Protection of Personal Data
Privacy Policy of the SECO Website
This Privacy Policy (referred to as "Privacy Policy") explains how SECO (“SECO”, “we”, “our”, and “us”) collects, uses, shares and otherwise processes your personal information (also known as personal data) in connection with the use of SECO websites and applications that link to this Privacy Policy (the “Sites”), and the use of our services and products (the “Services” and “Products”).
1. Data Controller
The Data Controller is SECO S.p.A. (hereinafter also referred to as "SECO" or the "Controller"), represented by its pro tempore legal representative, with registered office in Arezzo (AR), 52100, Via Achille Grandi, no. 20.
2. Type of data which are subject to the processing:
PERSONAL DATA:
When using our Services, we may collect certain information, such as your name, email address, phone number, postal address, job title, and company name. We may also collect other information that you provide through your interactions with us, for example if you request information about our Products or Services, interact with our sales team or contact customer support, or take part in marketing activities.
We do not process special categories of personal data about our users.
TECHNICAL DATA:
The computer systems and software procedures used to operate the Site can acquire, during their normal operation, navigation data whose transmission is implicit in the use of Internet communication protocols.
Navigation data, necessary for the use of web services, are also processed for the purpose of:
- obtaining statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);
- checking the correct functioning of the services provided.
3. Purpose of the Processing
We inform you that your personal data are processed for purposes strictly connected and necessary for the use of the Site and the services provided therein, as well as to ensure the security of the network and data of the company's IT systems.
In particular, personal data will be processed for the following purposes:
- to create and maintain your SECO account;
- to provide, maintain, deliver and update SECO Services;
- to provide you with customer service and support;
- to respond to your questions, comments, and requests, including to keep in contact with you regarding the Products and Services you use;
- for billing, payment, or account management; for example, to identify your account and correctly identify your usage of our Products and Services;
- for marketing communications;
- to protect the security, availability and integrity of our services and information systems;
- to comply with our obligations under applicable law, legal process, or government regulation.
4. Legal Basis
We process personal data for the following purposes:
The legal basis of the processing depends on the various purposes set out above: consent (Article 6, section 1, letter a) of the GDPR); the fulfilment of specific obligations deriving from pre-contractual and contractual agreements (pursuant to Article 6, section 1, letter b) of the GDPR); the legitimate interest of the company (Article 6, section 1, letter f) of the GDPR).
5. How we share you information
Your personal data may be disclosed to the following categories of parties:
- companies belonging to the SECO Group for the performance of the contract and for related administrative purposes;
- employees and collaborators appointed by the Data Controller as authorised parties for processing;
- entities and/or subjects appointed as data processors;
- external IT service providers who provide IT maintenance and assistance, IT solutions and software solutions on behalf of the Controller and/or the SECO Group;
- natural or legal persons appointed by the Data Controller to perform services related to the management of the payment systems in use at the Site, as well as credit recovery companies;
- public security authorities, judicial authorities, parties, bodies or authorities to whom it is mandatory to communicate your personal data by virtue of legal provisions or orders of the authorities.
6. Transfer of Data to Third Countries
The personal data you provide may be transferred abroad, both within the European Union and to third countries, for the purpose of performing the contract in place with you or the pre-contractual measures adopted at your request, as well as the fulfilment of obligations imposed by applicable laws.
In any case, please note that the transfer of your personal data abroad shall take place in accordance with the provisions of Articles 44 et seq. of the GDPR.
7. Period for Retention of Personal Data
In order to ensure correct and transparent processing, Seco retains your personal data for a period of time not exceeding that necessary for the purposes for which they have been collected or subsequently processed, in accordance with the provisions of Article 5, section 1, letter e) of the GDPR.
Personal data that are no longer necessary, or for which there is no longer a legal basis for its storage, are irreversibly anonymised or destroyed.
Navigation data are not retained except for any need to ascertain crimes by the judicial authorities.
The personal data processed to fulfil any contractual obligation may be stored for the duration of the agreement and in any case no later than the following 10 years, in compliance with the statute of limitations laid down by law.
In the event that it is necessary to process the data for judicial purposes, these will be retained for the time when any complaints can be prosecuted.
8. Data subject rights
At any time, you may exercise the rights recognised pursuant to Articles. 15 et seq. of the GDPR, in the manner and within the limits governed by the above-mentioned legislation:
- right of access (Article 15 of the GDPR);
- right of rectification (Article 16 of the GDPR);
- right to erasure (Article 17 of the GDPR);
- right to restriction of processing (Article 18 of the GDPR);
- right to data portability (Article 20 of the GDPR);
- right to object (Article 21 of the GDPR);
- right not to be subjected to a decision based solely on automated processing, including profiling (Article 22 of the GDPR). You can exercise your rights by writing to the following address: privacy@seco.com.
9. Right to Lodge a Complaint
Should you believe that the processing of your personal data is carried out in breach of the provisions of current legislation, you have the right to lodge a complaint with the Supervisory Authority, as provided by art. 77 of the GDPR, or to make a claim in the appropriate judicial offices, pursuant to art. 79 del GDPR.
10. Links to Other Websites, Platforms and Applications
The Site may contain links to other websites, which you can consult by selecting special links made accessible while browsing. Access to and consultation of these sites remain unrelated to the activity, checks and/or security measures adopted by SECO.
Server-Log-Files
The provider of these websites automatically collects and stores information in so-called server log files which your browser automatically transmits to us, such as
- browser type/version
- used operating system
- referrer URL
- host name of the accessing computer
- time of query
Those data cannot be associated with individual persons. A merging with other data sources does not take place. We reserve the right to retrospectively check the data if reasonable evidences concerning illegal use become known.
Contact form
On our website, you have the opportunity to send us an encrypted e-mail via the “Contact” form with details of your request. Here, for example, you can ask us questions about our company, products or services. In order to process your request, we ask you to enter personal data in the input mask. These include your name and e-mail address as well as further information such as the subject of your request and your message text. You can also supply further information in addition to the required fields. Address and/or telephone number can be provided as an option.
This information we have requested enables us to deal with your request comprehensively. Communication of the data provided by you in this connection takes place expressly on a voluntary basis.
The personal data transmitted to us from your details, as mentioned above, as well as the time you make contact are used exclusively for the purpose for which you made them available to use when making contact – in particular for processing your enquiry. The information you give is used exclusively for processing your enquiry. The data will not be used for other purposes or forwarded to third parties without your express consent. Excluded from this – insofar as is necessary for fulfilling your enquiry – are partner firms of SECO Northern Europe GmbH. These may for example be: our suppliers, transport and logistics partners and our trading partners. Insofar as no statutory retention obligations apply, your personal data will be erased after handling your request.
The legal basis for the data processing is Art. 6 (1) (f) GDPR. Our legitimate interest is that we require your data so that we can process or answer your message.
Data security
We safeguard our website and other systems by means of suitable technical and organizational measures against loss, destruction, access, modification or dissemination of your data by unauthorized persons. However, despite regular controls, complete protection against all hazards is not possible.
Our website uses the industry standard SSL (Secure Sockets Layer) for encryption. This guarantees the confidentiality of your personal details via the Internet. You can recognize whether an encrypted transmission is taking place by the closed key/lock symbol in your browser display.
Forwarding of data
Your personal data is passed on to third parties only - if you have given us your express consent to do so in accordance with Art. (1) (a) GDPR, - if forwarding is necessary in order to fulfil contractual obligations in accordance with Art 6. (1) (b) GDPR;
- if we are legally obliged to forward the data as defined by Art. 6 (1) (c) GDPR;
- if forwarding the data is in the public interest as defined by Art. 6 (1) GDPR or;
- if forwarding the data in accordance with the Art. 6 (1) (f) GDPR for safeguarding our legitimate interests or the legitimate interests of a third party insofar as your interests in the protection of your data do not override.
Data categories
We process the following categories of data: master data (such as company, if appropriate contact, address), communication data, contractual data, receivables data, if appropriate information on payments and arrears. See the above-mentioned information in this connection.
Third-party recipients
In order to process you request in a satisfactory manner, we may have to pass on your personal data to third-party recipients.
Storage period of personal data
Your data will be stored by us for as long as is necessary for the purposes on which the processing is based. Furthermore, we only store data insofar as we are legally obliged to do so, e.g. due to statutory retention obligations.
Information on the right to object
An objection to the processing of personal data relating to you is possible on the basis of Article 6 (1) (e) (data processing in the public interest) or (f) (data processing in order to maintain legitimate interests on the basis of a balancing of interests) at any time in accordance with Article 21 GDPR. In the case of an objection, the personal data will no longer be processed unless compelling legitimate grounds can be demonstrated for the processing, which override the interests, rights and freedoms of the data subject or the processing is for the establishment, exercise or defence of legal claims.
Insofar as you have given us your consent to the processing of personal data, you can withdraw this consent at any time. As a matter of course, this also applies to any declarations of consent given to us before 25 May 2018 (before the GDPR came into effect). The withdrawal of consent can only ever come into force for the future. The lawfulness of the processing is not retroactively nullified by an objection.
Please direct your objection to the e-mail address north@seco.com
Validity
This Privacy Policy is valid as of 23 May 2018. It is the current and valid version of our Privacy Policy.
However, we wish to point out that a review of this Privacy Policy may be necessary from time to time on grounds of actual or legal changes.
Data protection officer
If you have any queries relating to data protection, please do not hesitate to contact our external data protection officer at:
Vater Solution GmbH
Mr Cord Lange
Boschstr. 5
D-24118 Kiel
or by e-mail at colange@vater-gruppe.de.
Subscribing to our newsletter
If you would like to receive the newsletter, we require a valid e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address or that the owner agrees to receive the newsletter. If available, you may voluntarily enter your name and title in order to personalize the newsletter dispatch. This data will only be used for sending the newsletter and will not be passed on to third parties.
To confirm the ownership of the e-mail address, an e-mail is sent with a link to activate the subscription (double opt-in). When you subscribe to the newsletter, we store your IP address and the date of subscription for the statutory period of limitation, beginning with the date of unsubscription. This storage serves as proof in the event that a third party misuses an e-mail address and registers to receive the newsletter without the knowledge of the authorized person. Opening and click actions are recorded by our IT systems via individualized links and evaluated anonymously. In each newsletter, you can deactivate the evaluation at any time. You can also revoke your consent to the processing of the data, the e-mail address and their use for sending the newsletter at any time. The revocation can be done via a link in the newsletters themselves, or by sending a message to the contact options above.
Customer satisfaction surveys
We ask our customers at regular intervals to what extent they are satisfied with our services and what we can do better.
The personal data collected as part of a customer satisfaction survey is used exclusively for internal evaluation. The personal data collected as part of the survey will not be passed on to third parties. The legal basis for our use is Art. 6 1 a) - your voluntarily given consent and Art. 6 1. f) GDPR - our legitimate interest to continuously improve our services to customers.
After evaluation, the communicated data will be deleted.
Google Analytics
If you have given your consent, this website uses Google Analytics, a web analysis service of Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
Scope of the processing
Google Analytics uses cookies that enable an analysis of your use of our website. The information collected by means of the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.
We use the function 'anonymizeIP' (so-called IP-Masking): Due to the activation of the IP-anonymization on this website, your IP-address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there.
During your visit to our website, the following data, among others, is recorded:
- the pages you call up, your "click path
- Achievement of "website goals" (conversions, e.g. newsletter registrations, downloads, purchases)
- Your user behavior (for example clicks, dwell time, bounce rates)
- Your approximate location (region)
- Your IP address (in abbreviated form)
- technical information about your browser and the end devices you use (e.g. language settings, screen resolution)
- Your internet provider
- the referrer URL (via which website/advertising medium you came to this website)
Purposes of processing
On behalf of the operator of this website, Google will use this information to evaluate your (pseudonymous) use of the website and to compile reports on website activities. The reports provided by Google Analytics serve to analyze the performance of our website.
Recipient
The recipient of the data is
- Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
as a contract processor. For this purpose we have concluded a contract with Google. Google LLC, headquartered in California, USA, and, if applicable, US authorities can access the data stored at Google.
Transfer to third countries
A transfer of data to the USA cannot be excluded.
Storage period
The data sent by us and linked to cookies is automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by
a. not giving your consent to the setting of the cookie or
b. Download and install the browser add-on to disable Google Analytics HERE.
You can also prevent the storage of cookies by setting your browser software accordingly. However, if you configure your browser to refuse all cookies, this may limit the functionality of this and other websites.
Legal basis and possibility of revocation
for this data processing is your consent, Art.6 para.1 S.1 lit.a DSGVO. You can withdraw your consent at any time with future effect by accessing the cookie settings [HERE LINK TO CONSENT TOOL SETTINGS] and changing your selection there.
For more information about Google Analytics terms of use and Google's privacy policy, please visit policies.google.com.
Privacy Policy for cross-device remarketing
Our websites use the functions of Google Analytics Remarketing in connection with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc. 1600 Amphitheater Parkway Mountain View, CA 94043, USA.
This function enables the advertising target groups created with Google Analytics Remarketing to be linked to the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-related, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one device (e.g. cell phone) can also be displayed on another of your devices (e.g. tablet or PC).
If you have given your consent, Google will link your web and app browser history to your Google account for this purpose. In this way, the same personalized advertising messages can be displayed on any device on which you log in with your Google account.
To support this function, Google Analytics records Google-authenticated IDs of the users, which are temporarily linked to our Google Analytics data in order to define and create target groups for cross-device advertising.
You can permanently object to cross-device remarketing / targeting by deactivating personalized advertising in your Google account; follow this link: https://www.google.com/settings/ads/anonymous
Further information and data protection regulations can be found in Google's data protection declaration at: www.google.com/policies/technologies/ads/
Privacy Policy for the use of YouTube
Our website uses plugins of the Google-operated website YouTube. Provider of the website is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our website having a YouTube-plugin embedded, a connection to YouTube servers will be established. The YouTube server will then be submitted the information that you have visited our websites.
If you are logged on to your YouTube account, you enable YouTube to associate your browsing behaviour with your personal profile. You may prevent this by logging out of YouTube.
You find further information concerning the treatment of user data in the Privacy Policy of YouTube under: www.google.de/intl/de/policies/privacy
Privacy Policy for the use of Google Analytics Remarketing
Our websites use retargeting technologies by Google. Provider of these technologies are Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
This enables to address visitors of our website with customised, interest-related commercial information. The display of commercials takes place according to the cookie-based analysis of previous usage and browsing behaviour. According to our present stat of knowledge, no person-related data will be stored when visiting our website. On access, a cookie will be placed to collect anonymous data about interests of the user and so to adapt commercials to such information. These cookies are small text files which will be stored onto your computer or terminal device.
You can permanently object to the use of cookies for retargeting by deactivating customised commercials by Google here: https://www.google.com/settings/ads/anonymous
Further information and data protection regulations you find in Google's Privacy Policy under www.google.com/policies/technologies/ads/
DoubleClick by Google
We use the online marketing tool DoubleClick by Google. DoubleClick uses cookies to serve ads that are relevant to users, to improve reports on campaign performance, or to prevent users from seeing the same ads multiple times. Google uses a cookie ID to record which ads are displayed in which browser and can thus prevent them from being displayed multiple times. In addition, DoubleClick can use cookie IDs to record conversions related to ad requests.
This is the case, for example, if a user sees a DoubleClick ad and later visits the advertiser's website with the same browser and buys something there. According to Google, DoubleClick cookies do not contain any personal information. Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our knowledge: By integrating DoubleClick, Google receives the information that you have accessed the corresponding part of our website or clicked on one of our ads. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will find out and save your IP address. You can prevent participation in this tracking process in various ways: a) by setting your browser software accordingly, in particular the suppression of third-party cookies means that you will not receive any advertisements from third-party providers; b) by deactivating the cookies for conversion tracking, by setting your browser so that cookies from the domain www.googleadservices.com are blocked, https://www.google.de/settings/ads, this setting being deleted when you delete your cookies; c) by deactivating the interest-based ads of the providers that are part of the self-regulation campaign "About Ads" via the link www.aboutads.info/choices, this setting being deleted if you delete your cookies; d) by permanent deactivation in your browsers Firefox, Internet Explorer or Google Chrome under the link www.google.com/settings/ads/plugin, e) by means of appropriate cookies settings. We would like to point out that in this case you may not be able to use all functions of this offer to their full extent. Further information on DoubleClick by Google can be found at https://marketingplatform.google.com/about/enterprise/ and data protection at Google in general: www.google.de/intl/de/policies/privacy. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at thenai.org. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/ps/EU-US-Framework. The legal basis is Art. 6 (1) a GDPR
Shareaholic
Shareaholic, Inc. ("Shareaholic") betreibt mehrere Produkte, Dienstleistungen und Websites, darunter shareaholic.com, yarpp.com und buzzster.com. Es ist die Politik von Shareaholic, Ihre Privatsphäre in Bezug auf alle Informationen, die wir während des Betriebs unserer Dienste sammeln, zu respektieren.
Diese Datenschutzerklärung gilt für den Umgang von Shareaholic mit personenbezogenen Daten, die gesammelt werden, wenn Sie einen der Dienste von Shareaholic nutzen, einschließlich, aber nicht beschränkt auf den Besuch einer Website, einer URL, einer Webseite und einer Softwareanwendung oder einer Anwendung für ein mobiles Gerät, auf der die Shareaholic-Dienste aktiviert oder genutzt werden. Wir können einige oder alle der hier beschriebenen Daten sammeln, um unseren Dienst bereitzustellen.
Nähere Informationen zu Datenverarbeitung und Datenschutz durch Shareaholic finden Sie unter https://www.shareaholic.com/privacy/.
Registration with this websites
You can register with this website to be able to use additional functions on this website. The data entered for this purpose will only be used for purpose of use of the respective offer or service for which you have registered.
We also use the provided email address to inform you about important changes, such as change of the offer range or in case of technical changes.
SSL Encryption
For security reasons and to protect the transmission of confidential data, such as enquiries you sent to us as the provider, this website uses an SSL encryption. You recognise an encrypted transmission by the change of the address line of the browser from "http://" to "https://" and by the lock-symbol in your browser address line.
If the SSL encryption is active, the data you have transmitted to us cannot be accessed by third parties.
Processing of data (customer data and contract data)
We collect, process and use person-related data only as far as necessary for the establishment, content-related arrangement or change of the legal relationship (stock data). We only collect, process and use person-related data about the use of our websites (usage data) insofar it is necessary for enabling, improving or invoicing the use of the service.
Transmission of data on contract conclusion for online shops, traders and product shipment
We transmit person-related data to third parties only if it necessary to fulfil the contract, e.g transmitting data to the forwarding agent or the commissioned credit institution in charge with the payment. A further transmission of data to third parties does not take place unless you have given your explicit permission. A transmission of data to third parties for commercial purposes does not take place.
Encrypted payment transaction on this website
Payment transactions via the common methods of payment (Visa/Mastercard, direct debit) exclusively take place via an encrypted SSL connection. You can recognize an encrypted connection by the change of the browser line from "http://" to "https://" and the lock-symbol in your browser line.
On encrypted communication your bank details, which you submit to us, cannot be read by third parties.
Right to Information, Deletion, Blocking
You have the right to be informed about your person-related data, their origin and addressee and the purpose of data processing as well as the right to correction, blocking or deletion of those data at any time and free of charge. For further questions and questions concerning person-related data, feel free to contact us under the address published in the impressum/legal notice.
Objection to commercial mails
Providers are obligated to publish contact information in the Legal Note/Impressum. The use of such contact information by third parties for the purpose of distributing unsolicited advertisements or other commercial information is prohibited. The operators of this website reserve the right to take legal measures in case of being sent unsolicited commercial information, e.g. spam mails etc.