Privacy Statement
Data protection declaration
Welcome to FUCHS SE!
We are very pleased that you are visiting our website and thank you for your interest in our company, products and websites. Data protection and data security when accessing our website are extremely important to us. We would therefore like to take this opportunity to inform you about the personal data relating to you that we capture when you visit our website and the purposes for which it is used. Please therefore take note of the information that follows.
As changes to the law or to our internal procedures may make it necessary to modify this data protection declaration, we would ask you to read through this data protection declaration regularly. The data protection declaration can be viewed, saved or printed out at any time by clicking on the “Data protection declaration” option.
§ 1 Controller and scope of application
The controller, within the meaning of the General Data Protection Regulation (hereinafter referred to as the GDPR) and other national data protection laws of member states as well as other data protection legislation, is:
FUCHS SE
Einsteinstraße 11
68169 Mannheim
Tel: +49 (0) 621 3802 -0
Fax: +49 (0) 621 3802 -7190
Email: kontakt@fuchs.com
Website: https://www.fuchs.com/group
Executive Board
Stefan R. Fuchs (Chairman)
Dr. Timo Reister (Deputy Chairman)
Isabelle Adelt
Dr. Sebastian Heiner
Dr. Ralph Rheinboldt
This data protection declaration covers the pages published on the internet by FUCHS SE, which can be viewed on the domain www.fuchs.com/group as well as all sub-domains (hereinafter referred to as “our website”).
§ 2 Data protection officer
The external data protection officer for the controller is:
Rechtsanwalt Dr. Kasten Kinast, LL.M.
KINAST Rechtsanwaltsgesellschaft mbH
Hohenzollernring 54
50672 Cologne, Germany
mail@kinast.eu
www.kinast.eu
§ 3 Principles of data processing
Personal data is defined as all information which relates to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address or your usage behaviour. Information that does not allow us (or only allow with a disproportionate amount of effort) to connect the data to you as a person - e.g. through anonymising the information - is not counted as personal data. The processing of personal data (e.g. collecting, accessing, using, saving or relaying personal data) must always have a basis in law, or your consent must have been obtained. Processed personal data is erased as soon as the purpose of the processing has been fulfilled and there are no statutory record-keeping obligations to be met.
You will find below information on the specific processes, scope and purpose of data processing, the legal basis for the processing and the length of time for which data will be stored for those cases where we process your personal data in order to be able to provide you with certain services.
§ 4 Individual processes involving data processing
1. Provision and usage of the website
a. Type and scope of data processing
When you access and use our website, we capture the data that your browser automatically transmits to our server. This data is temporarily stored in a so-called log file.
When you use our website, we capture the following data that we need for technical reasons in order to be able to show you our website and to ensure its stability and security; and which is also analysed for statistical purposes only:
• IP address of the source computer
• Date and time of access
• Name and URL of the file accessed
• Website facilitating access (referrer URL)
• Controller sub-domains visited
• Browser used and, where applicable, your computer’s operating system and the name of your access provider
• Access status (http status code)
b. Legal basis
The legal basis for the data processing referred to above is provided by Art. 6 (1) (f) GDPR. The processing of the data referred to above is required for the provision of a website and thus necessary for the purposes of the legitimate interests pursued by our company.
c. Data storage duration
The log files created in conjunction with the usage of our website will be held for a period of 14 days and subsequently erased. The capture of the data and its storage in log files is required for the operation of the internet pages and for ensuring the stability and quality of this service. Greater and/or longer storage of data may apply in individual cases, if this is stipulated in law.
2. Order form
a. Type and scope of data processing
The order form is a form that uses a powermail extension. The data entered in the form is relayed to FUCHS by email. This data is not stored on the web server. The email address used by you for your order is listed in our log files. When filling out the order form for Investor Relations / Public Relations, the user enters the following personal data in order to receive various services (e.g. the sending of an annual report, inclusion on a distribution list etc.) from the controller:
• Name
• Street
• Postcode
• Town
• Country
• Email
b. Legal basis
The basis for the processing of the personal data set out in the form is the declaration of consent shown below made by you of your own free will, as provided for in Art. 6(1)(a) of the GDPR:
Declaration of consent
I consent to my personal data being processed for the purpose of ordering a service related to Investor Relations / Public Relations. I have read and agree to the current data protection declaration. I can withdraw my consent at any time, which will affect future transactions, by contacting contact@fuchs-oil.de.
You can withdraw your consent to the use of your personal data at any time by emailing the address given in section 1 above or by emailing the data protection officer (cf. section 2 above), which will affect future transactions.
c. Data storage duration
The period of time for which the abovementioned data will be stored is dependent on the reason for your having made contact. Your data will be routinely erased once the reason behind the communications has lapsed and storage is no longer necessary (e.g. after the materials requested have been sent to you).
3. Application form for the FUCHS Sponsorship Award
a. Type and scope of data processing
The application form for the FUCHS Sponsorship Award is a form that uses a powermail extension. The data entered in the form is relayed to FUCHS by email. The data entered in the form is stored temporarily in the e-mail queue for the duration of sending the e-mail. The email address used by you for your order is listed in our log files. As part of filling out the application form the user provides the following personal data, which allows us to process the application for a FUCHS Sponsorship Award:
• Name
• Street
• Postcode
• Town
• Telephone number
• Email
Corresponding information on other persons applying for the award or for deputies covering the official applicant while s/he is away are explicitly optional.
Bank details are also required in the event of the application for sponsorship being successful.
b. Legal basis
The capture and processing of personal data in the context of the application form for a FUCHS Sponsorship Award represents a pre-contractual step which is being taken as a result of the applicant’s enquiry. The legal basis for this is provided by Art. 6 (1) (b) GDPR.
c. Data storage duration
The period of time for which the abovementioned data will be stored is dependent on the outcome of the application process. Your data will be routinely erased if there is no prospect of your application succeeding and the reason for continuing to store your data has thus lapsed. If your application is successful, the data will be required for further processing and the modalities of awarding sponsorship.
4. Contact options on our website
You have the following different email contact options available to you through our website:
- General contact: kontakt@fuchs.com These include: https://www.fuchs.com/gruppe/kontakt/
- Press contact: https://www.fuchs.com/gruppe/presse/presseservice/kontakt/
- Investor Relations contact: https://www.fuchs.com/gruppe/investor-relations/service-kontakt/kontakt/
- Contact FUCHS magazine: Evolve@fuchs-oil.de
- Contact bauma trade fair: bauma@fuchs.com
a. Type and scope of data processing
Every user of our website can send his or her queries or messages to these email addresses. Our central enquiry point and the relevant specialist departments - PR & Marketing and Investor Relations - will process enquiries/messages, based on the contact form you have used, by email. The data we collect is limited to the email address of the email account used by you to make contact with us, along with any personal data you provide us with in the context of your enquiry/message.
b. Legal basis
Data collection is permitted based on Art. 6 (1) (f) GDPR, as there is a parallel interest between you and our company in making contact and communicating, as well as a justified interest on the part of our company in processing the abovementioned data in order to be able to respond to your enquiry/message.
c. Data storage duration
The period of time for which the abovementioned data will be stored is dependent on the reason for your having made contact. Your data will be routinely erased once the reason behind the communications has lapsed and storage is no longer necessary (e.g. once your enquiry/message has been dealt with/responded to).
5. CleverReach subscribe form
a. Type and scope of data processing
With this form you can register to receive the FUCHS newsletter, which is published on a regular basis. To register, we ask for your first name and surname as well as your email address, to which we subsequently send our newsletters. By clicking, your data is relayed from your browser to our web server. Your data is then relayed on to “CleverReach”, our partner for newsletter distribution, through an interface. When you click on the “Subscribe” button you will at first receive an email containing a link to confirm your interest in receiving newsletters (double opt-in). You can then use all the features of the newsletter service.
b. Legal basis
The basis for the processing of the personal data set out in the form is the consent given by you within the framework of the (double opt-in) registration process to receive newsletters, as provided for in Art. 6 (1) lit. a) GDPR.
c. Data storage duration
You can cancel your subscription to the newsletter at any time, which will affect future transactions, by clicking on the “Unsubscribe” link that can be found in every newsletter. Thereafter we will cease sending you newsletters.
§ 5 Sharing of data with third parties
We only share your personal data with third parties if:
• You have given your express permission for us to do so, in accordance with Art. 6 (1) sent. 1 lit. a GDPR
• In accordance with Art. 6 (1) sent. 1 lit. c GDPR there is a legal obligation to do so
• This is legally permissible and in accordance with Art. 6 (1) sent. 1 lit. b GDPR necessary for the performance of contract with you
• In accordance with Art. 6 (1) sent. 1 lit. f GDPR the sharing of your data is necessary to safeguard a justified company interest on the part of FUCHS SE and there are no grounds for assuming you have an overriding right not to have your data shared with a third party, which is worthy of protection
• In accordance with Art. 6 (1) sent. 1 lit. f GDPR the sharing of your data is necessary to assert, exercise or defend a legal entitlement and there are no grounds for assuming you have an overriding right not to have your data shared with a third party, which is worthy of protection
§ 6 Usage of cookies
For detailed information on the use of cookies on our website, see our Cookie Policy.
§ 7 Plug-ins
1. Facebook and LinkedIn
Our websites contain social plug-ins for the “Facebook” (Facebook Inc., 1601 S. California Ave, Palo Alto, California 94304, USA) and “LinkedIn” (LinkedIn Headquarters 2029 Stierlin Ct. Ste. 200 Mountain View, CA 94043) social networks. It is possible that personal data on website visitors may be collected through these plug-ins and relayed and linked to the service in question.
FUCHS SE itself does not collect any personal data through the social plug-ins or the usage thereof. In order to prevent data being relayed to the service provider in the US without the user’s knowledge, we have deployed the so-called Shariff solution on our website. This causes the social plug-ins to be linked in purely as a graphic on the website. The graphics contain a link to the website of the relevant plug-in provider. You are only forwarded on to the provider’s service if you click on one of the graphics. This solution ensures that personal data is not automatically relayed to the providers of the relevant social plug-in when you visit our website. If you click on one of the social plug-in graphics, data may be relayed to, and stored by, the providers in question. If you do not click on one of the graphics there will be no data transmitted between you and the provider of the relevant social plug-in. You can find out further information on the Shariff solution on this website: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html
Once you have clicked on a social plug-in, the provider in question will receive the information that you have visited the relevant page on our website. Please be aware that you do not have to have a user account for the service in question nor do you already need to be logged in for this to happen. But should you have a user account with the service provider in question and already be logged in when visiting our website, the data collected by the social plug-in will be directly linked to your account. If you do not want to have the data linked to your profile with the service provider you must log out of your user account before clicking on a social plug-in.
Please be aware that FUCHS SE has no influence on whether, and to what extent, the service providers in question collect personal data. We do not know the scope, purpose or storage duration of the data collected. We would, however, point out that it must be assumed that, at the very least, the IP address and device-related information will be collected and used by the social plug-ins. It is also possible that the service providers in question deploy cookies.
Please read the data protection notifications directly on the websites of the services in question to establish the scope and purpose of each service’s data collection activities as well as how your data is further processed and used. You will also find information on your relevant data protection rights and on settings options to protect your privacy there.
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA
• https://www.facebook.com/policy.php
• https://www.facebook.com/help/186325668085084
LinkedIn Inc., LinkedIn Headquarters 2029 Stierlin Ct. Ste. 200 Mountain View, CA 94043
https://www.linkedin.com/legal/privacy-policy?_l=de_DE
For a data transfer to the USA there may not be any suitable guarantees at present. There are restrictions on the protection of personal data resulting from the fact that, under US law, security authorities can access data transferred from the EU to the USA and use it without restriction to the extent absolutely necessary. As the person concerned, you may not be able to take legal action against such use even if you are not a citizen of the USA.
2. XING
A button for the “XING” network is used on our website. When you click on this button a connection is quickly established through your browser to the servers of XING AG (hereinafter: XING), which provide the “XING button” functions. XING does not store any of your personal data as a result of you accessing this website. In particular, XING does not store any IP addresses. There is also no analysis made of your user behaviour through the deployment of cookies in conjunction with the “XING share button”. You can view the current data protection information concerning the “XING share button” as well as supplementary information on this web page:
https://www.xing.com/app/share?op=data_protection
and www.xing.com/privacy
§ 8 Hyperlinks
On our website there are so-called hyperlinks to the websites of other providers. If you activate these hyperlinks you will be taken from our website directly to the website of the other providers. This can be seen from the change in URL, amongst other factors. FUCHS SE has no influence on the content or design of these other providers’ web pages. Understandably, therefore, the assurances made in this data protection declaration do not apply to the providers’ web pages. Please inform yourself of the treatment of your personal data by these organisations by visiting their websites direct.
§ 9 Rights of data subjects
The GDPR has provided for you, as a data subject, to have the following rights in respect of the processing of personal data:
• Art. 15 GDPR provides for you to demand information on the personal data we process in relation to you. In particular, you can demand information on the purposes for which we process data relating to you; the categories of personal data; the categories of recipients to whom your data has been or will be presented; the scheduled duration of data storage; the existence of a right to rectification, erasure, restriction of the processing or to object to processing; the existence of a right to complain; the source of the data on you if it has not been collected by us; whether the data is to be transferred to a third country or international organisations; and whether data is selected on the basis of an automated decision-making process or profiling, with meaningful information on the details of this process, where applicable.
• Art. 16 GDPR provides for you to demand the immediate rectification or supplementing of your personal data held by us.
• Art. 17 GDPR provides for you to demand the erasure of your personal data held by us, provided the processing thereof is not required to exercise the right to freedom of expression and information, to meet a legal obligation, for public interest reasons or to assert, exercise or defend legal claims.
• Art. 18 GDPR provides for you to demand the restriction of processing of your personal data where you dispute the accuracy of the data; the processing is unlawful; or we no longer require the data but you oppose its erasure because you need it to assert, exercise or defend legal claims. You are also entitled to the right provided for in Art. 18 GDPR if you object to the processing in accordance with Art. 21 GDPR.
• Art. 20 GDPR provides for you to demand to receive, in a structured, current and machine-readable format, the personal data you have provided to us; or you can demand that it is relayed to another controller.
• Art. 7 (3) GDPR provides for you to withdraw the consent you gave us at any time. The consequence of this is that we may in future no longer continue with the data processing dependent on this consent.
• Art. 77 GDPR gives you the right to complain to a supervisory authority. The contact information for the supervisory authority responsible for our company is:
Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg [Data protection and freedom of information office for Baden-Württemberg]
Postfach 10 29 32, 70025 Stuttgart
Königstraße 10a, 70173 Stuttgart
Tel.: 0711/61 55 41 – 0
Fax: 0711/61 55 41 – 15
E-Mail: poststelle@lfdi.bwl.de
Internet: https://www.baden-wuerttemberg.datenschutz.de
§ 10 The right to object
Where your personal data is processed on the basis of legitimate interests, Art. 6 (1) sent. 1 lit. f GDPR provides for you, in accordance with Art. 21 GDPR, to object to the processing of your personal data, where there are grounds for so doing based on your own particular situation, or your objection is to direct marketing. In the case of direct marketing you have a general right to object, which we must implement without the need for stating the existence of a particular situation.
§ 11 Data security and backup measures
We undertake to protect your privacy and to treat your personal data with the utmost confidentiality. In order to avoid the manipulation, loss or misuse of the personal data we have stored that relates to you, we have adopted extensive technical and organisational security measures which are routinely checked and updated in line with improvements in technology. These include the use of recognised encryption methods (SSL or TLS). We must, however, point out that, due to the structure of the internet, it is possible that the data protection rules and abovementioned security measures may not be observed by other persons or institutions who/which do not come under our scope of responsibility. In particular, unencrypted data - e.g. if sent in an email - could be read by third parties. We have no technical influence on this. It is the user’s responsibility to protect the data provided to him/her against misuse, through encryption or some other method.
If you have any queries please do not hesitate to contact us at one of the addresses listed in section 1.
FUCHS SE