Tipper Tie Privacy Policy

Data Protection Declaration of TIPPER TIE TECHNOPACK GmbH

Throughout Europe, the terms of the EU General Data Protection Regulation (hereinafter: GDPR) apply. We would like to inform you about how our company processes personal data according to this regulation (see articles 13 and 14, GDPR). Should you have any questions about or comments on this data protection declaration, you can at any time contact us at the email address given under No. 2 or 3.

Contents:

Overview
1. Scope of validity
2. Data controller
3. Data protection officer
Details of data processing
1. General information on data processing
2. Accessing the website
3. Job application
4. Contact form
5. User registration and login
6. Product orders
7. Tracking
8. Social media plugins
Rights of data subjects
1. Rights to object
2. Right to inform
3. Right to rectification
4. Right to erasure („right to be forgotten“)
5. Right to restriction of processing
6. Right to data portability
7. Right to revoke consent
8. Right to complaint
Glossary

Overview

In this section of the data protection declaration, you can find information on the scope of validity, the responsibility for data processing, and the data protection officer.
1. Scope of validity
  
  Data processing by TIPPER TIE TECHNOPACK GmbH can be divided into two main categories:
  
  -           All data required for the processing a contract with TIPPER TIE TECHNOPACK GmbH is processed in contract handling. If we involve external service providers, e.g. logistics companies or payment service companies, in the processing of a contract, we transfer your data to them to the extent necessary.
  
  -             When you access the website of TIPPER TIE TECHNOPACK GmbH, various pieces of information are exchanged between your terminal device and our server. This can include personal data. The data collected in this way is used among other things to optimize our website or to display advertising in the browser on your device.
  
  This data protection declaration is valid for the following offerings:
  
  -           Our online offering, accessible at www.tippertie.com;
  
  -           Whenever reference is made to this data protection declaration in one of our offerings (e.g. websites, subdomains, mobile apps, web services or links to third-party sites). This is irrespective of the path or manner in which you access or use them.
  
  Collectively, all these offerings are also called “services”.
2. Data controller
  
  The data controller – i.e. the entity that decides on the purposes and means of processing personal data in connection with the services – is
  
  TIPPER TIE TECHNOPACK GmbH
  Wilhelm-Bergner-Str. 9a
  21509 Glinde
  Phone: +49 40 72 77 04 0
  Email: infoDE@tippertie.com
3. Data protection officer
  
  You can contact our data protection officer
  - via regular post at the above mentioned address for the attention of the data protection officer, or
  - via email at privacy@jbtc.com.

Details of data processing

In this section of the data processing declaration, we inform you in depth about the processing of personal data within the scope of our services. To provide a better overview, we have structured this information according to certain functionalities of our services. During normal use of our services, various functionalities and therefore various types of processing can occur in sequence or simultaneously.

General information on data processing
The following applies to all the processing described below, unless otherwise stated:
1. No obligation to provide data
  
  There is no obligation, either contractual or statutory, to provide personal data. You are not obliged to provide data.
2. Consequences of non-provision
  
  In the case of required data (data marked as mandatory in input masks), if you do not provide this data, you will not be able to use the corresponding service. In other areas, non-provision may have the result that we cannot provide our services in the same form and quality.
3. Consent
  
  In various cases, you have the option of giving us your consent to further processing (possibly of some of your data) in connection with the processing described below. If you declare your consent, we will inform you separately about all modalities as well as the scope of your consent, plus the purposes of the processing.
4. Transfer of personal data to third countries
  
  When we transfer data to third countries, i.e. countries outside the European Union, we strictly observe the statutory admissibility requirements for this.
  
  The admissibility requirements are specified in Art. 44 -49, GDPR.
5. Hosting at external service providers
  
  To a large extent, our data processing also involves so-called hosting service providers. They provide us with storage space and processing capacities in their computer centers, and on our instruction they also process personal data on our behalf. These service providers process data either exclusively in the EU, or observing an adequate level of data protection which we have guaranteed with the EU standard data protection terms.
6. Transfer to state authorities
  
  We transfer personal data to state authorities (including criminal investigation authorities) when this is necessary for compliance with a legal obligation which we are subject to (legal basis: Art. 6, Section 1 c), GDPR) or if it is necessary for the purposes of enforcing, exercising, or defending legal rights (legal basis: Art. 6, Section 1 f), GDPR).
7. Storage period
  
  We do not store your data any longer than necessary for the specific processing purpose. We regularly delete data which is no longer necessary for ful-filling contractual or statutory obligations, unless it is still necessary to store it temporarily. This can be e.g. for the following reasons:
  - Storage obligations under commercial and fiscal law
  - Retention of evidence for legal disputes within the framework of statutes of limitation
  We can also continue to store your data if you have expressly given your consent to this.
8. Recipient categories
  
  Apart from the recipient categories explicitly listed below, we also transfer personal data to the following recipient categories: shipping and delivery service providers, phone and fax companies.
9. Data categories
  - Account data: login/user name and password
  - Personal master data: title, form of address/gender, first name, surname
  - Address data: street, house number, if applicable address supplements, zip code, town/city, country
  - Contact data: phone number(s), fax number(s), email address(es)
  - Login data: information about the service you have used to log in; time and technical information about the login, confirmation and logout; data provided by you during login
  - Order data: products ordered, prices, payment and delivery information
  - Payment data: account details, credit card details, data on other payment services such as Paypal
  - Access data: date and time you visit our service; the site used by the accessing system to access our site; site accessed during use of our site; session IDs; plus the following information about the computer system used to access the site: internet protocol address (IP address), browser type and version, device type, operating system, and similar technical information
  - Job application data: CV, references, work samples, certificates, images

Accessing the website

Here we describe how we process your personal data when you access our services. We would like to point out in particular that it is unavoidable that we transfer access data to external content providers (see b.) because of the way data is transferred technically in the internet.

a. Information on processing
Data category	Purpose	Legal basis	If applicable, legitimate interest	Storage period
Access data	Establishment of connection, representation of the contents of the service, detection of attacks on our website based on unusual activities, error diagnosis	Art. 6 Section 1 f) GDPR	Correct functioning of the services, data security and security of business processes, prevention of misuse, protection against damage caused by attacks in computer systems	7 days

b. Recipient of the personal data
Recipient category	Relevant data	Legal basis of transfer	If applicable, legitimate interest
External content providers who provide content (e.g. images, videos, embedded postings from social networks, advertising banners, fonts, update information) which is necessary for display of the service	Access data	Art. 6, Section 1 f), GDPR	Correct functioning of the services, (accelerated) representation of the contents
Hosting service providers based in the USA	Access data	EU-US Privacy Shield

c. External contents that transfer to external providers in third countries
Name of the service	Functionality	Data transfer to third country?	If applicable, adequacy decision (Art. 45 GDPR)	If applicable, appropriate safeguards (Art. 46 GDPR)
Google Fonts	Fonts	Yes		EU-U.S. Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Google Maps	Inclusion in contact form	Yes		EU-U.S. Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Job application

Within an ongoing job application process, we process your personal data as follows:

a. Information on processing
Data category	Purpose	Legal basis	If applicable, legitimate interest	Storage period
Address data, contact information	Identification, contact, communication prior to entering into a contract	Art. 6 Section 1 b) GDPR		6 months
Master personal data	Identification, contact, age verification	Art. 6 Section 1 b) GDPR		6 months
Job application data	Applicant selection	Art. 6 Section 1 b) GDPR		6 months

b. Recipients of personal data
Recipient category	Relevant data	Legal basis of transfer	If applicable, legitimate interest
Affiliated company	All under a.	Processing by external processors according to. Art. 28 GDPR

Contact form

Here we describe what happens with your personal data when you use our contact form:

a. Information on processing
Data category	Purpose	Legal basis	If applicable, legitimate interest	Storage period
Contact information (mandatory)	Inquiries from customers and interested parties	Art. 6 Section 1 Point f) GDPR	Processing inquiries	The period needed for processing the inquiry
Master personal data	Personalization of inquiry processing	Art. 6 Section 1 Point f) GDPR	Personalization of inquiry processing; delivery options in case of e.g. replacement delivery, information material …	The period needed for processing the inquiry
Address information	Postal dispatch	Art. 6 Section 1 Point f) GDPR	Delivery option in case of e.g. replacement delivery, information material ...	The period needed for pro-cessing the inquiry
Free text (mandatory box)	Information on the subject	Art. 6 Section 1 Point f) GDPR	Processing inquiries	The period needed for processing the inquiry

b. Recipients of personal data
Recipient category	Relevant data	Legal basis of transfer	If applicable, legitimate interest
-

User registration and login

To register an account and for subsequent logins, we process personal data as follows:

a. Information on processing
Data category	Purpose	Legal basis	If applicable, legitimate interest	Storage period
Contact Information	Identification, contact, communication prior to entering into a contract	Art. 6 Abs. 1 b) DSGVO		Until the user deletes the account
Master personal data	Identification, contact, age verification	Art. 6 Section 1 b) GDPR		Until the user deletes the account
Address data	Ability to deliver mail	Art. 6 Section 1 b) GDPR		Until the user deletes the account
Account data	To enable login	Art. 6 Section 1 b) GDPR		Until the user deletes the account
Login data	Time of login and logout	Art. 6 Section 1 f) GDPR	Verification of account use	7 days

b. Recipients of personal data
Recipient category	Relevant data	Legal basis of transfer	If applicable, legitimate interest
-

Product orders

In the following, we describe how your personal data is processed when you order products from our range:

a. Information on processing
Data category	Purpose	Legal basis	If applicable, legitimate interest	Storage period
Personal master data	Product ordering	Art. 6 Section 1 Point b) GDPR	Ordering and paying for the product (invoice information)	For the duration of the order processing and/or 10 years in the case of invoices
Contact information	Product orders	Art. 6 Section 1 Point b) GDPR	Ordering and paying for the product (invoice information)	For the duration of the order processing and/or 10 years in the case of invoices
Order data	Product orders	Art. 6 Section 1 Point b) GDPR	Order (invoice information)	For the duration of the order processing and/or 10 years in the case of invoices
Payment data	Product orders	Art. 6 Section 1 Point b) GDPR	Payment for the product (invoice information))	For the duration of the order processing and/or 10 years in the case of invoices
Address information	Product orders	Art. 6 Section 1 Point b) GDPR	Delivery of the product (invoice information)	For the duration of the order processing and/or 10 years in the case of invoices

b. Recipient of the personal data
Recipient category	Relevant data	Legal basis of transfer	If applicable, legitimate interest
Distributors	All under a.	Processing by external processors according to. Art. 28 GDPR
Distributor (outside the EU)	All under a.	EU standard contractual terms / EU-US Privacy Shield

Tracking

In this section, we describe how your personal data is processed using tracking technologies for analysis and optimization of our services and for adver-tising purposes.

The description of the tracking process also includes information on how you can prevent or object to the data processing. Please note that the opt-out, or rejection of data processing, is usually stored by cookies. If you use our services with a new terminal device or a different web browser or if you have deleted cookies from your browser, you need to opt out again.

The tracking procedures described here only process personal data in pseudonymized form. The data is not linked to a concrete, identified natural person, i.e. the data is not linked to any information about the person behind the pseudonym.

Tracking for analysis and optimization of our services and their use as well as to measure the success of advertising campaigns and to optimize how advertising is displayed

Purposes of the processing
The analysis of user behavior by means of tracking helps us to check the effectiveness of our services. It also helps us optimize them and adapt them to users’ needs as well as rectify any errors. What’s more, it enables the compilation of statistics about the use of our services (reach, intensity of use, surfing behavior of users) based on uniform, standard methods. This provides values that can be compared across the market.

Tracking to measure the success of advertising campaigns allows us to optimize our advertising in the future. It also enables marketers and advertising agencies to optimize their adverts. The purpose of tracking to improve how advertising is displayed is to show users advertising tailored to their interests. This increases advertising success and therefore advertising revenue.
Legal basis of the processing
Legitimate interest according to Art. 6 Section 1 f) GDPR

The individual tracking methods used

Name of the service

Functionality

Opt-out

Data transfer to a third country?

If applicable adequacy decision (Art. 45 GDPR)

If applicable appropriate safeguards (Art. 46 GDPR)

Google Analytics

Web analysis

tools.google.com/dlpage/gaoptout?hl=de

Act On Beacon

Advertising success tracking

Yes

EU-US Privacy Shield

https://www.privacyshield.gov/participant?id=a2zt0000000KzMNAA0&status=Active

general Opt-In/Opt-Out for Tracking: Opt In/Opt Out

If you wish to opt out of behavioral advertising, you can go to the website http://www.youronlinechoices.com/de, click there on “Your ad choices” and follow the instructions to completely or partially prevent the use of data for behavioral advertising by the listed service providers. You will still see advertising, however it will not be tailored to your interests.

Social media plugins

We do not use any social media plugins.

Rights of data subjects
1. Right to object
  
  If we process your personal data for direct marketing purposes, you have to right to object at any time to the processing of personal data con-cerning you for such marketing with effect for the future. This also applies to profiling in as far as it is connected to such direct marketing.
  
  Furthermore, you have the right, for reasons which result from your specific situation, to object to the processing of your personal data according to Art. 6 Section 1 Points e) or f) GDPR at any time with effect for the future. This also applies to profiling according to these provisions.
  
  You can exercise your right to object free of charge.
  
  You can contact us using the contact details given in I.2.
2. Right to information
  
  You have the right to information about whether we process your personal data, what this data is, where applicable, and further information according to Art. 15 GDPR.
3. Right to rectification
  You have the right to obtain from us without delay the rectification of inaccurate personal data about you (Art. 16 GDPR). Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
4. Right to erasure (“right to be forgotten”)
  
  You have the right to obtain from us the erasure of personal data concerning you without delay if one of the reasons stated in Art. 17 Section 1 GDPR applies and the processing is not necessary for one of the purposes specified in Art. 17 Section 3 GDPR..
5. Right to restriction of processing
  
  You have the right to obtain restriction of processing your personal data when one of the conditions specified in Art. 18 Section 1 Points a) to d) GDPR applies.
6. Right to data portability
  
  You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format. Furthermore, you have the right to transmit this data to another party without hindrance from us. You also have the right to have the personal data transmitted directly from us, where this is technically feasible. This applies when the data processing is based on your consent or on a contract and the data processing is automated. Therefore, this does not apply when the data is only kept on paper.
7. Right to revoke consent
  
  If processing is based on your consent, you have the right to revoke your consent at any time. This does not affect the legality of the processing which took place based on your consent up to the time of your revocation.
8. Right to complaint
  
  You have the right to lodge a complaint with a supervisory authority
Glossary

External processor: A natural or legal person, authority, institution or other party that processes personal data on behalf of the data controller.

Browser: A computer program for website display (e.g. Chrome, Firefox, Safari).

Cookies: A small text file stored locally on a user’s computer when he visits a website. This file stores data about the user’s behavior. If the user accesses the browser and visits the website again, the cookie sends the web server information about the user’s surfing behavior, based on the stored data.

This information can be about the settings the user has made on a website, but also information about the user the website has collected fully auto-matically. Subsequently, the same web server can read these locally stored text files. Most browsers automatically accept cookies. You can manage cookies in your browser functions (usually under Options or Settings). There you can disable cookies, make them subject to your consent in each case, or otherwise restrict them. You can also delete cookies at any time.

Third countries: Countries which are not subject to the EU Data Protection Directives (countries outside the EEA).

Personal data: All information relating to an identified or identifiable natural person. An identifiable natural person is a natural person who can be identified directly or indirectly, in particular by means of allocation to an ID such as a name, to an identity number, to location data, to an online name, or to one or more special characteristics which express the physical, physiological, genetic, psychological, economic, cultural, or social identity of this natural person.

Pixel: Pixels are also known as clear gifs, tracking pixels, web beacons, or web bugs. They are small, transparent graphical images in html e-mails or on websites. When a document is opened, the small image is downloaded by a server and registered there. This enables the server operator to see whether and when an email was opened or a website visited. Usually, this function is achieved with a small program (Javascript). It means that certain types of information on your computer system can be recognized and transferred, e.g. the contents of cookies, the time and date you accessed a site, and a description of the site where the clear gif is.

Profiling: Any type of automated personal data processing that uses the data to analyze certain personal aspects relating to a natural person. This is done in particular to analyze or predict aspects such as the natural person’s work, economic situation, health, personal preferences, interests, reliability, location, or change of location.

Services: Our offerings to which this data protection declaration applies (see Scope of validity).

Tracking: Collection and analysis of data about the behavior of users of our site.

Tracking-technologies: Tracking can be achieved using the logfiles stored on our web servers, or using data logging from your terminal device by means of pixels, cookies, and similar tracking technologies.
Processing: Any process performed with or without the help of automation or any such series of processes in connection with personal data such as the collection, logging, organization, sorting, storage, modification or alteration, reading, requesting, use, disclosure by means of transfer, dissemination, or any other form of provision, comparison or linking, restriction, deletion, or destruction.