Privacy statement

The aim of the following is to provide you with information on how personal data are processed when using our website, the functions associated with the website and external online services (e.g. social media services).

 

Controller

Controller in relation to this website is 

Metrax GmbH

Rheinwaldstrasse 22

D-78628 Rottweil

Germany

 

Additional information on the company and its authorised representatives is provided in our Legal notice.

 

What data will be processed?

Legal basis for data processing

 

To provide access to our website and offer the associated services we process personal data on the following legal basis:

 

  • Consent (Art. 6 (1) (a) and Art. 7 GDPR)
  • For the performance of contracts (Art. 6 (1) (b) GDPR)
  • For compliance with legal obligations (Art. 6 (1) (c) GDPR)
  • On the basis of a balance interests (Art. 6 (1) (f) GDPR)

 

The respective terminology is referred to in connection with the processing in question to illustrate the basis upon which we process personal data.

Where personal data are processed on the basis of your consent, you have the right to withdraw consent at any time with future effect.

 

Where we process data on the basis of a balance of interests, as the data subject you have the right to object to the processing of personal data with due consideration to the provisions of Art. 21 GDPR.

 

Access data

When you access our website, personal data are processed to enable the website content to be displayed on your terminal device.

 

The IP address used by your device has to be processed in order for the various pages to be shown in your browser. Additional information regarding your device browser is also processed.

 

In accordance with data privacy law we are also obliged to ensure the confidentiality and integrity of personal data processed by our IT systems.

To this end and in the interests of such, in weighing up the various interests the following data are recorded:

 

  • IP address of the accessing computer (for a maximum of 7 days)
  • Operating system of the accessing computer
  • Browser type and version of the accessing computer
  • Name of the accessed destination address (URL) and file
  • Date and time of access
  • Data volume transferred
  • Referring URL (referrer)

 

The IP address will be deleted within 7 days at the latest from all systems used in connection with the operation of the website. Personal identification will then no longer be possible with the residual data.

 

The data are also used to ascertain and eliminate errors on the website. Where required, additional information comparable with the above data will also be collected for the purposes of countering attacks on our IT systems within the scope of safeguarding our legitimate interests.

 

Contact form

Our website incorporates a contact form that can be used to request information about our products or services or to establish general contact. You may also contact us by email. Data you are required to provide to enable us to answer your request are marked as mandatory fields. Entries in other data fields are voluntary.

 

We require this information in order to process your request, address you correctly and provide you with a commensurate response. Data processing occurs in the case of specific requests for the initiation or performance of a contract. In the case of general enquires, processing occurs on the basis of a balance of interests.

 

Enquiries received via the contact form on our website or alternatively by email are processed by us electronically in order to answer your request. Within this context, knowledge of the contents of the form provided by you may also be imparted to other persons, departments or third parties.

 

Information contained within the form is transmitted via the Internet using encrypted connections.

 

Newsletter

You can also subscribe to an email newsletter on our website. To this end, in addition to the voluntary information on the respective form, we also process your email address. This is also a necessary requirement to enable us to send you the newsletter.

 

Where not already specifically indicated in the individual case (e.g. within the scope of registration), the newsletter content includes general information regarding our company, products, services and other corporate information.

 

You can unsubscribe from our newsletter at any time. Alternatively, a link to unsubscribe is provided in each newsletter email.

 

Your consent is required for us to send the newsletter. We routinely obtain this using the so-called double opt-in procedure, under which you will initially be sent a confirmation email. This requires your active response to confirm your consent for receipt of the newsletter, which is warranted using a technical solution. Only then will you be added to the distribution list. To meet the legal requirements regarding registration confirmation, we store the log-on and log-off times as well as the IP address used in truncated form. Such storage is founded on our legitimate interests for the purpose of countering claims and documenting the legal conformity of newsletter dispatch.

 

Within the strict requirements of Art. 6 Abs. 1 1 (f) in association with S. 7 (3) UWG (German Unfair Competition Act), the newsletter can also be sent on the basis of a legitimate interest within the scope of direct marketing. In any such case, you can reject further receipt of the newsletter at any time, with a commensurate reference also in each newsletter.

 

To enable optimisation and analysis of the popularity of our newsletter mails, we record when emails are opened and if links have been clicked. This user analysis occurs on the basis of a balance of interests. You can prevent this processing by unsubscribing to the newsletter.

 

Cookies

Our website uses cookies, small text information files that are stored on your terminal device by your browser. Cookies are required to enable the operation of certain functions on our website.

 

These files cannot be used to execute programs or viruses on your computer and take up only marginal storage space. Cookies generally have a distinct character string - a cookie ID - through which the website or server can specifically identify your Internet browser and distinguish it from other computers.

 

To some extent we also use session cookies, which are automatically erased from your terminal device as soon as access to the website is terminated/the browser is closed.

 

Session cookies are used to enable technical implementation of individual functions on our website which would not be possible or would only be possible to a limited extent without the application of session cookies. In particular, these may serve the purposes of user convenience, presentation, user authentication or other security measures.

 

For the purposes of web analysis we also use so-called persistent cookies, which are not automatically erased at the end of a visit to our website. Persistent cookies can likewise be used for user authentication, particularly where the optional function 'Remain logged on' is applied.

 

You can prevent the use of cookies by activating the corresponding settings in your browser. Please refer to your Internet browser user manual or help function. However, please be advised that disabling cookies may limit the functionality of our website.

 

The use of cookies occurs on the basis of a balance of interests, whereby our interest lies in providing technically fault-free, secure and user-friendly access to our website.

 

Note on inclusion of third-party sources

Our Internet services include content from so-called third-party sources. Accordingly, third-party content or services are incorporated within our services to provide additional functions or optimise presentation processes.

 

When incorporating external services and sources, to facilitate successful connection the user IP address must be disclosed to the respective third party within the scope of the connection process. The following provides information on additional measures and processes that may possibly be implemented by such providers. These third parties may employ measures to allow user tracking or marketing analysis through the application of cookies or hidden image files. In essence, we endeavour to use only service providers that respect the privacy of our website visitors and, consequently, use the IP address solely for the respective delivery wherever possible.

 

To this end, data processing occurs on the basis of a balance of interests, whereby our interest lies in ensuring the attractive design and presentation, effective and economically viable operation and further optimisation and improvement of our Internet services.

 

Google web fonts

Our website uses Google web fonts; accordingly, fonts are loaded from Google servers that improve the website design. Data processing occurs on the basis of a balance of interests, whereby our interest lies in ensuring an appealing website design.

The fonts in question are loaded from Google servers that are generally located in the USA. The appropriate level of data privacy is guaranteed by Google within the scope of 'Privacy Shield' (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI).

The respective provider is

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

 

The privacy statement of the provider Google LLC can be viewed at https://www.google.com/policies/privacy/. An opt-out option is available at https://adssettings.google.com/authenticated.

 

Adobe Typekit fonts

Our website uses Typekit fonts provided by Adobe Systems Software Ireland Ltd. Data processing occurs on the basis of a balance of interests, whereby our interest lies in ensuring the attractive design of our website services as well as the optimisation and improvement of such.

The fonts in question are loaded from Adobe servers that are generally located in the USA. The appropriate level of data privacy is guaranteed by Adobe Systems within the scope of 'Privacy Shield' (https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&contact=true)

The respective provider is

Adobe Systems Software Ireland Ltd., 6 Riverwalk, Naas Road 24, Dublin, Ireland

 

The privacy statement of the provider Adobe Systems can be viewed at https://www.adobe.com/de/privacy/policy.html. Further information specifically in relation to Typekit is available under the following link https://www.adobe.com/de/privacy/policies/typekit.html

 

MyFonts counter

Our website uses web fonts from the provider MyFonts Inc. Data processing occurs on the basis of a balance of interests, whereby our interest lies in ensuring the attractive design of our website services as well as the optimisation and improvement of such.

The fonts in question are loaded from MyFonts servers that are generally located in the USA. MyFonts licensing conditions require page-view tracking to be carried out by the provider, given that licensing is generally dependent on usage. For this reason, the number of hits on MyFonts Inc. are collected and stored for billing and statistical purposes.

 

The respective provider is MyFonts Inc., 600 Unicorn Park Drive, Woburn, MA 01801, USA, which is a subsidiary of Monotype Imaging Holdings Inc. The address of both companies is identical.

 

The privacy statement of the provider MyFonts Inc. can be viewed at https://www.monotype.com/legal/privacy-policy/.

 

Google Maps

Our website also uses the 'Maps' service provided by Google.

Data processing occurs on the basis of a balance of interests, whereby our interest lies in ensuring the attractive and functional design of map material and navigational functions on our website.

 

The map material in question is loaded from Google servers that are generally located in the USA. This allows Google to process IP addresses and also possibly location data. Google will only collect location data where the user has consented to such via the respective settings on the terminal device.

The appropriate level of data privacy is guaranteed by Google within the scope of 'Privacy Shield'. (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI).

The respective provider is

 

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

 

The privacy statement of the provider Google LLC can be viewed at https://www.google.com/policies/privacy/. An opt-out option from data processing for marketing purposes is available at https://adssettings.google.com/.

 

Youtube

This website also incorporates videos using the 'Youtube' service from Google.

 

Data processing likewise occurs on the basis of a balance of interests; whereby our interest lies in ensuring the attractive and functional design of our website and display of commensurate videos for our online services.

 

The video material in question is loaded from Google servers that are generally located in the USA. This allows Google to collect IP addresses. In incorporating the respective videos, where possible we use the 'Enhanced Protected Mode' option provided by Google, with the result that Google will not place a cookie.

 

The appropriate level of data privacy is guaranteed by Google within the scope of 'Privacy Shield'. (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI).

The respective provider is

 

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

 

The privacy statement of the provider Google LLC can be viewed at https://www.google.com/policies/privacy/. An opt-out option from data processing for marketing purposes is available at https://adssettings.google.com/.

 

 

Online profile on platforms and social networks

We maintain profile and information services with platform operators and social networks. Through these we are able to provide the respectively active users and interested parties with information about our services and communicate with users of the service in question.

 

Use of the respective platforms and services is subject to the data privacy guidelines and user conditions set out by the operator in question. Where users contact us within the scope of these platforms, we process the messages and data transferred in accordance with this privacy statement.

 

Purposes of personal data processing

We process the above-stated data to facilitate operation of our website, fulfil the contractual obligations to our customers and safeguard our legitimate interests.

Data relating to enquiries that fall outside an active customer relationship are processed for the purposes of marketing and advertising. You can object to the use of your personal data for marketing purposes at any time.

 

Voluntary information

Where you volunteer information to us (e.g. in forms) that is not a requirement for fulfilment of our contractual obligations, we will process all such data on the legitimate assumption that the respective data processing and use is in your interests.

 

Recipient/Forwarding of data

Fundamentally, the data you provide to us will not be forwarded to third parties. Specifically, your data will not be passed to third parties for their marketing purposes.

Nonetheless, we may use service providers for the operation of these websites or for other products or services we provide. As a result, knowledge of personal data may be imparted to certain service providers. We select our service providers with due care and attention – particularly with regard to data protection and data security – and apply all necessary measures required by data privacy law to ensure admissible data processing.

 

Protective measures

We have implemented technical and organisational measures in accordance with Art. 32 GDPR to ensure the security of personal data processed by us.

 

To safeguard the security of your data during transmission while visiting our website we also use current state-of-the-art SSL/TLS encryption procedures.

 

Nonetheless, security vulnerabilities during data transmission via the Internet cannot be entirely ruled out. For this reason, you also have the option of transmitting personal data to us using alternative methods (e.g. by telephone or conventional post).

 

Data processing outside the European Union

Insofar as personal data are processed outside the European Union or the European Economic Area, commensurate details are provided in the aforestated information.

In such cases, processing occurs subject to the specific requirements of Art 44. et seq. GDPR. Accordingly, separate guarantees ensure that processing is carried out with a level of security that is commensurate with the pertinent EU provisions.

 

With respect to processing in the USA, this is routinely facilitated through the recognised 'Privacy Shield' program; in other cases, primarily through the use of recognised contractual obligations – so-called standard contractual clauses.

 

Data protection officer

We have appointed a data protection officer.

 

The data protection officer can be contacted as follows:

 

Metrax GmbH

Stefan Grünebaum

– Data protection officer –

Rheinwaldstrasse 22

D-78628 Rottweil

Germany

 

Email: datenschutzbeauftragter@primedic.com

Your rights as a data subject

Pursuant to Art. 15 GDPR you have the right to access personal data concerning you. You may request access to additional information and obtain a copy of the data from us at any time.

 

In the case of non-written requests for information, please understand that we may require substantiation as proof of your personal identity.

 

Moreover, pursuant to Art. 16 GDPR you have the right to rectification, pursuant to Art. 17 GDPR the right to erasure, and to restriction of data processing pursuant to Art. 18 GDPR - insofar as prescribed by law.

 

Pursuant to Art. 20 GDPR you also have the right to data portability, meaning you have the right to receive data provided to us and to require the transmission of such to another controller.

 

Ultimately, you have the right to object to processing within the scope of statutory provisions, specifically in accordance with the provisions of Art. 21 GDPR.

 

Erasure of data

We essentially erase personal data in the absence of a requirement for further storage. Such a requirement may exist, in particular, where the data are still required to effect contractual performance, or to check, grant or reject warranty or guarantee claims. In the case of statutory retention obligations, erasure will only first be addressed following expiry of the respective retention requirement.

 

The necessity of data erasure is regularly assessed and implemented by us within the scope of a commensurate procedure.

 

Right to lodge a complaint with a supervisory authority

 

You have the right to lodge a complaint regarding our processing of your personal data with a pertinent data privacy supervisory authority.

 

Amendment of this privacy statement

We update this privacy statement following changes to this website or where updating is otherwise necessary. The currently applicable version is available on this website at all times.

 

Last updated: 23 May 2018