Privacy policy

1. what will my personal data be used for?

We may ask you to provide us with your personal data for the following purposes:

• To perform a contract, e.g. to deliver products and services.
• When you request a quote or enter into a contract with us, your contact details will always be requested. Depending on the type of contract, other personal data may also be required for the performance of the contract. In addition, the data may be used to issue invoices for the products delivered or services provided. 
• To stay in contact with you (customer management)
• Your contact details are stored in our customer system and may be used to send you newsletters, updates, invitations to events, seminars and to send you information that you have requested from us.
• to answer questions or resolve complaints about products or services and to provide information about their status
• to improve our product and service information and to conduct targeted marketing campaigns
• We want to provide you with information that is relevant to you. To make this possible, we combine and analyze the personal data available to us. On this basis, we determine which information and channels are relevant and which times are best suited to inform or contact you. We do not process special categories of personal data for marketing campaigns. If we want to create a personal, individual customer profile for you, we will ask for your consent beforehand. You can withdraw this consent at any time if you wish.
• to improve and secure our website and IT systems

for the creation of user statistics

We collect user statistics for our website in order to get an idea of, for example, the number of visitors, the duration of the visit, the parts of the website visited and the "click behavior". These are general reports that do not contain any information about individuals. We use the information obtained to improve our website.

Access control and corporate security 

When you visit our business premises, we will record your name. Camera recordings are also made outside and inside our business premises. This is necessary to know who is in the building in the event of an emergency and to ensure that unauthorized persons do not have access to the building.

Use of our WiFi network

When you visit our business premises, you can use our WiFi network. When you log into our WiFi network, we automatically collect connection data, such as the identification number of the device (MAC address). This information is usually deleted after one year and we only use it to prevent misuse. In the event of illegal activities via our WLAN network, we may deny the device access to the network.

To comply with legal obligations that apply to us

In general, we only process your personal data for the purposes of which you have been informed. If we use your data for other (closely related) purposes, additional data protection measures will be incorporated if these are required by law.

2 On what legal basis do we process your data?

We process your data

• either because we need it to enter into or perform the contract with you 
• because we are legally obliged to do so 
• with your consent
• or because we (or a third party) have a legitimate interest in doing so.

If we have asked for your consent to process your personal data and you have given this consent, you are entitled to withdraw it at any time. 

If we process personal data on the basis of a legitimate interest, we must not violate your privacy disproportionately.

For example, we use your contact details to send you newsletters and information material and to invite you to promotions and events. We do not process any special personal data from you as part of these marketing campaigns.

If we want to create a personal, individual customer profile, we will ask for your consent beforehand.

3. What personal data do we collect?

We process personal data that you have provided to us yourself, personal data collected during your visit to our websites or business premises, and personal data collected from other sources, such as public company websites. 

The personal data that you have provided yourself is:

• Information required for the execution of a contract concluded with you, e.g. a purchase/sales contract
• Data entered in contact forms, both on paper and in digital form
• information you provide during introductory meetings (business cards), events, seminars, etc. 
• When you visit our website, our servers store a range of data.

This is information such as:

• Your cookie ID
• Your web browser
• your location
• the web pages you visit on our website
• the advertisements you have viewed 

In addition, we may also receive your personal data from other sources, such as:

• personal data available if you are a customer of one of our group companies or partners
• personal data obtained from the commercial register of the Chamber of Commerce or other public registers
• personal data available on public company websites or social media platforms of the company.
• If the personal data originates from one of the above sources, it will only be processed if this is permitted by law and in accordance with the purpose for which this information was provided.

4. How long do we store your personal data?

We do not store your personal data for longer than is strictly necessary for the purposes for which we collected your data or to comply with laws and regulations.

After the retention period has expired, the data that we no longer need will be deleted, unless we are legally obliged to keep this data for longer.

5. to what extent do we share your personal data with others?

We may share your personal data with service providers, business partners and other third parties. We always do this in accordance with applicable legislation.

We only share your personal data with third parties if this is necessary for the performance of an agreement with you or to comply with a legal obligation. We enter into a processor agreement with organizations that process your data on our behalf to ensure the same level of security and confidentiality for your data. We remain responsible for these processing operations.

6. transfer outside the EEA (European Economic Area)? 

Occasionally it is necessary to transfer your personal data to entities outside the European Economic Area (EEA), e.g. in connection with the performance of an agreement by our group companies located outside the EEA.

According to the General Data Protection Regulation (GDPR), personal data may only be transferred to parties outside the EEA if an adequate level of data protection is ensured or if a specific derogation applies.

7 Automated decisions

Automated decisions are decisions about you that are made by computers and not by humans. Will such a decision have legal consequences for you? Or could it be detrimental to you? If so, we are not allowed to make automated decisions about you. 

We may only make automated decisions if we have made an agreement with you to this effect, if the law permits this or if you give your consent. In these cases, you can always contact an employee of our company and you also have the right to object. This can be done by sending an e-mail to info@centrotherm.com.

We do not make fully automated decisions that may have consequences for you or adversely affect you.

8. your rights

Among other things, the GDPR gives you the opportunity to view the personal data we hold about you, to ask us to delete it or to indicate that you wish to correct or supplement this information. You also have the right to request the restriction of processing or to object to it. Finally, you have the right to request the personal data stored by us in connection with data portability.

9. access to other websites via a link

When you visit our website, you will find links to other websites for your convenience and for information purposes. These websites may not be managed by us and may have their own privacy policy. We recommend that you read this privacy policy so that you are aware of how your personal data is used on these websites. We are not responsible for the content, use and privacy policies of websites that do not belong to us and which we therefore do not manage.

10. how we protect your personal data

We are aware of our responsibility to protect the personal data you entrust to us from loss, misuse or unauthorized access. We use various security technologies and organizational procedures to protect your personal data. For example, we have access management systems, use firewalls and secure servers. In addition, we encrypt certain types of data such as financial information and other sensitive data.

11. Who is responsible for protecting your data?

CENTROTHERM Systemtechnik GmbH - Am Patbergschen Dorn 9 - 59929 Brilon, Germany, Phone: +49 (0) 2961 96 70-0, Fax: +49 (0) 2961 96 70-220 is responsible for the processing of data as described in this privacy policy.

If you have any questions about this privacy policy, please do not hesitate to contact us. Send an e-mail to info@centrotherm.com and we will be happy to help you.

Even if you have complaints about the processing of your personal data, we will be happy to help you and find a solution together. If we are unable to reach an agreement, you have the right to lodge a complaint with the Garante per la protezione dei dati personali in accordance with data protection legislation.

12. changes 

Developments are fast moving and there may be changes to the personal data we ask you for and how we use your personal data. Regulations may also change. In that case, we will amend this privacy statement accordingly. We therefore ask you to read the privacy statement regularly so that you stay up to date. We will also inform you of any important changes on our website.

This privacy policy came into force on May 25, 2018.