PART I. GENERAL, CONTROLLER, DATA PROTECTION OFFICER
2. Name and address of the Controller and the Data Protection Officer
Controller in the meaning of the General Data Protection Regulation (“GDPR”) and other national data protection laws of EU Member States as well as other provisions under data protection law is:
EVERON LIGHTING TECHNOLOGIES BV
Lange Beemden 17
Tel: +32 11 720 732
The Data Protection Officer of the Controller is:
Ms. Elisa Veronesi
Head of human resources & legal department EVERON LIGHTING
Tel: +32 473 601 804
E-mail: ' + email_scrambled_elisa + ''); -->">
3. Scope of the processing of personal data
On principle, we process the personal data of our users only to the extent that this is necessary for providing a functional website as well as our contents and services. The processing of the personal data of our users is carried out regularly only after having received the user’s consent. An exception applies in such cases in which a prior obtaining of consent is not possible for factual reasons and where the processing of the data is permitted by statutory regulations.
4. Legal basis for the processing of personal data
To the extent that we obtain a declaration of consent of the data subject for the processing operations, Art. 6 Par. 1 Lit. a of the EU General Data Protection Regulation (GDPR) serves as legal basis. In case of the processing of personal data that is required for the fulfilment of a contract to which the data subject is a contractual party, Art. 6 Par. 1 Lit. b GDPR serves as legal basis. This shall also apply to processing operations that are necessary for the carrying out of precontractual measures.
To the extent that a processing of personal data is required for the fulfilment of a contractual obligation that our company is subject to, Art. 6 Par. 1 Lit. c GDPR serves as legal basis. In case vital interests of the data subject or of another natural person make a processing of personal data necessary, Art. 6 Par. 1 Lit. d GDPR serves as legal basis. If the processing is necessary for maintaining a legitimate interest of our company or of a third party and if the interests, basic rights, and basic freedoms of the data subject do not outweigh the aforementioned interest, Art. 6 Par. 1 Lit. f GDPR serves as legal basis for the processing.
5. Data erasure and duration of storage
The personal data of the data subject will be erased or restricted as soon as the purpose of storage no longer exists. A storage can, furthermore, be performed if this is provided for by the European or national legislatures in rules, laws, or other regulations under European Union law applicable to the Controller. A restriction or erasure of the data is also performed if a storage period prescribed by the specified standards expires unless a necessity exists for further storage of the data for conclusion or fulfilment of a contract.
PART II. UTILISATION OF THE WEBSITE, COOKIES ET GOOGLE ANALYTICS
1. Use of the website
- date and time of the retrieval of one of our web pages
- your browser type
- the browser settings
- the operating system used
- the page you last visited
- the region from where you surf
For our internet presence, we use cookie technology. Cookies are small text files that are sent to your browser by our web server in the context of your visit to our websites and which are stored on your computer by your browser for a later retrieval.
Once the browser session has ended, most of the cookies used by us are deleted from your computer once again (session cookies, also referred to as temporary cookies). The purpose of these cookies is to able to continue to identify your computer during a visit to our website when switching from one of our web pages to another one of our web pages, and to be able to determine the end of your visit. Other cookies may, instead, remain on your computer and enable us or our partner companies to “remember” your browser upon your next visit. In this way, we only record your language preference and your acceptance of cookies.
Legal basis for the processing of personal data under utilisation of cookies is Art. 6 Par. 1 Lit. a and f GDPR.
The user data collected by cookies are not being utilised to create user profiles. Furthermore, we are not utilising any technologies that link the information generated by cookies with user data.
Cookies are stored on the user’s computer and transmitted from the latter to our website. Therefore, you, as the user, also have full control over the utilisation of cookies. By modifying the settings in your web browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If you deactivate cookies for our website, it is possible that not all functions of the website can be utilised to their full extent any more.
3. Utilisation of Google Analytics
This website utilises Google Analytics, a web analysis service of Google Inc. ("Google"), 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google").
Google Analytics uses so-called "Cookies", which are text files that are stored on your computer, and which allow for an analysis of your utilisation of the website. The information that the cookie generates about your utilisation of this website is generally transferred to and stored on a server operated by Google in the USA. The IP address transmitted by your browser – as part of "Google Analytics" – is not combined with other data of Google. You can prevent the storage of cookies through a corresponding setting of your browser software. You can, furthermore, prevent the recording of the data generated by the cookie and related to your use of the website to Google as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link: tools.google.com/dlpage/gaoptout;
PART IV. YOUR RIGHTS AS DATA SUBJECT
If personal data concerning you is being processed, you are the data subject within the meaning of the GDPR and the following rights are available to you against the Controller:
1. Right of Access
If such a processing is the case, you shall have the right to demand access to the following information from the Controller:
(2) the categories of personal data that are being processed;
(3) the recipients and/or the categories of recipients to whom the personal data concerning you have been or still will be disclosed;
(4) the planned duration of storage of the personal data concerning you or, if specific statements regarding this are not possible, criteria for the specification of the storage period;
(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the Controller, or a right to object to this processing;
(6) the existence of a right to lodge a complaint with a supervisory authority;
(7) any and all available information regarding the origin of the data if the personal data were not collected from the data subject;
You shall have the right to demand information whether the personal data that related are transferred to a third country or to an international organisation. In connection with this, you may demand to be informed about the appropriate safeguards in accordance with Art. 46 GDPR in connection with the transfer.
2. Right to rectification
You have a right to rectification and/or completion against the Controller insofar as the personal data processed concerning you are incorrect or incomplete. The Controller must perform the rectification without undue delay.
3. Right to restriction of processing
(2) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
(3) the controller no longer needs the personal data for the purposes of processing but you still need them for the establishment, exercise or defence of legal claims, or
(4) you have objected to processing pursuant to Art. 21 Par. 1 GDPR and it has not yet been determined whether the legitimate grounds of the Controller override your grounds.
4. Right to Erasure
4.1 Obligation to erase
You shall have the right to demand from the controller to erase the personal data concerning you without undue delay, and the controller shall have the obligation to erase these data without undue delay where one of the following grounds applies:
(1) The personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
(2) You withdraw your consent on which the processing is based in accordance with Art. 6 Par. 1 Lit. a or Art. 9 Par. 2 Lit. a GDPR, and there is no other legal ground for the processing.
(3) You object to the processing pursuant to Art. 21 Par. 1 GDPR and there are no overriding legitimate grounds for the processing or you object to the processing pursuant to Art. 21 Par. 2 GDPR.
(4) The personal data concerning you have been unlawfully processed.
(5) The personal data concerning you have to be erased for compliance with a legal obligation in Union or Member State law to which the Controller is subject.
(6) The personal data concerning you have been collected in relation to the offer of information society services referred to in Art. 8 Par. 1 GDPR.
4.2 Information to third parties
Where the Controller has made the personal data concerning you public and is obliged, pursuant to Art. 17 Par. 1 GDPR, to erase the personal data, the Controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you, as the data subject, have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
(2) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the area of public health in accordance with Art. 9 Par. 2 Lit. h and i as well as Art. 9 Par. 3 GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 Par. 1 GDPR in so far as the right referred to section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
(5) for the establishment, exercise or defence of legal claims.
5. Right to notification
If you have asserted the right to rectification, erasure or restriction of processing against the Controller, the Controller shall be obliged to communicate to each recipient to whom the respective personal data concerning you was disclosed any rectification or erasure of the data or restriction of the processing, unless this proves impossible or involves disproportionate effort.
You shall have the right to be informed by the Controller about those recipients.
6. Right to data portability
You shall have the right to receive the personal data concerning you, which you provided to the Controller, in a structured, commonly used and machine-readable format. In addition, you shall have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where
(1) the processing is based on consent pursuant to Art. 6 Par. 1 Lit. a GDPR or Art. 9 Par. 2 Lit. a GDPR or on a contract pursuant to Art. 6 Par. 1 Lit. b GDPR; and
(2) the processing is carried out by automated means.
In exercising your right to data portability you shall, furthermore, have the right to have the respective personal data transmitted directly from one controller to another, where technically feasible. This shall not adversely affect the rights and freedoms of others.
The right to data portability shall not apply to a processing of personal data that is needed for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.
7. Right to object
You shall have the right, at any time, to object, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 Par. 1 Lit. e or f GDPR; this shall also apply to a profiling based on those provisions.
The controller shall no longer process the personal data concerning you unless the controller can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the processing serves for the establishment, exercise or defence of legal claims.
Where personal data concerning you are processed for direct marketing purposes, you shall have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this shall also apply to profiling to the extent that it is related to such direct marketing.
Where you object to the processing for direct marketing purposes, the personal data concerning you shall no longer be processed for such purposes.
In the context of the use of information society services – and Directive 2002/58/EC notwithstanding – you may exercise your right to object by automated means using technical specifications.
8. Right to withdraw the declaration of consent under data protection law
You shall have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of the declaration of consent will not affect the legality of the processing performed based on the declaration of consent up until the withdrawal.
9. Automated individual decision-making, including profiling
(1) is necessary for entering into, or performance of, a contract between you and the Controller,
(2) is authorised by Union or Member State law to which the Controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
(3) is based on your explicit consent.
However, these decisions shall not be based on special categories of personal data referred to in Art. 9 Par. 1 GDPR unless Art. 9 Par. 2 Lit. a or g GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.
With respect to the cases referred to in (1) and (3), the Controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests which include, at least, the right to obtain human intervention on the part of the Controller, to express your point of view and to contest the decision.
10. Right to lodge a complaint with a supervisory authority
The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
PART V. DATA SECURITY, THIRD PARTY WEBSITES, CHANGES
1. Data security
All information you transmit to us will be stored on servers within the European Union. Unfortunately, the transmission of information via the Internet is not fully secure, which is why we cannot guarantee the security of the data transmitted to our website via the internet. However, we protect our website and other systems, through technical and organisational measures, against loss, destruction, access, modification, or distribution by unauthorised persons. In particular, your personal is being transmitted encrypted by us. For this, we utilise the SSL (Secure Socket Layer) coding system. Our security measures are continuously being improved corresponding to the technological development.
2. Transfer to third parties
In some cases, the organisation may be required to pass on certain personal data to third parties. EVERON LIGHTING chooses to work with certain service providers, who provide services at the request of the organisation, such as a payroll office, insurance broker, travel agent, etc. In any case, personal data is only transferred on a need-to-know basis to these recipients who carry out the processing for specific purposes. The organisation always observes the necessary security measures during the transfer and with regard to the recipients in order to guarantee the confidentiality and integrity of the personal data.
3. Data protection and third party websites
The website may contain hyperlinks to and from third party websites. If you follow a hyperlink to one of those websites, please note that we cannot assume responsibility or liability for third party contents or terms and conditions of privacy / data protection. Please determine for yourself the respective applicable terms & conditions of privacy / data protection before transmitting personal data to those websites.
4. Changes to these data protection provisions
We reserve the right to change these data protection provisions at any time, effective for the future. The website will contain the respective current version.
Version January 2020Last updated : 9 february 2023