Data protection - zwilling.com
Last modified August 2021
1 Introduction
This privacy policy explains the type, scope and purpose of the processing of personal data (hereinafter referred to as "data") in connection with your visit to the website https://www.zwilling.com/ (hereinafter referred to as "website") or one of our external online presences. When you click on one of our locations, you will be redirected to the respective local online presence. For further information on any processing of your data in connection with these local online presences, please refer to the privacy policy that can be accessed there.
Section I - Controller and data protection officer
Controller
ZWILLING J.A. Henckels AG
(hereinafter also referred to as "ZWILLING", "we" or "us")
Gruenewalder Strasse 14-22, 42657 Solingen, Germany
Phone: + 49 212 882 0
E-mail: info@zwilling.com
Complete imprint:
https://www.zwilling.com/global-imprint.html
Contact Data Protection Officer
ZWILLING J.A. Henckels AG
Data Protection Officer
Gruenewalder Strasse 14-22, 42657 Solingen, Germany
E-Mail: datenschutz@zwilling.com
Section II – Procession Operations
In the following, we may provide you with an overview of our processing activities.
Log and metadata processing
The following data is processed when accessing our website: Date, time and duration of access, location, IP address, provider, referrer URL, requested URL, browser ID, operating system. The data is used on the one hand for statistical analysis and to maintain and optimize server operation and on the other hand for security purposes, e.g. to detect unauthorized access attempts
For these purposes, it is possible that we also pass on the data to third parties. These may be companies that support us in statistical or security analysis as well as law enforcement agencies, for example in the event of unauthorized access. In addition, we have commissioned a technical service provider with the administration and operation of our website, which also receives knowledge of your data in this function.
The storage period of the aforementioned data is 30 days from collection.
The legal basis for the processing is our legitimate interest (Art. 6(1)(f) GDPR) to continuously optimize our Internet presence and to detect and prevent possible attack attempts by hackers, etc..
Cookies
As part of our website, we also use cookies, which are small files that are stored on users' devices. In all cases, the categories of data processed include usage data and metadata. Special categories of data are not processed in the process.
The cookies we use are necessary cookies that are required for the demand-oriented use of the website and to prevent unauthorized access attempts to our website, in particular so-called bot attacks. The legal basis in each case is our legitimate interest (Art. 6(1)(f) GDPR) in making our website available to you in as user-friendly a manner as possible and protecting our website from attacks from the Internet. The storage period of the cookies used by us is 180 days (user-friendly design) and 30 days (protection against attacks).
You have the option to disable cookies in your browser settings. However, this may restrict functions of our website. Alternatively or additionally, you can also use the following general opt-out options:
a) Europe: https://www.youronlinechoices.eu
b) Canada: https://www.youradchoices.ca/choices
c) USA: https://www.aboutads.info/choices
d) International: https://optout.aboutads.info
External online presences
We maintain online presences within the social networks and platforms listed below in order to communicate with the users active there and to inform them about our company and our products. If you communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages, we process your data for communication purposes. In addition, when you visit and use our respective online presence, the operator of the network or platform may evaluate your usage behaviour and provide us with information obtained from this. This information is used for the purpose of economic optimisation and demand-oriented design of our online presence.
Furthermore, your data within social networks and platforms is usually processed by the respective operator for market research and advertising purposes. For example, user profiles can be created based on your usage behaviour and the resulting interests, in order to place interest-based advertisements within and outside of the networks and platforms. For further information on the operator's processing and any opt-out options, please refer to the privacy policies of the respective operators.
Our processing of your data is in each case based on our legitimate interest (Art. 6(1)(f) GDPR) in increasing awareness of our company, in communicating with people who are interested in our company and our products, and in better understanding your wishes and interests. In doing so, the categories of data we may collect are inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta and connection data (e.g. device information, IP addresses). The deletion of your data is determined by the privacy policies of the respective operator.
Facebook
Operator: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (as joint controller - the essence of the agreement can be found at https://www.facebook.com/legal/terms, Parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Operator's privacy policy: https://www.facebook.com/lpolicy.
Operator: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (as joint controller - the essence of the agreement can be found at https://www.facebook.com/legal/terms, Parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Operator's privacy policy: https://help.instagram.com.
Youtube
Operator: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Operator's privacy policy: https://policies.google.com/privacy.
Operator: Pinterest Europe Ltd; Palmerston House, 2nd Floor; Fenian Street; Dublin 2, Ireland; Parent company: Pinterest, Inc. 505 Brannan Street; San Francisco, CA 94107; Operator's privacy policy: https://policy.pinterest.com/de/privacy-policy.
Operator: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; Operator's privacy policy: https://twitter.com/de/privacy (settings) https://twitter.com/personalization.
XING and Kununu
Operator: New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany; Operator‘s privacy policy:https://privacy.xing.com/en/privacy-policy.
Operator: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Operator’s privacy policy:https://www.linkedin.com/legal/privacy-policy.
Section III - Data subject rights and general information
Data subject rights
Rights of data subjects
You have the right to request confirmation as to whether data concerning you is being processed and to information about this data as well as further information and a copy of the data in accordance with Art. 15 GDPR.
In accordance with Art. 16 GDPR, you have the right to request the completion of data concerning you or the rectification of incorrect data concerning you.
In accordance with Art. 17 GDPR, you have the right to demand that data concerning you be erased without undue delay, or alternatively, in accordance with Art. 18 GDPR, to demand restriction of the processing of the data.
You have the right to recieve the data concerning you that you have provided to us in accordance with Art. 20 of the GDPR and to request that it be transferred to other data controllers.
You also have the right to lodge a complaint with the competent supervisory authority pursuant to Art. 77 GDPR. The address of the supervisory authority responsible for us pursuant to Art. 55 GDPR in conjunction with Section 40 BDSG is: State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (“Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen”), Postfach 20 04 44, 40102 Duesseldorf, Germany.
Right of withdrawal and right of objection
You have the right to revoke given consents according to Art. 7(3) GDPR with effect for the future and can object to future processing of the data concerning you at any time in accordance with Art. 21 GDPR.
Duty to provide data
Unless otherwise stated above in the respective information on the legal basis for processing, you are not obliged to provide data. However, if you do not provide this data, you will not be able to use our website, or only to a limited extent.
Data transfer
If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), grant access to the data or transfer the data in any other way, this will only be done on the basis of legal permission.
If we commission third parties with the processing of data based on a so-called "data processing agreement", this is done based on Art. 28 GDPR.
Changes and updates to the privacy policy
We reserve the right to update this Privacy Policy from time to time. Updates to this Privacy Policy will be posted on our website. Changes will apply as of their publication on our website. We therefore recommend that you visit website regularly to find out about any updates that may have been made.