The protection of your personal data is important to us. Pursuant to the EU General Data Protection Regulation (art. 13 GDPR) we are obliged to inform you on the purpose for collecting, saving or forwarding data and about your rights of data protection. The content and scope of the data processing essentially corresponds to the respective data that you provide or the data that are required for the business relationship or communication.
Who is responsible for data processing and who can I contact?
The responsible parties, the contact details of the data protection officer and the address of the supervisory authority can be found in the imprint of this website.
Which data are processed and from which sources do they come from?
We process personal data that we receive from you, from a partner commissioned by you or from one of our business partners in the context of our business relationship. In addition, we process data that we have legitimately received from publicly accessible sources (e.g. commercial register, address directory, media, trade fair participants, webinars). Personal data include your personal details (e.g. title, name, country, address, e-mail address and telephone number, delivery addresses, order and invoice data, information on creditworthiness, documentation data, trade fair talk minutes, etc.).
Personal data are processed especially in the following business processes:
visits to the website
initiation of contact
visitor registration, Wi-Fi guest access
job applications and vocational training
trade fairs, events and product training
advising by our employees or by trade partners
order processing, delivery, invoicing
customs and compliance screening, reporting of accidents (processes based on legal obligations)
temporary work, training, vacation assistant programs
quality inspections and quality certificates, claims
communication and videoconferencing (e.g. via Microsoft Teams)
For which purposes and on which legal basis is the data processed?
We process personal data only in the context of our business activity.
The legal basis for the processing is based on a contractual relationship or a relationship of mutual trust preceding conclusion of a contract, or legal requirements, or based on legitimate interest of our company or based on your consent or if you contact us (e.g., at trade fairs, by e-mail, by post, by telephone or via this website).
In the context of the business relationship, you need to provide the personal data required to initiate and maintain the business relationship, and those data that we are legally obligated to collect. If you do not provide us with these data, then we will, as a rule, have to reject your requests or your contact query, conclusion of the contract, or explanation of the order, or have to end an existing contractual relationship.
If you have granted us your consent to processing your personal data, then the processing is carried out only according to the purposes stated in the declaration of consent and in the scope agreed therein. Once granted, your consent can be revoked at any time with future effect without stating reasons, as long as this is legally permissible. Please be aware that lawmakers classify job applications as a pre-contractual business relationship, and application documents are stored for 6 months after conclusion of the application process.
Moreover, we reserve the right to store your first and last names, your mailing address and - if we have received this additional information from you in the context of a contractual relationship - your title, academic degree and your professional, sectoral or business designation in compiled lists and use for own advertising purposes, e.g., for sending interesting offers and information on our products by mail. You can object to the storage and use of your data for these purposes at any time by giving notice at the address stated in the mailing.
If we provide services in advance, e.g., in the case of a purchase on account, we reserve the right to procure information on identity and creditworthiness from service companies specializing in this (credit agencies) to protect our justified interests.
Who is the recipient of my data?
We only transfer your data to third parties if this is permitted by law, if you have provided consent or the transfer is required for fulfilment of our business aims.
If possible, the data are anonymized or pseudonymized for this purpose.
Within our corporate group, only the offices or employees that require your data to meet our contractual, legal or supervisory obligations or for protection of justified interests will receive them.
In addition to this, we transfer your data to processors commissioned by us:
Data are also transferred to public agencies and institutions (tax authorities, other authorities, customs offices), if there is a legal or supervisory obligation to do so.
All processors and marketing or trade partners are obligated by contract to process your data only in the context of the provision of services and pursuant to provisions of data protection law in force.
IT and hosting service providers
security services, visitor registration and registry
credit institutions and payment providers to settle the payment transactions if orders have been placed
back office service providers for handling advertising mailings
suppliers for settlement of product and sample orders
laboratories and institutes for testing of products
transport and logistic fulfillment
How long will my data be stored?
We store your data only as long as it is required for the processing of the business transaction or in compliance with documentation obligations. Legal requirements stipulate that trade letters must be stored at least 6 years, but at least 10 years if their content is relevant for tax purposes. Moreover, our IT systems are equipped with comprehensive data backup concepts that do not permit earlier deletion. In this case, access to data is restricted after expiry of the allowed storage period. Job application documents are saved or stored 6 months after the position has been filled, but if the application is made through an employment agency, then the master data must be stored for a longer time.
Which data protection rights do I have?
You have the right to access the information free of charge regarding data that we have saved about you, as well as a right to correction, blocking or deletion of these data. If you have granted your consent for data processing, then you can revoke your consent for future processing.
For this purpose, at first, please contact the person you have been recently in contact with. In addition, you can contact our Data Protection Officer.
If you believe that we breach European data protection law by processing your data, then we request you to contact us so that we are able to clarify your concerns. Furthermore, you have the right to lodge a complaint with the competent supervisory authority for data protection, if you believe that your personal data is being processed unlawfully.
How safe is my data?
We make use of state-of-the-art security measures to protect your data appropriately. Our employees, subcontractors and trade partners must observe our guidelines on information security.
Additional Information for this Website, for Online Services and for Marketing
For job applications we use the HR specialized cloud provider HAUFE-UMANTIS AG, Unterstrasse 11, 9001 St. Gallen, Switzerland. To gain access to the job application system, you must register with your e-mail address and password and you have to accept the data protection notice for job applications.
Additional Information for Social Media Activities
We have our own presence in various social media to present ourselves, provide information, get in touch with the respective users and to communicate with them. Social networks such as LinkedIn can generally analyze user behavior extensively.
Even if you are not logged in to your social media account they can recognize you as an unlogged/non-registered user via “cookies” and use statistical data obtained from your next login.
Although some of the social networks provide user information to the owners of business accounts or fan pages, we do not use this information.
Additional Information for Videoconferencing and Microsoft365
Through the video conferencing feature of Microsoft Teams, we enable holding meetings and online events. There is no recording of the videoconference, unless this is expressly agreed upon. We carry out the data processing on the basis of a legitimate interest.
We use Microsoft as a processor according to Article 28 GDPR.
M365 is a software from the company: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park Leopardstown, Dublin 18 D18 P521, Ireland.
Microsoft Teams is part of the cloud application M365. A user account is automatically created for use. Data processing with M365 is done on servers in data centers in the European Union in Ireland and the Netherlands. For this purpose, Mektec has concluded a controller-processor agreement with Microsoft.
For the purpose of remote maintenance, Microsoft may request access. We will then check this access on a case-by-case basis and grant it, if approved. In this case, such access may also be made by Microsoft affiliates from outside the European Union. Only in the event of access from outside the European Union we have approved in the individual case, we concluded standard EU contracts with Microsoft. In order to guarantee an adequate level of data protection when transferring personal data to a third country, we have, as described above, additional measures in the form of state-of-the-art technical and organizational measures, such as access and encryption concepts for networks, databases, and servers.
Microsoft reserves the right to process customer data for its own legitimate business purposes. We have no influence on these Microsoft data processing operations. To the extent that Microsoft Teams processes personal information in connection with legitimate business purposes, Microsoft independently monitors such data processing activities and, as such, is responsible for compliance with all applicable privacy policies.
Login data and IP addresses are deleted in accordance with legal requirements.
Extensive technical and organizational measures have been agreed with Microsoft, which correspond to the current state-of-the-art technology.
Adjustment of the Data Privacy Notice
Please be aware that we can make adjustments of this Data Privacy Notice at any time.