Data Protection
7.26.2022

Privacy Policy 

 

Introduction

The following Privacy Policy informs you about the types of personal data (referred to in the following also as “data”) we process, for which purposes we do so and to what extent. The Privacy Policy applies to the processing of personal data carried out by us, both in the context of providing our services and, in particular, on our websites, in mobile applications and within external online presences, such as our social media profiles (collectively referred to in the following as “online presence”). Additional privacy policies maintained by individual controllers or for particular processing operations are provided separately.

The terms used in this Privacy Policy are not intended to be gender specific.

 

Legal Statemnet:https://www.siliconejxcom/en/Legal-Statement/

 

Overview of the Processing Operations

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.

 

Types of Data Processed

  • Inventory data (e.g. names, addresses).
  • Content data (e.g. text entries, photographs, videos).
  • Contact details (e.g. email, telephone numbers).
  • Meta/communication data (e.g. device information, IP addresses).
  • Usage data (e.g. websites visited, interest in content, access times).
  • Location data (data indicating the location of an end user’s device).
  • Contract data (e.g. object of the contract, term, customer category).
  • Payment data (e.g. bank details, invoices, payment history).

 

Categories of Data Subjects

  • Employees (e.g. salaried employees, former employees).
  • Business and contractual partners.
  • Interested parties.
  • Communication partners.
  • Users (e.g. website visitors, users of online services).

 

Purposes of Processing

  • Provision of the online presence and services.
  • Office and organizational procedures.
  • Direct marketing (e.g. by email or by post).
  • Contact enquiries and communication.
  • Web analytics (e.g. access statistics, analysis of recurring visitors).
  • Security measures.
  • Reach measurement (e.g. access statistics, recognition of returning visitors).
  • Tracking (e.g. interest/behavioral profiling, use of cookies).
  • Contractual services and customer care.
  • Management and response to enquiries.

 

Relevant Legal Bases

We process personal data in accordance with applicable laws and regulations, among others, Personal Information Protection Law of China, General Data Protection Regulation (GDPR), and California Consumer Privacy Act (CCPA). Please note that in addition to the provisions contained in these laws and regulations, national data protection regulations may apply in your or our country of residence and domicile. Our Privacy Policy will inform you if more specific legal bases are additionally applicable in individual cases.

  • Consent– The data subject has provided consent to the processing of personal data concerning them for one or several specific purposes.
  • Legitimate interests– Processing is necessary to protect the legitimate interests of the controller or of a third party unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data outweigh the processing.

 

Additional national data protection regulations:

In addition to the provisions of data protection set out in the General Data Protection Regulation, national regulations on data protection apply in respective European countries, e.g.in Germany. These include in particular the law on protection against misuse of personal data in data processing (e.g. Federal Data Protection Act of Germany- BDSG). The national data protection regulations are abided by us as well.

 

Security Measures

We take appropriate technical and organizational measures in accordance with the legal requirements, considering the state of the art, the implementation costs and the nature, scope, circumstances, and purposes of processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection commensurate with the risk.

In particular, the measures include the safeguarding of confidentiality, integrity and availability of data by controlling physical and electronic access to data, as well as personal access, input, disclosure, safeguarding of availability and separation of data in this regard. Furthermore, we have established procedures to ensure that the rights of data subjects are exercised, data is erased and that responses are undertaken to any threats to the data. Furthermore, by designing technology and by using default settings that facilitate data protection, we take the protection of personal data into account as early as the development or selection of hardware, software and processes in accordance with the principle of data protection by design.

 

SSL encryption (https): We use SSL encryption to protect your data that is transferred via our online presence. You can recognize these encrypted connections by the prefix https:// in the address line of your browser.

 

Transfer and Disclosure of Personal Data

It is possible that within the framework of our processing of personal data, the data may be transferred or disclosed to other bodies, companies, legally independent organizational units or persons. The recipients of this data may include, for example, payment institutions in the context of payment transactions, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we will adhere to the legal requirements and in particular conclude appropriate contracts or agreements with the recipients of your data which serve to protect your data.

 

Transfer of data within the group of companies: We may transfer personal data to other companies within our group of companies or grant them access to such data. If this transfer is for administrative purposes, the transfer of the data is based on our legitimate entrepreneurial and business interests or takes place if it is necessary for compliance with our contractual obligations, with the consent of the data subject or when permitted by law.

 

Data Processing in “Third Countries”

If we process data in a “Third Country” (which means outside the European Union (EU), the European Economic Area (EEA)) or if processing takes place in the context of the use of services by third parties or the disclosure or transfer of data to other persons, bodies or companies, this will only take place in compliance with the legal requirements.

Subject to express consent or transfer required by contract or by law, we process or allow the data to be processed only in Third Countries with a recognized level of data protection, or on the basis of special guarantees, such as contractual obligations under standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission:  https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection de ).

 

Use of Cookies

Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user’s computer. A cookie is primarily used to store information about a user during or after their visit to an online presence. The stored information can include, for example, the language settings on a website, the login status, a shopping cart or the location where a video was viewed. The term “cookies” also extends to other technologies that perform the same functions as cookies (e.g. when user information is stored by means of pseudonymous online identifiers, also known as “user IDs”).

At present, no cookies are used on the websites.

 

Information on legal bases: The legal basis on which we process your personal data by means of cookies depends on whether we ask for your consent. If this is the case and you consent to the use of cookies, the legal basis for processing your data is the declared consent. Otherwise, the data processed with the aid of cookies will be processed on the basis of our legitimate interests (e.g. in the business operation of our online service and its improvement) or if the use of cookies is necessary for the fulfilment of our contractual obligations.

 

General information on withdrawal and objection (opt-out): Depending on whether the processing is based on consent or legal permission, you have the right at any time to withdraw your given consent or to object to the processing of your data by cookie technologies (collectively referred to as “opt-out”). You may initially declare your objection using the browser settings, e.g. by deactivating the use of cookies (although this may also restrict the functionality of our online presence). In Europe, an objection to the use of cookies for online marketing purposes can also be submitted in regard to a variety of services, especially in the case of tracking, via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. In addition, you may receive further notices concerning your rights of objection in the information offered by the service providers and their cookies.

 

Processing of cookie data based on consent: We ask for the consent of our users – which may be withdrawn at any time – before processing or commissioning the processing of data obtained through the use of cookies. We will only use cookies prior to the issue of consent if their use is necessary for the operation of our online presence. Their use is based on our interest and the interest of the users in the expected functionality of our online presence.

  • Types of data processed:Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
  • Data subjects:Users (e.g. website visitors, users of online services).

 

Commercial and Business Services

We process data concerning our contractual and business partners, e.g. customers and prospective customers (collectively referred to as “contractual partners”) within the scope of contractual and comparable legal relationships, as well as associated measures, and within the scope of communication with the contractual (or pre-contractual) partners, e.g. to respond to enquiries.

We process this data for the fulfilment of our contractual obligations, to safeguard our rights, for the purposes of administrative tasks associated with this data and for the purposes of business organization. Within the framework of applicable law, we only transfer data concerning our contractual partners to third parties to the extent that this is necessary for the aforementioned purposes, for compliance with legal obligations or with the consent of the contractual partners (e.g. transfer of data to participating telecommunications, transport and other auxiliary services, as well as to subcontractors, banks, tax and legal advisors, payment service providers or tax authorities). The contractual partners will be informed about other forms of processing, e.g. for marketing purposes, within the scope of this Privacy Policy.

Prior to or during data collection, e.g. in online forms, we use special markings (e.g. colors), symbols (e.g. asterisks or similar) or personal information to notify the contractual partners of which data is required for the above-mentioned purposes.

We erase the data after expiry of legal warranty and comparable obligations, e.g. as a rule after 4 years, unless the data is stored in a customer account, e.g. for as long as it must be kept for compliance with legal archiving requirements (e.g. usually 10 years for tax purposes). We will erase data that has been disclosed to us by the contractual partner within the scope of an order in accordance with the specifications of the order, as a rule once the order is complete.

If we use third-party providers or platforms for the delivery of our services, the terms and conditions and privacy policies of the respective third-party providers or platforms shall apply to the relationship between the users and the providers.

 

Project and development services:

We process the data of our customers as well as clients (referred to collectively in the following as “customers”) in order to enable them to select, acquire or commission the chosen services or works and related activities, as well as to pay for them, make them available and execute or perform them.

The compulsory information is identified as such in the context of the order, job or equivalent contractual arrangement and includes the information required for the provision of services and invoicing, as well as contact information to enable consultation with the customer if necessary. Insofar as we have access to information concerning the end customers, employees or other persons, we process this information in compliance with the legal and contractual requirements.

 

Offer of software and platform services: We process the data of our users, registered users and any trial users (hereinafter referred to collectively as “users”) in order to enable the delivery of our contractual services and on the basis of legitimate interests in the assurance of security of our presence and its optimization. The compulsory information is identified as such within the scope of the conclusion of the order, job or equivalent contractual arrangement and includes the information required for the provision of services and invoicing, as well as contact information to enable consultation with the customer if necessary.

  • Types of data processed:Inventory data (e.g. names, addresses), payment data (e.g. bank details, invoices, payment history), contact data (e.g. email, telephone numbers), contract data (e.g. object of the contract, term, customer category), location data (data indicating the location of an end user’s device).
  • Data subjects:Interested parties, business and contractual partners.
  • Purposes of processing:Contractual services and assistance, contact enquiries and communication, office and organizational procedures, management and responses to requests.

 

Contact

When contacting us (e.g. by means of the contact form, by email, telephone or via social media), the data concerning the persons submitting the enquiry will be processed to the extent that is necessary to respond to the contact enquires and to perform any requested measures.

We respond to contact enquiries within the framework of contractual relationships or to take steps prior to entering into a contract in order to fulfil our contractual obligations or to respond to enquiries prior to entering into a contract and otherwise on the basis of our legitimate interest in responding to the enquiries.

  • Types of data processed:Inventory data (e.g. names, addresses), contact data (e.g. email, telephone numbers), content data (e.g. text entries, photographs, videos).
  • Data subjects:Communication partners.
  • Purposes of processing:Contact enquiries and communication.

 

Provision of the Online Presence and Web Hosting

In order to provide our online presence securely and efficiently, we use the services of one or several web hosting providers from whose servers (or servers managed by them) the online presence can be accessed. We may use infrastructure and platform services, computing capacity, storage space and database services, as well security and technical maintenance services for these purposes.

The data processed within the framework of providing hosting services may include all data relating to the users of our online presence that is generated in connection with use and communication. This will ordinarily include the IP address, which is necessary to be able to deliver the contents of online presence to browsers, and all entries made within our online presence or from websites.

 

Collection of access data and log files:

We (or our web hosting provider) collect data concerning every access to the server (so-called server log files). Server log files may include the address and name of the web pages and files accessed, date and time of access, data volume transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the most recently visited page) and, as a rule, IP addresses and the requesting provider.

The server log files can be used for security purposes, e.g. to avoid overloading the servers (especially in the case of malicious attacks, so-called DDoS attacks), as well as to ensure capacity utilization of the servers and their stability.

  • Types of data processed:Content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
  • Data subjects:Users (e.g. website visitors, users of online services).

 

Cloud Services

We use software services that are accessible on the Internet and that run on the servers of their providers (known as “cloud services” and also referred to as “software as a service”) for the following purposes: document storage and management, calendar management, emailing, spreadsheets and presentations, exchanging documents, content and information with specific recipients or the publication of  web pages, forms or other content and information, as well as chats and participating in audio and video conferences.

In this context, personal data may be processed and stored on the servers of the providers, as far as they are part of communication processes with us, or otherwise processed by us as described in this Privacy Policy. This data may include, in particular, master data and contact data concerning the users, data on procedures, contracts, other processes and their contents. The providers of cloud services also process usage data and metadata that they use for security purposes and service optimization.

If we use cloud services to provide other users or publicly accessible websites with forms or other documents and content, the providers may store cookies on the users’ devices for web analysis purposes or to remember user settings (e.g. in the case of media control).

 

Information on legal bases: If we request your consent for the use of cloud services, the legal basis for processing is consent. Furthermore, their use may be integral to our steps prior to entering into a contract, provided that the use of cloud services has been agreed in this context. Otherwise, user data is processed on the basis of our legitimate interests (e.g. interest in efficient and secure administration and collaboration processes).

  • Types of data processed:Inventory data (e.g. names, addresses), contact data (e.g. email, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
  • Data subjects:Customers, employees (e.g. employees, applicants, former employees), interested parties, communication partners.
  • Purposes of processing:Office and organizational procedures.

 

Used services and service providers:

  • Microsoft Cloud Services:cloud storage services; service providers: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA; website: https://microsoft.com/de-de; Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement, Security Notices: https://www.microsoft.com/de-de/trustcenter;

 

Presence in Social Networks

We maintain online presences within social networks and process user data in this context in order to communicate with users who are active there or to offer information about us.

Please be aware that user data may be processed outside your country or region. This may result in risks for the users, as the exercise of user rights may be more difficult in this case.

Furthermore, user data within social networks is usually processed for market research and advertising purposes. Hence, for example, user profiles may be created that reflect user behavior and their corresponding interests. In turn, the profiles can be used, for example, to place advertisements inside and outside of the networks that presumably reflect the interests of the users. For these purposes, cookies are ordinarily placed on the users’ computers, in which the usage behavior and interests of the users are stored. Furthermore, data may also be stored in the user profiles, regardless of which devices are used to access the services (especially if the users are members of the individual platforms and are logged in to them).

For a detailed description of the respective forms of processing and the possibilities to object (opt-out), we refer to the privacy policies and the information provided by the operators of the individual networks.

In regard to requests for information and the assertion of data subject rights, we would also like to point out that these rights and request can best be exercised towards the providers. Only the providers have access to the user data of the users, can take appropriate measures and provide information directly. You may also contact us if you require assistance.

  • Types of data processed:Inventory data (e.g. names, addresses), contact data (e.g. email, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
  • Data subjects:Users (e.g. website visitors, users of online services).
  • Purposes of processing:Contact enquiries and communication, tracking (e.g. interest/behavioral profiling, use of cookies), remarketing, reach measurement (e.g. access statistics, recognition of returning visitors).

 

Plugins, Embedded Functions and Content

Our online presence has integrated functional and content elements that are obtained from the servers of the respective providers (referred to in the following as “third-party providers”). They may include artwork, videos or social media buttons, as well as contributions (collectively referred to in the following as “content”).

To enable integration, the third-party providers of this content must always process the IP address of the user, as they are unable to send content to the user’s browser without the IP address. The IP address is therefore necessary in order to display this content or functions. We make efforts to select only providers whose individual operators use the IP addresses exclusively for the specified content. Third parties may also use so-called pixel tags (concealed graphic elements, also known as “web beacons”) for statistical or marketing purposes. The pixel tags can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referrer websites, visiting times and other information about the use of our website and may be linked to this kind of information from other sources.

 

Information on legal bases: If we request consent from our users (e.g. in the context of “cookie banner consent”), the legal basis for processing is this consent. Otherwise, user data is processed on the basis of our legitimate interests (e.g. interest in the analysis, optimization and efficient operation of our online presence). In this context, we would like to refer you additionally to the information on the use of cookies in this Privacy Policy.

  • Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses), location data (data indicating the location of an end user’s device).
  • Data subjects:Users (e.g. website visitors, users of online services).
  • Purposes of processing:Provision of our online presence and usability, contractual services and support.

 

Planning, Organization and Auxiliary Tools

We use the services, platforms and software made available by other providers (collectively referred to in the following “third-party providers”) for the purposes of organizing, managing, planning and delivering our services. We comply with the legal requirements for the selection of third-party providers and their services.

In this context, personal data may be processed and stored on the servers of third-party providers. This may affect various data which we process in accordance with this Privacy Policy. This data may include, in particular, master data and contact data of users, data on procedures, contracts, other processes and their contents.

If users are referred to the third-party providers or their software or platforms in the course of communication, business or other relations with us, the third-party providers may process usage data and metadata for security, service optimization or marketing purposes. We therefore request that you observe the privacy policies of the individual third-party providers.

 

Information on legal bases: If we request your consent for the use of third-party providers, the legal basis for processing data is consent. Furthermore, their use may be integral to our services prior to entering into a contract, provided that use of the third-party providers has been agreed in this context. Otherwise, the users’ data will be processed on the basis of our legitimate interests (e.g. interest in efficient, economic and audience-friendly services). In this context, we would like to refer you additionally to the information on the use of cookies in this Privacy Policy.

  • Types of data processed:Inventory data (e.g. names, addresses), contact data (e.g. email, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
  • Data subjects:Communication partners, users (e.g. website visitors, users of online services).

 

Erasure of Data

The data processed by us will be erased in accordance with the legal requirements as soon as the consent to its processing is withdrawn or other permissions cease to apply (e.g. if the purpose for which the data was processed ceases to apply or if it is not necessary for the purpose).

Where the data is not erased because it is required for other and legally permissible purposes, its processing shall be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or that must be stored for the purpose of establishing, exercising or defending legal claims or protecting the rights of another natural or legal person.

For further information on the erasure of personal data, please refer to the individual information on data protection notes in this Privacy Policy.

 

Rights of Data Subjects

As a data subject, you have a variety of rights that are defined in the applicable laws and regulations (e.g. Personal Information Protection Law of China, GDPR, CCPA), in particular as follows:

  • Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, including profiling based on these provisions. Where the data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing, including profiling, insofar as it is linked to such direct marketing.
  • Right to withdraw consent:You have the right to withdraw consent at any time.
  • Right of access:You have the right, in accordance with legal requirements, to obtain confirmation as to whether or not relevant data is being processed and to obtain information on such data, as well as further information and a copy of the data.
  • Right to rectification:You have the right, in accordance with the legal requirements, to have incomplete data about you completed or to obtain rectification of incorrect data concerning you.
  • Right to erasure and restriction of processing: You have the right, in accordance with the legal requirements, to obtain erasure of the data concerning you without delay or alternatively to obtain restriction of processing of the data in accordance with the legal requirements.
  • Right to data portability:You have the right, in accordance with the legal requirements, to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.
  • Complaints to the supervisory authority:You also have the right, in accordance with the legal requirements, to lodge a complaint with a supervisory authority, if you consider that the processing of personal data relating to you infringes the applicable laws and regulations.

 

Amendment and Update of the Privacy Policy

We request that you return to this Privacy Policy in regular intervals to ensure that you are familiar with the latest version. We will adapt the Privacy Policy whenever changes in our processing of data necessitate such amendments. We will notify you as soon as these changes require action on your part in regard to cooperation (e.g. to give your consent) or whenever separate notification is necessary.

Where we provide addresses and contact information for companies and organizations in this Privacy Policy, please note that the addresses may change over time, so kindly check the information before making contact. ()