent before the withdrawal.
9. Objection to Marketing
At any time you have the right to object to our processing of data about you in order to send you promotions, newsletters, emails and special offers, including where we build profiles for such purposes, and we will stop processing the data for that purpose.
In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at email@example.com. This is without prejudice to your right to launch a claim with the data protection supervisory authority in the EU country in which you live or work or where you think we have infringed data protection laws.
Any changes we will make to this privacy notice in the future will be posted on his page. Please check back frequently to see any updates or changes to this privacy notice.
Questions, comments and requests regarding this privacy notice are welcomed and should be addressed to firstname.lastname@example.org.