Data protection

 

The following is a summary of all the data that is registered when you visit this website and how Frinorm AG handles it.

The body responsible for data processing on this website is:

 

Frinorm AG
Föhrenweg 9
FL-9496 Balzers
 Liechtenstein

 

Phone 00423 384 23 66
 Fax 00423 384 23 35

 

Types of data processed

 

  • Personal user data (e.g. names, addresses)
  • Contact details (e.g. e-mail, phone numbers)
  • Content-related data (e.g. text entries, photographs, videos)
  • Usage data (e.g. websites visited, interest in content, access times)
  • Meta data and/or communication data (e.g. device information, IP addresses)

 

Cookies “Cookies” are small files that are stored on computers. Various data can be stored inside cookies. Cookies serve primarily to store data on a user (or the device on which the cookie is saved) while they are visiting or after they have visited a web presence. Temporary cookies, referred to as “session cookies”, or “transient cookies”, refer to cookies that are erased after the user has left a website and closed the browser. Cookies that remain after the browser has been closed are referred to as “permanent” or “persistent”. The login status can for instance be saved if users visit after several days. Likewise, users’ interests can be stored in such cookies in order to determine the reach of the site or for marketing purposes. “Third-party cookies” refer to cookies offered by providers other than the responsible body operating the web presence; otherwise, if only their cookies are used, the cookies are referred to as “first-party cookies”. We may use temporary and permanent cookies and clarify this in our data protection statement.

 

If users do not want to have cookies stored on their computer, they are asked to please disable the relevant option in their browser’s system settings. Any saved cookies can be erased in the browser’s system settings. Disabling cookies may lead to restrictions of the functions of this website.

 

Access, erasure and blocking All information that Frinorm AG receives from you is stored for the sole purpose of processing, is treated confidentially and will not be passed on to third parties. We treat your personal data confidentially and in line with statutory data protection regulations as well as this data protection statement.

 

Processing for business purposes

In addition to this, we process

 

  • contractual data (e.g. object of the contract, term, customer category); and
  • payment data (e.g. bank details, payment history)

 

from our customers, prospective customers and business partners for the purpose of providing contractual services, support and customer care, marketing, advertising and market research.

The data processed includes our contractual partners’ personal data (e.g. names and addresses), contact data (e.g. e-mail addresses and phone numbers) as well as contractual data (e.g. services used, contract content, contractual correspondence, names of contacts) and payment information (e.g. bank details, payment history).

 

We do not generally process specific categories of personal data unless these fall within the scope of assigned or contracted services.

We process data that is necessary for the initiation and fulfilment of contractual services and justify the need for said information where this is not evident to contractual partners. Data will only be disclosed to external parties or companies if this is necessary within the framework of a contract. When processing data supplied to us in the course of fulfilling an order, we act in line with the customer’s instructions and statutory requirements.

 

Registering general data and information Frinorm AG’s website registers a range of general data and information each time a data subject or automated system visits the website. This general data and information is saved in log files on the server. This may include:

 

  • The browser type and versions used
  • The operating system used by the accessing system
  • The website from which an accessing system accesses our website (referrer)
  • The date and time of accessing the website
  • Internet protocol address (IP address)
  • Internet service provider of the accessing system
  • Other similar data and information that serve to defend against risks in the event of attacks on our IT systems

 

This data is not collated with other data sources. This data is processed based on Article 6(1)(b) of the European General Data Protection Regulation (GDPR), which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

 

Data security During website visits, we use the popular SSL (secure socket layer) method in combination with the highest level of encryption supported by the user’s respective browser. You can determine whether an individual page has been transmitted in encrypted form by the presence of a locked key or lock icon in your browser’s URL bar. We use other appropriate technical and organisational security measures in addition to this to protect your data against accidental or deliberate manipulation, partial or full loss, destruction or against unauthorised third-party access. Our security measures are continually enhanced in line with the latest technological developments.

 

Contact Where we are contacted (e.g. by e-mail, phone, form or via social media), the user’s details will be processed so that the contact inquiry can be handled and processed in accordance with Article 6(1)(b) GDPR. The user’s details may be saved in a customer relationship management system (referred to as a “CRM system”). We erase inquiries where these are no longer necessary. In the case of applications, we process personal information in accordance with statutory requirements solely for the purpose and in the course of the application process. The application process requires applicants to send us applicant data. By sending their application to us, applicants agree to their data being used for the purpose of the application process in the manner and scope outlined in this data protection statement. 

 
 In the event of a successful application, we may further process the data provided by applicants for employment contract purposes. Otherwise, if the job application is not successful, applicants’ data is erased. Applicants’ data is also erased if an application is withdrawn; applicants are entitled to do this at any time.

 

Newsletter The following notices provide you with information on the content of our newsletter as well as the processes of registration, mailing and statistical analysis and your rights to object. By subscribing to our newsletter you agree to receiving it and the processes described.

Content of the newsletter: We send newsletters, e-mails and other electronic notifications with promotional information (referred to hereinafter as the “newsletter”) subject to the consent of the recipients or statutory authorisation to do so. If the newsletter’s content is specifically described in the course of a user’s registration, this is considered crucial to the user’s consent. Our newsletters also contain information about our products and associated information (e.g. safety notices) as well as information regarding offers, promotions and our company.

Double opt-in and logging: Registering for our newsletter involves what is referred to as a double opt-in process, i.e. after registering, you will receive an e-mail in which you are asked to confirm your registration. This confirmation is necessary to prevent users from registering with an e-mail address that does not belong to them. Registrations for the newsletter are logged for the purpose of demonstrating that the registration process was carried out in line with the legal requirements. The information stored includes the time and date of registration and confirmation, as well as the IP address. Likewise, changes to your data held by the shipping provider are logged.

 

Registration data: All that is required to register for the newsletter is an e-mail address. You may optionally provide us with a name so that we can address you personally in the newsletter.

 

Cancellation/withdrawal of consent: You may cancel the newsletter at any time, i.e. withdraw your consent at any time. You will find a link to cancel the newsletter at the end of every newsletter. We may save deregistered e-mail addresses for up to three years before erasing them on the basis of our justified interests of demonstrating formerly given consent. This data is processed solely for purpose of defence against any potential claims. Individual requests for erasure can be submitted at any time, provided the existence of former consent is confirmed at the same time.

 

Newsletter – MailChimp
This website uses the services of MailChimp for mailing newsletters. These services are provided by the Rocket Science Group, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. MailChimp is a service that can be used to organise and analyse newsletters amongst other things. If you provide data when subscribing to the newsletter (e.g. e-mail address), this is stored on MailChimp’s servers in the USA.

 

MailChimp is certified under the EU–US Privacy Shield Framework. The Privacy Shield Framework is an agreement between the European Union (EU) and the United States of America (USA) designed to ensure compliance with European data protection standards in the USA. We use MailChimp to analyse our newsletter campaigns. If you open an e-mail sent with MailChimp, a file contained within the e-mail (referred to as a “web beacon”) connects to MailChimp’s servers in the USA. This makes it possible to determine whether a newsletter message has been opened and, where applicable, which links have been clicked. Technical information is registered too (e.g. time and date of access, IP address, browser type and operating system). This information cannot be linked to the respective newsletter recipient. It serves the sole purpose of statistical analysis of newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to the interests of recipients.

 

If you do not want this information to be analysed by MailChimp, you must unsubscribe from the newsletter. We provide a link for this in each newsletter message. You can also unsubscribe from the newsletter on the website itself. This data is processed based on your consent (Article 6(1)(a) GDPR). You can withdraw this consent at any time by unsubscribing from the newsletter. The legality of prior data processing actions will remain unaffected by this withdrawal.

 

The data that you supplied to us for the purpose of subscribing to the newsletter will be saved by us until you unsubscribe from the newsletter and erased both from our servers as well as MailChimp’s servers after the newsletter has been cancelled. Data that has been saved by us for other purposes (e.g. e-mail addresses for the member area) will remain unaffected by this. You can find out more about this in MailChimp’s  Terms of Use.

 

Conclusion of a data processing agreement
We have concluded what is referred to as a data processing agreement with MailChimp, obligating MailChimp to protect the data of our customers and to refrain from passing said data on to third parties. This agreement can be viewed using the following link:  mailchimp.com/legal/forms/data-processing-agreement/sample-agreement/.

 

Hosting and e-mailing
We use hosting services in order to provide the following services: infrastructure and platform services, computing capacity, memory space and database services, e-mailing, security services as well as technical maintenance services that we use in the operation of this website.

In connection with this, we, or our hosting provider, process personal user data, contact data, content data, contractual data, usage data, meta data and communication data from customers, prospective customers and visitors to this website based on our justified interests in the efficient and secure provision of this website in line with Article 6(1)(f) GDPR in conjunction with Article 28 GDPR (conclusion of a data processing agreement).

 

Google Analytics We use Google Analytics, a web analysis service provided by Google LLC (referred to hereinafter as “Google”), based on our justified interests (i.e. interest in the analysis, optimisation and profitable operation of our website as defined under Article 6(1)(f) GDPR). Google uses cookies. The information generated by the cookie about the user’s use of this website is generally transferred to a Google server in the USA and stored there.

 

Google is certified under the  Privacy Shield Framework and therefore offers a guarantee that it complies with the European data protection law.

Google will use this information on our behalf to analyse the user’s use of the website, to compile reports for us about activities within this website and to provide other services associated with the use of this website and the Internet. Pseudonymous user profiles can be generated for users based on the processed data.

 

We only use Google Analytics with IP anonymisation enabled. This means the user’s IP address is shortened by Google within member states of the EU or in other signatory states of the Agreement on the European Economic Area (EEA). Only under exceptional circumstances will the full IP address be sent to a Google server in the USA and then shortened.

 

The IP address transmitted by the user’s browser will not be collated with any other data held by Google. Users can prevent cookies from being stored by configuring their browser software accordingly; users can also prevent data generated by the cookies in relation to their usage of the website from being processed by Google by downloading and installing the browser plug-in available via the following link:
  preventing data processing (opt-out).

 

You can find out more about how Google uses data as well as configuration and withdrawal options in Google’s Privacy Policy and in the settings for the display of advertisements by Google.

Users’ personal data is erased or anonymised after 26 months.

 

Social media networks Websites sometimes contain links to third-party websites. This website does not use any plug-ins for the social media networks Facebook, Google Plus or Xing. The website features only a link to our own profile. As a result, these networks do not receive any information about your data.

 

Vimeo
We may, from time to time, feature videos on the platform Vimeo (referred to hereinafter as “Vimeo”), provided by Vimeo, Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA.

Vimeo Privacy Policy
 

We would like to point out that Vimeo may use Google Analytics and draw your attention to its  Privacy Policy as well as the  opt-out options for Google Analytics or the Google settings for  data usage for marketing purposes.

 

Topicality and alteration of this data protection statement This data protection statement is valid currently and was last amended in May 2018. It may be necessary to alter this data protection statement due to the ongoing development of our website and the services provided via the website or due to changed statutory or regulatory requirements.