EEA and UK PRIVACY POLICY
1. About This Policy
This policy applies to you (a) if you interact with Sumitomo Electric Industries, Ltd. (“SEI”) and you are based in the European Economic Area (“EEA”) or the UK or (b) if you interact with SEI’s affiliates and related entities (listed in, but not limited to, the following link, “Group Companies”) based in the EEA or the UK or (c) if EEA or UK data protection law otherwise applies.
This policy, which should be read together with our Global Privacy Policy, describes how we will make use of your data when you interact with us and our websites, and when you receive communications from us or otherwise communicate with us, when your organisation is our business partner, and when you apply to us. The list of relevant data controllers and their contact details can be found in the “Contact Us” section. A reference to “we,” or “us” is a reference to SEI and Group Companies involved in the processing of personal data.
In some cases, we may provide additional privacy policies specific to certain products, services and areas. Those specific privacy policies shall supersede this policy to the extent that the clauses set forth in those policies contradict the clauses set forth in this policy.
This policy also describes your data protection rights, including the right to object to some of the processing which we carry out. More information about your rights, and how to exercise them, is set out in the “Your Rights” section.
2. Summary of How We Use Your Data
- We use your personal data for the purposes described in this policy, such as the promotion, sale and supply of our products and services, the management of our relationship with you, and recruitment.
- Data is shared with our Group Companies for administrative purposes and for uses described in this policy. We may also share your personal data with our service providers, such as internet service providers, web analytics service providers, cloud service providers, software venders, sales statistic analytics service providers, recruitment or employment agencies, professional advisors, or consultants. We may share your personal data with potential partners in the event of merger and acquisition, legal or regulatory authorities.
- Due to the global nature of our business, your personal data will be disclosed to Group Companies outside of the EEA and the UK including, in particular, to Japan as a Japanese headquartered company. The European Commission and UK government have determined that Japan offers an adequate level of protection – you can find out more in the adequacy decision(s) here and here. We rely on these decisions for EEA-Japan and UK-Japan transfers.
- Where we rely on your consent, you can withdraw this consent at any time.
3. Personal Data Obtained by Us
We collect and process personal data about you when you interact with us and our websites, and when you receive communications from us or otherwise communicate with us, when your organisation is our business partner and we deal with you in that capacity, and if you apply to us. This includes:
- Identity and Contact Data
Name, age, date of birth, gender, occupation, address, country of residence, and other information related to contact details, such as phone number, email address, and social media accounts;
- Products and Services Data
Information related to products and services your organisation has purchased;
- Communications Data
Details regarding your opinions, requests, inquiries, survey responses and the other information you provided;
- Technical Data
Technical data including access data, Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website;
- Usage Data
Information about how you use our website, products and services;
- Marketing Data
Your preferences in receiving marketing from us and the third parties engaged by us and your communication preferences; and
- Application-related Information
Information relating to experience, education and right to work checks if you apply to work for us.
We will not obtain or use sensitive information that reveals your data concerning health, genetic data, data concerning sexual orientation, or the like, unless provided for in laws and ordinances or you consent to us doing so.
You may be required to provide us with certain data because the provision of personal data is required by statute or contract, or is a necessary to enter into a contract with us. In this case, if you do not provide your personal data, we may not be able to provide you with our service.
4. How We Collect Your Personal Data
We may obtain the personal data described above both directly from you and through third parties, such as contractors, business partners, and social media providers (including Facebook and Google). More specifically, we collect and process the following personal data about you from each of these sources:
1. Information you give us.
This includes information about you that you give us through inquiry forms on our website, or by communicating with us, whether by email, letter or otherwise. The information you give us is likely to include your contact information such as your name, address, email address, phone number.
2. Information third parties give us.
This includes information about you that third parties give us through inquiry forms on our website, or by communicating with us, whether by email, letter or otherwise. If you apply to us, we may collect application-related information from third parties including referees and people we interview with. If your organisation is our business partner, we may also collect your personal information from your organisation. The information third parties give us is likely to include your contact information such as your name, address, email address, phone number.
3.Information we collect automatically from you.
When you visit our website, the website automatically collects certain types of data related to you. These types of data include access logs, web beacons (also known as pixels), cookies, etc. These types of data may remain in your computer and continue to collect data.
We also may collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this policy.
5. Purpose of Processing Personal Data and Legal Basis
We may only use your personal data for the purposes and legal bases set out below:
| Purpose/Activity | Type of data | Lawful basis for processing |
|---|---|---|
| To register business contact information | (a) Identity and Contact | Necessary for our legitimate interests (to manage our relationship with you or your organisation and keep our records updated) |
| To operate, develop or improve our products, services and websites. | (a) Identity and Contact (b) Products and Services (c) Communications (d) Technical (e) Usage (f) Marketing |
Necessary for our legitimate interests (to fulfil our contract with a business partner; to operate, develop or improve our products, services and websites to meet the needs of our business partners) |
| To process and deliver your organisation’s order including: (a) Manage payments, fees and charges (b) Collect and recover money owed to us |
(a) Identity and Contact (b) Products and Services (c) Communications (d) Marketing |
Necessary for our legitimate interests (to fulfil our contract with a business partner; to develop our relationship with the business partner; and to recover debts due to us) |
| To manage our relationship with you which will include: (a) Notifying you about changes to our terms or privacy policy (b) Asking you to leave a review or take a survey |
(a) Identity and Contact (b) Products and Services (c) Communications (d) Marketing |
(a) Necessary to comply with a legal obligation (such as data protection laws, tax laws and similar obligations) (b) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services) |
| To enable you to partake in a prize draw, competition or complete a survey | (a) Identity and Contact (b) Products and Services (c) Usage (d) Communications (e) Marketing |
(a) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business) |
| To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) | (a) Identity and Contact (b) Technical (d) Usage |
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) (b) Necessary to comply with a legal obligation (such as data protection and similar obligations) |
| To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you | (a) Identity and Contact (b) Products and Services (c) Communications (d) Technical (e) Usage (f) Marketing |
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) |
| To use data analytics to improve our website, products/services, marketing, customer relationships and experiences | (a) Identity and Contact (b) Products and Services (c) Communications (d) Technical (e) Usage (f) Marketing |
Necessary for our legitimate interests (to develop our products/services and grow our business) |
| To provide employment information to applicants and communication with them about selection procedures, either directly or through their universities or employment agencies | (a) Identity and Contact (b) Communications (c) Application-related Information |
Necessary for our legitimate interests (to ensure we recruit possible candidates.) |
| To consider whether or not to hire the applicants and to manage applicants who have been offered employment, and to perform other procedures related to applicants for employment | (a) Identity and Contact (b) Communications (c) Application-related Information |
Necessary for our legitimate interests (to ensure we recruit possible candidates.) |
| To prevent and respond to fraud, violation of relevant policies and rules, threats, and damage | (a) Identity and Contact, (b) Products and Services, (c) Technical (d) Usage |
Necessary for our legitimate interests (to prevent fraud and protect our business interests and rights, or that of individuals and the public.) |
6. Disclosure of Personal Data to Recipient
Personal data will primarily be processed by employees in our website team, business departments, IT and finance departments and our HR team if you apply to us.
We may disclose your personal data to the recipients described as follows.
1. Group Companies (affiliates and related entities of SEI listed in, but not limited to, the following link). We share your personal data with our Group Companies globally for internal administrative purposes and for uses that are consistent with this policy. Particularly, we share your contact information such as addresses, names, your company names, phone numbers, email addresses, or comments on the inquiry form with our Group Companies. Those Group Companies will use the personal data to (i) provide products or services that you requested the company to deliver to you, (ii) improve our products or service, (iii) promote our products or services, marketing events and campaigns, or conduct marketing surveys and analysis, and (iv) develop new products or services. SEI is responsible for management of the personal data shared with the Group Companies.
2.Service Providers. We may share your personal data with service providers, such as internet service providers, web analytics service providers, cloud service providers, software venders, sales statistic analytics service providers, recruitment or employment agencies, professional advisors, or consultants.
3.Others. We may share your personal data with potential partners of merger and acquisition, or legal or regulatory authorities.
Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws.
Please see the relevant personal data categories below:
| Recipient | Category |
|---|---|
| Group Companies | (a) Identity and Contact (b) Products and Services (c) Communications (d) Technical (e) Usage (f) Marketing (g) Application-related Information |
| Service Providers | (a) Identity and Contact (b) Communications (c) Technical (d) Usage (e) Marketing |
| Others (potential partners of merger and acquisition, or legal or regulatory authorities) | (a) Identity and Contact (b) Products and Services (c) Communications (d) Technical (e) Usage (f) Marketing (g) Application-related Information |
7. Cross-Border Transfers
Due to the global nature of our business, your personal data will be disclosed to Group Companies outside of the EEA and the UK including, in particular, to Japan as a Japanese headquartered company. The European Commission and UK government have determined that Japan offers an adequate level of protection – you can find out more in the adequacy decision(s) here and here. We rely on these decisions for EEA-Japan and UK-Japan transfers.
We also transfer your personal data to some third parties which host or access personal data outside of the EEA and UK. Where these locations do not provide an adequate level of data protection, we ensure appropriate safeguards are in place to protect the transfer of your personal data to these countries. Some of these countries are subject to a European Commission adequacy decision. For other countries, we have put in place European Commission-approved standard contractual clauses within group companies or with the relevant third party to protect this personal data. We also rely on other permitted data transfer mechanisms such as relying on the relevant third-party corporate rules (approved by EU data protection authorities and put in place to protect your personal data).
A copy of the relevant mechanism can be obtained for your review on request by using the contact details below.
8. Storage Limit for Personal Data
Unless indicated otherwise, we will retain the personal data that we collect about you for the period necessary to process such personal data. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve these purposes through other means, and the applicable legal requirement.
Generally, we will keep data for a period of [6] years from the point at which it is no longer required, unless there are relevant legal proceedings for which the data is reasonably required. After this period, we will take steps to delete your personal data or hold it in a form that no longer identifies you.
9. Your Rights
You have a number of legal rights in relation to the personal data that we hold about you. These rights include:
1. the right to obtain information regarding the processing of your personal data and access to the personal data which we hold about you;
2. the right to request that we rectify your personal data if it is inaccurate or incomplete;
3. the right to request that we delete your personal data;
4. the right to obtain the personal data you provide in a structured, machine-readable format
5. the right to object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement);
6. the right to object to us about our processing of your personal data;
7. the right to withdraw your consent to our processing of your personal data. (This right only exists where we are relying on consent to process your personal data. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.)
You can exercise your rights by contacting us at the contact details set out in the “Contact us” section. Also, please note that you may need to submit additional information to us to verify your identity before we process your request.
These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law or have compelling legitimate interests to keep.
In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by following the instructions in the communication where this is an electronic message, or by contacting us using the details set out below.
If you have unresolved concerns, you have the right to complain to a data protection authority in the country where you live, work, or where you believe a breach has occurred.
10. Changes to this Privacy Policy
We may modify this policy from time to time and will post the updated policy with a “Last Updated” effective date for the revisions. We recommend that you review this policy periodically. We will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.
11. Contact us
Your information is controlled by SEI and Group Companies. The list of relevant data controllers and their contact details can be found in a table below.
If you have questions about this privacy notice or wish to contact us for any reason in relation to our personal data processing, please contact us at the contact details below.
Data Controller |
Contact Details |
|
|---|---|---|
If you (a) apply to, (b) provide your services to, or purchase products and services from, (c) visit the web site of, the following companies or their subsidiaries/branches, that company will be the data controller of your personal data. |
||
Automotive Products |
||
Gustav-Stresemann-Ring 1, 65189 Wiesbaden, Germany |
||
Corso Pastrengo 40, 10093 Collegno (TO), Italy |
||
Brandgehaege 11 38444 Wolfsburg-Hattorf, Germany
Phone: +(49)-5308-400-400 Data Protection Officer: Felix Barth Email: datenschutzbeauftragter@sebn.com |
||
Prospect House, Cemetery Road, Silverdale
Newcastle-under-Lyme Staffordshire ST5 6PA, U.K. Phone: +(44)-1782-664700 |
||
Industrial Material |
||
3 Paper Mill Drive, Redditch, Worcestershire, B98 8QJ, U.K. |
||
Sumitomo Electric Hartmetall GmbH |
Konrad-Zuse-Strasse 9, 47877 Willich, Germany |
|
Industriestrasse 2, 73466 Lauchheim, Germany |
||
Forellstrasse 100, |
||
Neckarsulmstrasse 20, |
||
Dischinger Strasse 1, |
||
Electronic Products |
||
Unit 220, Centennial Park, Elstree, Hertfordshire, WD6 3SL, U.K.
Phone: +(44)-208-953-8118 |
||
Oststrasse 89, 22844 Norderstedt, Germany
Phone: +(49)-40-5265010 Data Protection Officer: Hans Schloemer Email: dataprotection@sei-ae.com |
||
SEI Identification Solutions Ltd. |
Pysons Road Industrial Estate, Broadstairs, Kent CT10 2LQ, U.K. |
|
Axis 10 Axis Court, Mallard Way
Swansea SA7 0AJ, U.K. Phone: +(44)-1792-487-290 |
||
SEI Interconnect Products (Hungary), Kft. |
5142, Alattyán, Jászapáti út 1, Hungary |
|
Zum Panrepel 15, |
||
Finance and Legal Services |
||
Octagon Point, St Paul's, 5 Cheapside, London, EC2V 6AA |
||
For all other processing in the context of SEI's products and services: |
||
Sumitomo Electric Industries, Ltd. |
4-5-33, Kitahama, Chuo-ku, Osaka, Japan |
|
Service Provider, Cookies and Social Media
1. Transfer of personal data to service providers
We only transfer the data required for the respective task to the service provider used, if any. Our partners have been extremely carefully selected by us in the context of contract award with respect to proper contract processing. They are obligated to us within the framework of order processing contracts in accordance with Art. 28 GDPR to treat your data properly and to comply with data protection and our own data protection standards. There is no further use of your data by the service provider. In particular, our service providers are not permitted to share your data or use it themselves for commercial purposes. We also continue to be responsible for the protection of your data. By concluding the contract, the service providers used are not considered so-called third parties. Within the context of order processing, we transfer your data to the following recipients:
- Webweisend Media GmbH – Wiesenstraße 21, 40549 Düsseldorf (purpose: creation and support around the website of the SHG);
- Recast IT GmbH & Co. KG – Stephanstraße 24, 42119 Wuppertal (purpose: IT support services, in particular hosting of the website);
- CleverReach GmbH & Co. KG – CRASH Building, Schafjückenweg 2, 26180 Rastede (purpose: service for providing and sending our newsletter).
2. Newsletter
With our newsletter we inform you about our current offers. You can subscribe to our newsletter by giving your consent. To subscribe to our newsletter, we use the so-called double opt-in procedure. This means that after your registration we will send you an e-mail to the e-mail address you provided. In this e-mail, we ask you to confirm that you are the owner of the e-mail address you provided and that you wish to receive messages in the form of the newsletter. The only mandatory information is your e-mail address. In addition, we store your consent. The purpose of this procedure is to prove your registration in the case of possible inquiries by the supervisory authorities and, if necessary, to determine any misuse of your personal data.
You can withdraw your consent to receive the newsletter at any time by clicking on the following link, so that you can unsubscribe from the newsletter at any time. You can withdraw your consent by clicking on the link provided in every newsletter e-mail or by sending an e-mail to marketing@sumitomotool.com. Please note that the processing of your personal data will stay lawful until you withdraw your consent.
3. Use of Salesforce
We use Salesforce, a software for managing contacts and customer relationships (customer relationship management) and for marketing automation. For this purpose, we have concluded an order processing agreement in accordance with Art. 28 GDPR. The following personal data is processed by Salesforce on our behalf:
- First and last name
- Title
- Position
- Employer
- Contact information (company, e-mail, telephone, physical business address)
- ID card data
- Professional life data
- Personal life data
- Localization data
The software is a product of Salesforce, an American company based in San Francisco, California, USA. Data stored in Salesforce is stored in Salesforce's data centers. The company operates data centers in the USA, Canada, Europe. It should be noted that if the data is stored in the US, it is subject to US laws, including Patriot Act and other laws that may allow US authorities to access the data. A level of data protection equivalent to the EU General Data Protection Regulation does not exist in the USA. The legal basis for data processing is Art. 6 para. 1 lit. a) GDPR.
You can find Salesforce's data protection information under the following link: https://www.salesforce.com/company/privacy/
4. Joint controllership and transfer of your data within the SUMITOMO Group
In specific cases and if necessary, we transfer your data within the group to our group companies in order to fulfill contractual obligations or to process your inquiry or for our own organizational purposes. The transfer of data between the group companies is, as far as the registered office of the companies is located in the EEA or the EU, based on an agreement on joint controller of your data in accordance with Art. 26 GDPR. If your personal data is affected by joint controller responsibility, we will inform you about this separately.
5. Use of Cookies and web analytics services on our site
a) Cookies
Our website uses cookies. Cookies are pieces of information that are stored on your operating system when you visit our website. Cookies contain a characteristic string of characters that allows the browser to be uniquely identified when you return to the website.
We use cookies that serve the user-friendly design of our website. Some functionalities of our website make it necessary that the calling browser can be identified even after a page change.
You can find out which cookies we use, for what purpose and on what legal basis in our Cookie Information.
The legal basis for the processing of personal data using technically necessary cookies within the meaning of Section 25 (2) No. 2 Telecommunications Telemedia Data Protection Act (TTDSG) is Article 6 (1) f) GDPR. The purpose of the use of technically necessary cookies is to provide the use of our website for site visitors. Without the use of cookies, some functions of our website cannot be offered. For these functionalities, it is necessary that the browser is recognized even after a page change.
The legal basis for the processing of personal data using cookies for analysis purposes or other, additional services is - if the user has given his consent in this regard - Art. 6 para. 1 lit. a) GDPR.
We require cookies for the following applications and purposes:
You can find out the exact purpose of the individual analysis cookies .
Cookies are stored on the user's terminal device and transmitted from it to our website. As a user, you also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the storage of cookies. If cookies have already been stored, you can delete them at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full. You can find out more about the exact duration of storage here. You can withdraw your consent to the use of optional cookies at any time in the cookie settings.
b) Web tracking by Google Analytics
We use the web tracking service Google Analytics of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") on our website. We use Google Analytics to analyze your user interactions and, through the statistics and reports obtained, to improve our offer and make it more interesting for you as a user.
We record the interactions between you as a user of the website and our website primarily with the help of cookies, data on the device/browser and IP addresses. Google Analytics also collects your IP addresses. This is to ensure the security of the service and to collect information about which country, region or location the respective user comes from (so-called "IP location determination").
However, we use the anonymization function ("IP masking") for your security. This means that Google shortens the IP addresses within the EU/EEA by the last octet.
The full IP address is only transmitted to a Google server in the USA in exceptional cases and shortened there.
The information generated by the cookies and the (usually shortened) IP addresses about your use of this website are usually transmitted to a Google server in the USA and processed there.
More information on terms of use and data protection as well as data use by Google can be found at:
https://policies.google.com/technologies/ads?hl=de and https://policies.google.com/privacy?hl=de.
The legal basis for the collection and further processing of the information (which takes place for a maximum of 14 months) is your given consent (Art. 6 para. 1 p. 1 lit. a) GDPR). The withdrawal of your consent is possible at any time, without affecting the legitimacy of the processing until the withdrawal. The easiest way to withdraw your consent is to use our Consent Manager or to install the Google browser add-on, which can be accessed via the following link: https://tools.google.com/dlpage/gaoptout?hl=de/
For more information on the scope of services provided by Google Analytics, please visit https://marketingplatform.google.com/about/analytics/terms/de/. Google provides information on data processing when using Google Analytics at the following link: https://support.google.com/analytics/answer/6004245?hl=de/
6. Social media use and appearances
Our websites use icons or symbols of social media providers (Xing, LinkedIn, Youtube, Facebook, Instagram). We only use these for passive linking to the pages of the respective providers.
The privacy policies of the social media providers can be found at:
New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany: https://privacy.xing.com/de/datenschutzerklaerung
LinkedIn Irland Unlimited Company, Wilton Place, Dublin 2, Irland:
https://de.linkedin.com/legal/privacy-policy
Youtube
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland:
https://policies.google.com/privacy?hl=de
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland:
https://m.facebook.com/privacy/policy/version/20220104/
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland:
https://help.instagram.com/155833707900388
a) Privacy policy of the SHG for Facebook
We use under SHG | Facebook the Facebook fan page of the provider Meta Platforms Ireland Ltd ("Facebook") to inform you about our offers and to communicate with you. We would like to inform you that your data may be processed outside the European Union (EU). The processing of personal data outside the EU involves general risks with regard to the enforcement of your data subject rights and the safeguarding of the general protection aims of data protection.
(1) Jointly responsible for the processing are:
Meta Platforms Ireland Ltd.
4 Grand Canal Square
Dublin 2
Ireland
impressum@support.instagram.com
Fax: +1 650 543 5340
and
SUMITOMO Electric Hartmetall GmbH
Konrad-Zuse-Straße 9
47877 Willich
Germany
Further information on the responsible SUMITOMO together with contact details, for example the telephone number, can be found in the imprint.
Facebook assumes primary responsibility for the processing of Insights data to comply with the obligations arising from the GDPR. These include the fulfillment of necessary information obligations, data subject rights that can be asserted against Facebook, notification obligations in the event of data protection violations, and ensuring appropriate technical and organizational measures for secure processing.
Of course, you can also assert your request for information or other rights to us. In that case, we will be pleased to forward your request to Facebook, as Facebook has access to the relevant user data and can take measures in accordance with your user rights.
(2) Data processing with Facebook
(a) Running a Facebook fan page
We use our Facebook fan page to be able to inform you with news about our offers and to get in contact with you. For example, if you comment on our posts, we process the content of your comment and, if applicable, other data that you provide to us or that is transmitted during your Facebook activity. Depending on the privacy settings of your user profile, we may also have access to further information about your user profile and your Facebook activities (e.g. posts and "likes").
Every time you access our Facebook fan page, your personal data (e.g. IP address; browser data; operating system and device; web pages visited; date and time of access, etc.) is processed by Facebook and cookies are set. However, we have no control over the data collected and the data processing, nor are we made aware of the full extent of the data collection, the purposes of the processing, the storage periods or the deletion of the data collected. This enables Facebook to use your data to create cross-device usage profiles for the purposes of advertising, market research and/or demand-oriented design of its websites. Such use may also occur if you do not have an account with Facebook or are not logged in there. If you are logged in to Facebook, your data will be directly assigned to your existing Facebook account and, if applicable, publicly communicated to further contacts.
Our legal basis for the processing is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is the external presentation and communication with you.
(b) Use of Facebook Insights
The processing of personal data in the use of Facebook takes place with Facebook Insights and also includes processing purposes for market research, advertising and the collection of statistical data. For example, usage profiles can be created from your usage behavior and your resulting interests.
The usage profiles may in turn be used, for example, to serve ads within and outside of Facebook that are presumed to match your interests. Cookies are generally placed on your device to record your user behavior, preferences and interests, as well as to create and store user profiles. The purpose of Facebook is to show you targeted advertising within and outside of Facebook. Furthermore, data may also be stored in the usage profiles regardless of the devices you use (especially if you are logged in as a user of Facebook). However, even if you do not have a Facebook profile, or are not logged into it during your visit to our Fanpage, Facebook may be able to assign this data to a user profile. Cookies remain on your end device until you delete them. Facebook may change or modify the storage periods of the cookies from time to time without our ability to influence this.
Data from Facebook Insights is only available to us in anonymized form, so that we can only analyze the general user behavior of visitors to our fan page. However, this does not allow us to draw conclusions about individual users.
Our legal basis for the processing is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to analyze the reach and effectiveness of our Facebook activities in order to optimize our online offering on this basis
(c) Further information
For a detailed explanation of the respective processing, the opt-out options, and the legal basis, please refer to the Facebook data protection information linked below:
Information on Facebook Insights
https://www.facebook.com/business/pages/manage#page_insights
Joint Controllers arrangement with Facebook:
https://www.facebook.com/legal/terms/page_controller_addendum
Privacy policy:
https://www.facebook.com/about/privacy
Opt-out option:
https://www.facebook.com/help/568137493302217/
Legal basis of processing:
https://www.facebook.com/about/privacy/legal_bases
and
https://de-de.facebook.com/policy.php
(3) Data subject rights
We refer you to your data subject rights within the meaning of Art. 13 et seq. GDPR. In particular, you have a right to access your data (Art. 15 GDPR), a right to rectification (Art. 16 GDPR), a right to erasure (Art. 17 GDPR), a right to restriction of processing (Art. 18 GDPR), a right to information (Art. 19 GDPR), a right to data portability (Art. 20 GDPR) and a right to object to processing (Art. 21 GDPR). We also ensure your rights under Art. 22 GDPR. You or your data in our area of responsibility are therefore not subject to decisions based solely on automated processing - including profiling. In addition, you have the right to lodge a complaint with a supervisory authority at any time (Art. 77 GDPR). In addition, you have the right to withdraw consent with effect for the future (Art. 7 (3) GDPR).
(4) Data Protection Officer
If you would like access to information about the processing of your personal data in connection with Facebook or would like to claim your data subject rights in this context, we would like to point out that the most effective way to do this is to address your request directly to Facebook. A contact to the data protection officer of Facebook is available under the link:
https://www.facebook.com/help/contact/540977946302970
If you wish to make use of your data protection rights, please contact our external data protection officer at the e-mail address dataprotection@sei-ae.com and provide us with as much detail as possible regarding your specific concern. We will be pleased to forward your concern to Facebook, as Facebook has access to the relevant user data and can take measures in accordance with your user rights.
For further information on data protection, please refer to the general privacy policy of SHG on the web presence.
b) Privacy policy of SHG for Instagram
We use the Instagram business profile of the provider Meta Platforms Ireland Ltd. (formerly and now still abbreviated as "Facebook") to inform you about our offers with photos and videos. We would like to point out that your data may be processed outside the European Union (EU). The processing of personal data outside the EU involves general risks with regard to the enforcement of the rights of the data subject and the safeguarding of the general protection aims of data protection.
(1) Responsible respectively Controller
(a) Facebook
Responsible for the processing of your data, insofar as it is processed exclusively by Facebook, is:
Meta Platforms Ireland Ltd.
4 Grand Canal Square
Dublin 2
Ireland
impressum@support.instagram.com
Fax: +1 650 543 5340
(b) SUMITOMO
SUMITOMO ELECTRIC Hartmetall GmbH
Konrad-Zuse-Straße 9
47877 Willich
Deutschland
Further information about the responsible SHG together with contact details, such as the telephone number, can be found in the imprint.
(c) Joint controllership for processing
Insofar as your submitted data is processed jointly by Facebook and by SHG and both decide on the purposes and means of the processing, Facebook and SHG are jointly responsible within the meaning of Art. 26 GDPR. By operating our Instagram company profile, we enable Facebook to process your data, which is made available to us via the Instagram Insights analytics service in the form of statistics. For this reason - in connection with the ruling of the European Court of Justice [ECJ of June 05, 2018 (Ref.: C-210/16)] on the existence of joint responsibility for the operation of a Facebook fan page as well as the use of Facebook's own analytics service - we analogously assume joint responsibility for our Instagram company profile and the use of Instagram Insights. However, Facebook does not currently provide an agreement on joint responsibility pursuant to Article 26 of the GDPR in which the data protection obligations of each controller can be defined and delimited from one another.
(2) Use of Instagram
We use our Instagram business profile to be able to inform you with news about our offers and to get in contact with you. For example, if you comment on our posts, we process the content of your comment and, if applicable, other of your data that you share with us or that is transmitted during your Instagram activity. In this process, depending on the privacy settings of your user profile, we may also have access to further information of your user profile and your Instagram activities (e.g. "likes").
Every time you visit our Instagram company profile, your personal data (e.g. IP address; browser data; operating system and device; web pages visited; date and time of visit, etc.) is processed by Facebook and cookies are set. However, we have no control over the data collected and the data processing, nor are we aware of the full extent of the data collection, the purposes of the processing, the storage periods or the deletion of the collected data. This enables Facebook to use your data to create cross-device user profiles for the purposes of advertising, market research and/or demand-oriented design of its websites. Such use may also occur if you do not have an account on Instagram or are not logged in there. If you are logged in on Instagram, your data will be directly assigned to your existing Instagram profile and, if applicable, publicly shared with your contacts.
Our legal basis for the processing is Art. 6 (1) lit. f) GDPR. Our legitimate interest is the external presentation and communication with you.
(a) Use of Instagram Insights
The processing of personal data in the context of the use of Instagram takes place with Instagram Insights and also includes processing purposes for market research, advertising as well as the collection of statistical data. The usage profiles may in turn be used, for example, to serve advertisements within and outside of Instagram and Facebook, respectively, that presumably correspond to your interests. Cookies are usually stored on your device to record your user behavior and to create and store user profiles. For example, user profiles can be created from your usage behavior to certain posts, stories, IGTV videos, reels, live videos and your resulting interests. Furthermore, data may also be stored in the usage profiles regardless of the devices you use (especially if you are a member of Instagram or Facebook and logged in on these platforms). However, even if you do not have an Instagram profile or are not logged into it during your visit to our business profile, Facebook can match this data to a user profile. Cookies remain on your end device until you delete them.
Data from Instagram Insights is only available to us in anonymized form, so that we can only analyze the general user behavior of visitors to our Instagram profile. However, this does not allow us to identify individual users.
Our legal basis for the processing is Art. 6 (1) lit. f) GDPR. Our legitimate interest is to analyze the reach and effectiveness of our Instagram activities in order to optimize our online offering.
(b) Furter information
For a detailed description of the respective processing, the opt-out options, and the legal basis, please refer to the privacy policy of Instagram and Facebook linked below:
Instagram insights information: https://www.facebook.com/help/instagram/788388387972460
Privacy policy:
Opt-out and customization options:
https://www.facebook.com/help/instagram/2885653514995517?locale=de
and
https://help.instagram.com/615366948510230
Legal basis of processing:
https://www.facebook.com/about/privacy/legal_bases
and
https://de-de.facebook.com/policy.php
(3) Data subject rights
We would like to inform you of your data subject rights as defined in Art. 13 ff. GDPR. In particular, you have a right to access your data (Art. 15 GDPR), a right to rectification (Art. 16 GDPR), a right to erasure (Art. 17 GDPR), a right to restriction of processing (Art. 18 GDPR), a right to information (Art. 19 GDPR), a right to data portability (Art. 20 GDPR) and a right to object to processing (Art. 21 GDPR). We also ensure your rights under Art. 22 GDPR. You or your data in our area of responsibility are therefore not subject to decisions based solely on automated processing - including profiling. In addition, you have the right to lodge a complaint with a supervisory authority at any time (Art. 77 GDPR). In addition, you have the right to withdraw consent with effect for the future (Art. 7 (3) GDPR).
(4) Data protection officer
If you would like information about the processing of your personal data in connection with Facebook's Instagram service or would like to assert your data subject rights in this context, we would like to point out that the most effective way to do this is to address your request directly to Facebook. You can contact Facebook's data protection officer at the link https://www.facebook.com/help/contact/540977946302970.
If you would like to make use of your rights as a data subject, our external data protection officer will be pleased to help you at the e-mail address dataprotection@sei-ae.com. Please provide us with as much detail as possible regarding your specific concern. We will be pleased to forward your concern to Facebook, as Facebook has access to the relevant user data and can take measures in accordance with your user rights.
For further information on data protection, please refer to SHG's general data protection policy for the website.
c) Integration of Youtube videos
We have integrated Youtube videos into our online offer, which are stored on YouTube.com and can be played directly from our website. By first clicking on the correspondingly marked button of the respective product videos, you manually establish a connection to YouTube. If you click again, the corresponding video will be played. With the first click you agree to the data transfer to Youtube. Only when you play the videos, the data mentioned in the following paragraph will be transmitted. We have no influence on this data transmission. The legal basis for the display of the videos is Art. 6 para. 1 sentence 1 lit. a) GDPR, which means that the integration only takes place after your consent.
By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the above-mentioned basic data such as IP address and timestamp are transmitted. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be directly associated with your account. If you do not want the association with your profile on YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.
The information collected is stored on Google servers, including in the USA. We would like to point out that there is no adequate data protection in the USA and that the security authorities there may be able to access your data without a legal basis. There are also no data protection rights.
For more information on the purpose and scope of data collection and its processing by YouTube, please refer to the privacy policy. There you will also find further information about your rights and setting options to protect your privacy:
https://policies.google.com/privacy?hl=en.
7. Your rights
As far as the legal requirements are fulfilled, you are entitled to claim your rights listed below against us:
a) Right of access information according to Art. 15 GDPR.
You can request information about whether we process personal data about you. If this is the case, you can also request information about the circumstances and more detailed arrangements of the processing and more detailed information about the processed data.
In order to process your request, we are obliged to verify your identity to prevent unauthorized data access. If necessary, and depending on the sensitivity and criticality of the data, we will ask you to provide a redacted copy of your ID, which must show only your name and address. The clear identification of the requestor also serves to protect your personal data. We will of course inform you of this in writing or in text form.
In addition, you are entitled to receive copies of data from us in accordance with Article 15 (3) GDPR, provided that this does not affect the rights and freedoms of other persons. We ask for your understanding that we will only provide unreasonably frequent data information against payment of a fee. Of course, we will also inform you of this in writing or in text form before providing the information.
In the case of data access, we will store your request and information in this regard in our systems for a period of 2 years. If you provide us with a copy of your ID card in order to be able to claim your right to data access and to verify your identity, this will be destroyed immediately after the identity check has been carried out. The legal basis for data processing is Art. 6 para. 1 lit. c) GDPR.
b) Right to correct inaccurate information or to have it completed in accordance with Art. 16 GDPR.
You have the right to request that existing inaccurate information about yourself be corrected, unless you are able to make a change yourself. Personal data is incorrect if it does not correspond to reality.
Taking into account the purposes of the processing, you as the data subject have the right to request that incomplete personal data be completed - also by means of a supplementary declaration.
c) Right to erasure pursuant to Art. 17 GDPR.
You are entitled to demand that we delete your personal data if the legal requirements are met.
d) Right to restriction according to Art. 18 GDPR.
According to Art. 18 GDPR, you have the right to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you. In this case, processing will be restricted for as long as is necessary for the controller to verify the accuracy of the personal data. Furthermore, a right of restriction also exists if the processing is unlawful and you request the restriction of the use of your personal data instead of the erasure of your personal data. Restriction of processing may consist of temporary transfer of data to another processing system, blocking or removal of published data.
e) Right to information according to Art. 19 GDPR
If you have claimed the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to inform all recipients to whom your personal data have been communicated of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.
You have the right to be informed about these recipients in accordance with Art. 19 GDPR.
f) Right to data portability according to Art. 20 GDPR.
You have the right, under the conditions of Art. 20 GDPR, to demand that we transfer your personal data to you in a structured, common and machine-readable format (e.g. .csv); you also have the right to transfer this data to another controller. When using this right, you have the right to obtain that your personal data is transferred directly from the controller to another controller, insofar as this is technically possible. This does not include where the processing is necessary for the fulfilment of a task carried out in the public interest or in the exercise of official authority vested in the controller.
g) Right to object pursuant to Art. 21 GDPR.
You have the right to object at any time to the processing of your personal data which is in the public interest or necessary for legitimate reasons. This enables you to request us to stop processing if the applicable conditions for this are fulfilled.
h) Automated decision in individual cases including profiling
You have the right not to be subject to a decision based solely on automated processing - including profiling - which produces legal effects concerning you or similarly significantly affects you.
This does not apply if the decision
(1) is necessary for the conclusion or fulfillment of a contract between you and the controller,
(2) is permitted by legal provisions of the Union or the Member States to which the controller is subject and these legal provisions contain appropriate measures to protect your rights and freedoms as well as your legitimate interests; or
(3) is done with your explicit consent.
With regard to the cases mentioned in (1) and (3), the controller shall take reasonable steps to safeguard the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person on the part of the controller, to express your point of view and to contest the decision.
i) Right to withdraw your consent under data protection law
You may withdraw your consent to the processing of your data at any time with effect for the future. The data processing carried out until the withdrawal remains lawful in accordance with Art. 7 (3) sentence 2 GDPR. With the use of the right of withdrawal, the data processed on the basis of the withdrawn consent will be deleted. Please be aware that we may be obliged or entitled to further process your data if the applicable legal requirements for this are fulfilled. You can address your declaration of withdrawal to:
SUMITOMO ELECTRIC Hartmetall GmbH
Konrad-Zuse-Straße 9
47877 Willich
Deutschland
Telephone: +49 2154 4992 0
Fax: +49 2154 4992 161
E-mail: compliance@sumitomotool.com
j) Right to lodge a complaint with the data protection supervisory authority in accordance with Art. 77 GDPR.
You have the right to lodge a complaint with a data protection supervisory authority if you should have a reason to complain, in particular if you believe that the processing of your personal data violates the GDPR.
You may lodge the complaint with a data protection supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement. The data protection supervisory authority responsible for us is:
8. Details about your rights
Data access and data portability
You have the right to receive, at any time and free of charge, information about the data stored by us and concerning you. In addition, you are entitled to have the data provided by us on the basis of your consent or on the basis of a contract concluded between us transferred to yourself or to a third party. To do so, please contact us in text form at compliance@sumitomotool.com.
Please keep in mind that a request for information by e-mail may result in us also providing the information digitally, unless you expressly request written postal information. The additional information about you obtained for identification purposes will be used solely for identification purposes. The time and procedure of identification are documented by us for evidence purposes vis-à-vis the data protection supervisory authority. The legal basis is Art. 6 para. 1 lit. c) GDPR in conjunction with Art. 5 para. 2 GDPR.
Rectification, deletion and restriction
Insofar as other legal obligations (e.g. legal retention and deletion periods under the German Commercial Code or the German Fiscal Code) or other legitimate interests on our part (e.g. retention for the assertion of claims or for legal defense) do not exist, we will correct, block or delete your personal data stored with us at your request. For this purpose, please contact compliance@sumitomotool.com.
Withdrawal of your consent
If you have given us your consent to process your personal data, you can withdraw this consent at any time by sending us a short message, without incurring any costs other than the transmission costs according to the prime rates. Also in this regard, we ask you to send your withdrawal to: compliance@sumitomotool.com.
9. Changes of the privacy policy
Advancing technology, legal requirements or changed processes may have an effect on this data protection information, among other things. We therefore reserve the right to change this policy at any time with effect for the future. The current version of the data protection information can be found on this website. Please visit this subpage of the homepage regularly to inform yourself about the applicable conditions. This privacy notice is current as of January 2023.
Cookie information
Consent to data processing
By means of cookies and similar technologies, information can be stored, enriched and read on your end device. By clicking on "Accept all", you consent to access to your end device as well as to the processing of your data, the creation and processing of individual usage profiles across websites as well as partners and devices, and the transfer of your data to third-party providers, some of which process your data in countries outside the European Union (Art. 49 GDPR). We as SUMITOMO ELECTRIC Hartmetall GmbH may not be able to ensure that the European level of data protection is observed in all cases. It is therefore possible that our partners may also use your data for their own purposes. By clicking on "Only necessary", we restrict ourselves to the services and cookies that are absolutely necessary.
For more information, including on data processing by third-party providers and the withdrawal of your consent, which is possible at any time, please refer to the cookie settings as well as our privacy policy. You can find more information about the responsible person in the imprint.
Effective date: 14 April 2023
Last updated: 12 June 2023