Privacy Policy
We are pleased about your visit to our websites and the associated interest in our company and our products. The protection of your privacy is an important concern for us. We therefore proceed in all data processing operations, such as collection, processing, and transmission, in accordance with the legal regulations of European and German data protection law.
The following declaration gives you an overview of which of your data is requested on our websites, how this data is used and passed on, how you can obtain information about the information given to us, and which security measures we take to protect your data.
Name and Address of the Controller Responsible for Processing
The controller within the meaning of data protection regulations for all data processing procedures carried out via our websites is:
microParticles GmbH
Volmerstr. 9A, H3.5.1
12489 Berlin
Telephone: +49 30 6392 2565
Fax: +49 30 6392 2555
E-Mail: info@microparticles.de
Inquiries regarding data protection and the assertion of data subject rights should be directed to the aforementioned address.
General Information
To meet the requirements for a precise, transparent, and understandable form (Art. 12 Para. 1 GDPR), we would like to provide you with comprehensible and (hopefully) understandable information on the type, scope, and purpose of data processing in the following sections.
The fundamental purpose of data processing is the operation of our websites with the presentation of our company’s products, which you can order and have delivered via our shop system.
The use of our websites is generally possible without any indication of personal data. However, if you wish to use the services of our company via our websites, the processing of personal data will be necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain your consent as the data subject.
The processing of personal data, for example, your name, address, e-mail address, or telephone number, is always carried out in accordance with the legal regulations of European and German data protection law.
Collection of Usage Data
With each visit to our websites, a series of general data and information is collected. This information is stored in the log files of our web host’s server (domainFactory). This information provides details about your IP address, the time of access, the pages or files accessed, the so-called referrer (the previously visited page), as well as the amount of data transferred and the end device and browser used.
This information is primarily needed to (1) correctly deliver the content of our website to the user’s computer, (2) ensure the long-term functionality and security of our websites, and (3) for other administrative purposes. This data is not stored together with other personal data of the user. Likewise, we do not draw any conclusions about the data subject from this information.
Our legitimate interest in the temporary storage of the data and the log files in accordance with Art. 6 Para. 1 lit. f GDPR lies in the aforementioned purposes. The data in the log files is generally deleted after three days. Storage beyond this period is possible.
Contact Form and E-Mail
Our websites offer the possibility of contacting us directly via a contact form or the specified e-mail address. If you, as a user, contact us via the contact form or by e-mail, your details from the contact form or the personal data transmitted by you with the e-mail will be stored automatically.
We use your data to process your inquiry and may contact you for this purpose using the contact details provided. This data is not used for advertising purposes or passed on to third parties.
The legal basis for the processing of the data that is transmitted by you in the course of contacting us via the contact form or by e-mail is our legitimate interest in answering your request in accordance with Art. 6 Para. 1 lit. f GDPR. If the contact is aimed at concluding a contract or is part of the fulfillment of a contract, then Art. 6 Para. 1 lit. b GDPR is also the legal basis for the processing. Your data will be deleted after the final processing of your request. This is the case if it can be inferred from the circumstances that the matter in question has been finally clarified and provided that there are no statutory retention obligations to the contrary.
Contract Processing
The personal data you provide to make use of our product range is stored and processed by us for the purpose of contract processing. A conclusion of a contract and the processing of the contract are not possible without providing your data.
As part of the contract processing, we pass on your data to the logistics company commissioned by us with the delivery of the goods, insofar as this is necessary for the delivery.
The legal basis for the processing of data within the scope of contract processing, including the transfer of data, is the fulfillment of a contract in accordance with Art. 6 Para. 1 lit. b GDPR.
Customer Account / Registration Function
We provide you with the option of creating a customer account with us via our websites. For this purpose, you can register with us by providing personal data (such as your name, your address, your e-mail address, etc.). When you create a customer account, we store your IP address and the date and time of your registration in addition to your personal data. As a rule, your data will not be passed on to third parties.
The customer account serves the following purposes: To provide pre-contractual services, to fulfill a contract, and to provide various services for you as a customer (e.g., an overview of previous orders, wish list function, etc.).
Creating a customer account is voluntary and is not required to place an order. Your consent in accordance with Art. 6 Para. 1 lit. a GDPR is therefore the legal basis for the processing. If the opening of the customer account also serves pre-contractual measures or the fulfillment of a contract, then Art. 6 Para. 1 lit. b GDPR is also the legal basis for this processing.
You can revoke the consent you have given us for the opening and maintenance of your customer account at any time by sending us a written notification (Art. 7 Para. 3 GDPR). The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. Furthermore, you have the option to delete your customer account yourself at any time.
Cookies
We use so-called cookies on our websites. Cookies are small text files that are placed and stored on your end device by the web server via your internet browser when you visit our websites. We do not gain any knowledge of your identity through the cookies used.
We limit the use of cookies to so-called session cookies. These session cookies, identifiable by the name MODsid, contain a unique ID of numbers and letters, are of a technical nature, and are used only internally by the web server to identify your user session. These cookies are strictly necessary and are automatically deleted after closing the internet browser.
You generally have the option to block the setting of cookies and to delete cookies that have already been set. You can obtain more information on this from the manufacturer or in the help function of your internet browser. If cookies are deactivated for our websites, it may not be possible to use all functions of the websites to their full extent.
Tools and Other
Our websites use so-called Web Fonts for the uniform display of fonts. These are provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). When you call up our websites, your browser loads the required Web Fonts in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to Google’s servers. Through this call, Google can generally gain knowledge that our websites have been accessed via your IP address.
The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our websites. This constitutes our legitimate interest according to Art. 6 Para. 1 lit. f GDPR. If your browser does not support Web Fonts, a standard font from your computer will be used.
Google, which is based in the USA, is certified for the US-European data protection agreement EU-US Privacy Shield. According to a decision by the EU Commission, it can generally be assumed that companies on the „Privacy Shield List“ have an „adequate level of data protection“ when processing personal data. In this respect, the conditions for handling data in a manner that complies with data protection regulations are met.
Duration of Storage of Personal Data
We generally process and store your personal data only for the period necessary to achieve the purpose of storage or as provided for in laws or regulations to which the controller is subject (e.g., commercial and tax retention periods). After the period has expired, the corresponding data is routinely deleted, provided that it is no longer required for the fulfillment or initiation of a contract and/or we no longer have a legitimate interest in its continued storage.
Data Security
We use the widespread SSL (Secure Socket Layer) procedure on our websites in conjunction with the highest level of encryption supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether our websites are transmitted in encrypted form by the closed or green display of the lock symbol in the address bar of your browser.
Furthermore, as the controller, we have implemented further technical and organizational measures to ensure the most complete protection possible for the personal data processed via our websites. Nevertheless, internet-based data transmissions can fundamentally have security gaps, so that absolute protection cannot be guaranteed. For this reason, you are free to transmit personal data to us via alternative means, for example, by telephone.
Rights of the Data Subject
If your personal data is processed, you are a data subject within the meaning of the GDPR. You have comprehensive rights with respect to the controller, about which we inform you below:
Right of Access
You have the right to free information about your personal data stored by us, in particular its origin and recipients, as well as the purpose of the data processing and the planned storage period (Art. 15 GDPR).
Right to Rectification
You have the right to the immediate rectification of inaccurate data concerning you and/or the completion of your incomplete data stored by us (Art. 16 GDPR).
Right to Erasure („Right to be Forgotten“)
You have the right to request the immediate erasure of your personal data if the conditions of Art. 17 Para. 1 GDPR are met. However, this right does not exist, in particular, if the processing is necessary to comply with a legal obligation to which our company is subject (Art. 17 Para. 3 GDPR).
Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data if one of the conditions according to Art. 18 Para. 1 applies.
Right to Notification
If you have asserted the right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients (Art. 19 GDPR).
Right to Data Portability
Art. 20 GDPR grants you the right to receive the personal data concerning you, which you have provided to us as the controller, in a structured, commonly used, and machine-readable format, provided that one of the conditions according to Art. 20 Para. 1 applies.
Right to Object
Furthermore, Art. 21 GDPR guarantees you the right to object at any time to the processing of personal data concerning you, which is based on Art. 6 Para. 1 lit. e or f. If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising. If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
Right to Withdraw Consent
According to Art. 7 Para. 3 GDPR, you have the right to withdraw your consent to the processing of data at any time with effect for the future. In the event of a withdrawal, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal.
Right to Lodge a Complaint with a Supervisory Authority
If you believe that the processing of personal data concerning you violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement, without prejudice to any other administrative or judicial remedy (Art. 77 GDPR).
Automated Decision-Making Process
As a responsible company, we do not use automated decision-making or profiling.
Changes to this Privacy Policy
We reserve the right to change this privacy policy on occasion and without prior notice. We would therefore ask you to inform yourself regularly about any changes to this privacy policy on this page.
As of: 25 May, 2018
