Privacy Policy

Version: July 20, 2017

The following privacy notice is valid for the online offer at glomex.com.

Controller

Controller is glomex GmbH, Landsberger Str. 110, 80339 München, in the following referred to as "we" or "us".

Collection and Processing of Personal Data

General
All information which is related to an identified or identifiable natural person (e.g., name, address, phone number, date of birth or email address) is personal data.
In general, you are able to use our online offer without providing personal data. The usage of certain services may, however, require you to provide personal data, e.g., registration or the participation in a raffle. Mandatory fields are generally denoted with an *.
Registration
In case you wish to use services which first require the formation of a contract, we will ask you to register. Within the scope of registering, we collect personal data necessary for the formation and performance of the contract (e.g., first name, last name, date of birth, email address, if applicable - details on the desired payment method or on the account holder) as well as, if applicable, further data on a voluntary basis. Mandatory fields are denoted with an *.
Purposes of Processing and Legal Basis for the Processing
We process your personal data for the following purposes, based on the Legal Bases listed:
• Providing this online offer.
(Legal basis: Performance of a contract).
• House and third party advertising as well as market research and reach measurement to the legally allowed extent or based on consent.
(Legal basis: legitimate interests; there is a legitimate interest in direct marketing as long as marketing occurs while complying with data protection and fair trade laws)
• Dispatch of a newsletter with the recipient's consent via email or SMS/MMS.
(Legal basis: Performance of a contract).
Data Transfer to Third Parties, Service Providers
Data Transfer to Third Parties
Your personal data is generally only being transferred to third parties as far as this is necessary for performance of the contract, if we or the third party have legitimate interests in transferring or if you have consented to this. If data is transferred to third parties based on legitimate interests, this will be explained in this privacy notice.
Beyond or in addition to this, data may be transferred to third parties as far as we are obligated to do so under statutory provisions or an enforceable decision made by an authority or a court.
Service Providers
We reserve the right to use service providers in collecting or processing data. Service providers are only given personal data that is necessary for their concrete task. This means that your email address may be forwarded to a service provider so you can receive a newsletter that you ordered. Service providers may also be assigned to provide server capacity. Service providers are generally involved as so-called processors which may only process users' personal data based on our instructions.
Data Transfer to Non-EEA Countries
We also forward personal data to third parties or processors who are located outside EEA countries. In such cases we ensure prior to the transfer that the transfer is subject to appropriate safeguards (e.g., by self-certification of the recipient for the EU US Privacy Shield or by having agreed upon so-called standard dta protection clauses of the European Union with the recipient) or sufficient user consent is given.
You may receive an overview of third country recipients and a copy of the appropriate or suitable safeguards in place. Please use the details provided in the Contact section.
Duration of Storage; Retention Periods
We store your data as long as it is necessary to provide our online offer and the services connected with it or as long as we have a legitimate interest in continued storage. In all other cases, we delete your personal data with the exception of such data that we are required to retain for the purpose of contractual or statutory (e.g., taxation or commercial law) retention periods (e.g., invoices). At this point, contractual retention periods may also result from contracts with third parties (e.g., those holding copyrights or IP rights).
Data that is only retained because it is subject to a retention period is restricted from processing until the period expires and will then be deleted.

Data Transfer to Third Parties

Your personal data is generally only being transferred to third parties as far as this is necessary for performance of the contract, if we or the third party have legitimate interests in transferring or if you have consented to this. If data is transferred to third parties based on legitimate interests, this will be explained in this privacy notice.
Beyond or in addition to this, data may be transferred to third parties as far as we are obligated to do so under statutory provisions or an enforceable decision made by an authority or a court.
Service Providers
We reserve the right to use service providers in collecting or processing data. Service providers are only given personal data that is necessary for their concrete task. This means that your email address may be forwarded to a service provider so you can receive a newsletter that you ordered. Service providers may also be assigned to provide server capacity. Service providers are generally involved as so-called processors which may only process users' personal data based on our instructions.
Data Transfer to Non-EEA Countries
We also forward personal data to third parties or processors who are located outside EEA countries. In such cases we ensure prior to the transfer that the transfer is subject to appropriate safeguards (e.g., by self-certification of the recipient for the EU US Privacy Shield or by having agreed upon so-called standard dta protection clauses of the European Union with the recipient) or sufficient user consent is given.
You may receive an overview of third country recipients and a copy of the appropriate or suitable safeguards in place. Please use the details provided in the Contact section.
Duration of Storage; Retention Periods
We store your data as long as it is necessary to provide our online offer and the services connected with it or as long as we have a legitimate interest in continued storage. In all other cases, we delete your personal data with the exception of such data that we are required to retain for the purpose of contractual or statutory (e.g., taxation or commercial law) retention periods (e.g., invoices). At this point, contractual retention periods may also result from contracts with third parties (e.g., those holding copyrights or IP rights).
Data that is only retained because it is subject to a retention period is restricted from processing until the period expires and will then be deleted.

Log Files

Every time you use the internet, your internet browser automatically transmits certain information which is then saved by us in log files.
We save log files for the purposes of determining disruptions and for security reasons (e.g., to elucidate attack attempts) for a period of 7 to 10 days and delete them thereafter. Log files which need to remain stored for evidence purposes are excluded from deletion until the respective incident has been finally resolved and may be forwarded to investigating authorities on a case-by-case basis.
Log files contain especially following information:
• IP address (internet protocol address) of the terminal device which is used to access the online offer;
• Internet address of the website from which the online offer is accessed (so-called URL of origin or referrer URL);
• Name of the service provider through which access to the online offer occurs;
• Name of accessed file or information;
• Date and time and duration of access;
• Amount of data transmitted;
• Operating system and informations on the internet browser used, including add-ons installed (e.g., for the Flash Player);
• http status code (e.g. “request successful” or “file not found”).

Cookies

What are Cookies?
Cookies are little text files that are sent when visiting an internet page and are stored in a user’s browser. In case the respective internet page is accessed once again, the user’s browser sends back the content of the cookies and, thus, allows for the recognition of the user. Certain cookies are automatically deleted upon ending the browser session (so-called session cookies), others are saved for a set time or permanently in the user’s browser and delete themselves thereafter (so-called temporary or persistent cookies).
Which Files are Saved in the Cookies?
Cookies generally do not contain personal data, but instead only an online ID.
How can you Avoid the Usage of Cookies or Delete Cookies?
You can deactivate the storage of cookies through your browser settings and you may delete cookies that have already been saved in your browser at any time (see Technical Notes). Please take note that this online offer might not be functional without cookies or the functionality might be reduced.
Please be further advised that refusing to allow the creation of usage profiles partially works through „opt out cookies“. In case you delete all cookies, an objection might, under certain circumstances, no longer be considered or be valid and would have to be restated.
What Cookies do we use?
Cookies Strictly Necessary for a Service
Some cookies are strictly necessary so we can host our online offer safely. This category includes, e.g.,
• Cookies which serve the purpose of identifying or authenticating our users;
• Cookies that temporarily store certain user entries (e.g., shopping basket content or content of an online form);
• Cookies that remember certain user preferences (e.g., search query and language settings);
• Cookies that store data to ensure the uninterrupted playback of video and audio content;
Analytics Cookies
We use analytics cookies to record and statistically evaluate our users’ usage behavior (e.g., clicked ad banners, visited subpages, search queries asked).
Google Analytics

Google Analytics is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). We use Google Analytics with the additional function offered by Google to anonymize IP addresses. While doing so, Google already shortens IPs within the EU in most cases and only does so in the United States in exceptional cases, while always saving shortened IPs only.

You may object to the collection or processing of your data by using the following link to download and install a browser plugin: http://tools.google.com/dlpage/gaoptout?hl=en.

Newsletter

Newsletter with Registration; Right of Revocation
We give you the possibility to subscribe to a newsletter. You can withdraw your respective consent at any time. To do so, please use the unsubscribe link located at the end of each newsletter or contact us via e-mail to info@glomex.com or via the information provided in the Contact section.

Users’ Rights (Rights of the Data Subject)

You have the right to receive information as well as – under certain prerequisites – the rights to correction, deletion, restriction of processing or objection to personal data processing and – from May 25, 2018, on – the right to data portability.
Right to object against direct marketing
Additionally, you may at all times object to the processing of your personal data for advertising purposes ("advertisement objection"). Please take into account that, due to logistical reasons, there might be an overlap between your objection and the usage of your data within the scope of a campaign which is already running.
In case you consented to the processing of your data, you can always revoke this consent at any time. The lawfulness of processing based on consent before its withdrawal remains unaffected.
To enforce your rights, please use the details provided in the Contact section. When doing so, please ensure that it is possible to clearly and unambiguously identify you..
Right to Complain with the Regulatory Authority
You have the right to file a complaint with a data protection authority. You can appeal to the data protection authority, which is competent for your place of residence or your state or to the data protection authority which is competent for us. This is:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
D-91522 Ansbach
poststelle@lda.bayern.de

Contact:
We and our data protection officer are available for your inquiries and suggestions regarding data protection at the email address info@glomex.com.

If you want to contact us, you can reach us as follows:

glomex GmbH, Landsberger Str. 110, 803398 Munich, Germany

Annex: Technical Notes

Internet Explorer:
• Manual:
http://windows.microsoft.com/de-de/internet-explorer/delete-manage-cookies#ie=ie-11-win-7

Mozilla Firefox:
• Manual:
https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Google Chrome:
• Manual: https://support.google.com/chrome/answer/95647
Safari:
• Manual: http://help.apple.com/safari/mac/8.0/#/sfri11471