This Privacy Policy satisfies the disclosure requirements according to Art. 12 ff. of the EU General Data Protection Regulation (“GDPR”) and provides a summary of the processing of your personally identifiable information (“personal data”, “personal information”) on this web-site. 1. Who is accountable for processing my personal data?
Arvato Ireland Ltd Swords Business Park Swords, Co. Dublin K67 E1N1, Ireland Telephone +353 (0) 86 440 8030 E-Mail: dposcmirl@arvato-scs.com is responsible for processing your personal data on this website (hereinafter referred to as “we”). We process personally identifiable information (“personal data”) in accordance with GDPR provisions.
You can contact our designated Data Protection Officer at the postal and email addresses indicated above by using the reference ‘For the attention of the Data Protection Officer’.
2. What data is collected? When you visit our website, the data of the computer you use to access our website is automatically logged (“access data”). This access data includes server log files that generally consist of information pertaining to your web browser type and version, your operating system, your internet service provider (ISP), the date and time you used the website, the web-sites previously visited by you and the websites you accessed from our website, in addition to the IP address of your computer. With the exception of your IP address, the information contained in the server log files is not personally identifiable. An IP address is personally identifiable when it is static (permanently allocated when using internet access) and the ISP is able to attribute it to a specific person. Some features of our website require that you divulge personal information to us. In this case, the information provided by you is used to provide the service requested by you or process a matter submitted by you (e.g. search queries, entries made in forms or contracts, click data). This is currently not used for this purpose.
3. What cookies are used? Cookies are used on our website. Cookies are small text files that are saved to your computer when visiting a website. The cookies that are saved can be attributed to the web browser used by you. When the website is visited again, the web browser returns the content of the cookies, thus enabling you, the user, to be recognized. Certain cookies are deleted when you log out or end the browser session (“transient cookies” or “session cookies”). Other cookies are saved for a specific period of time (“temporary cookies”) or indefinitely (“persistent cookies”). These cookies are automatically deleted when the defined period lapses. The privacy and security settings of your browser enable cookies to be deleted at any time and also enable you to configure the use of cookies in accordance with your preferences. However, you may not be able to use all the features of our website if you delete the cookies used by our website. As a general principle, cookies enable online recognition without reference to a specific per-son. Cookies may become personally identifiable when the information they contain is merged with other information apart from the information generated by the cookies themselves. Here a distinction is made between cookies that are necessary for the provision of website features, and cookies that are required for other purposes, e.g. analysis of user behaviour or displaying advertising-related content. The cookies that are required for the provision of website features include the following in particular:
Cookies that are needed for other purposes of the website include analytics cookies to record the usage behaviour of our users and evaluate it in the form of statistics (e.g. sub-pages visited, search queries conducted).
4. What personal data is collected and for what purpose? The purpose of data processing may be based on technical, contractual or statutory requirements or result from consent having been given by the user. We use the data described in section 2 for the following purposes:
For information on other data processing purposes, please refer to the sections below of this Privacy Policy. 4.1 Provision of the website 4.1.1 Description and scope of data processing In order to enable the proper functioning of our website, security analyses to be conducted, and denial-of-service attacks to be prevented and stopped, server log files are automatically collected and saved on a short-term basis as an integral part of access data that is created by the system of the visiting computer upon accessing our website and while using it (see section 2). The content of the server log files is not merged with other data. We use the server log files for statistical analyses to troubleshoot and remedy technical issues, prevent and defend against denial-of-service attacks and attempted fraud, and to optimize the proper functioning of our website. 4.1.2 Purpose and legal basis of data processing The legal basis for the creation of server log files follows from Art. 6(1)(f) GDPR. Our legitimate interests lie in the proper functioning of our website, conducting security analyses and defending against threats. 4.1.3 Duration of storage or criteria applied in defining this period When the pages of our website are accessed, information is logged to server log files that are stored on our web server; the IP address contained in them is deleted after 7 days at the latest. No analysis is conducted during this time unless there is a denial of service or other attack. 4.1.4 Options for lodging an objection and having your data removed You have the right to lodge an objection to the processing of your data contained in the server log files provided that there are cogent reasons that arise from your specific situation. If you would like to exercise your right to lodge an objection, please write to the contact address in section 1.
4.2 Links to other websites Our Privacy Policy only covers our website; we are not responsible for the privacy policies of other websites. Nevertheless we recommend that you read the privacy policies of the web-sites you access by clicking on the links leading to them. 4.3 External services and content on our website We may integrate external services and content on our website. If you use one of these services or you are shown the content of third parties, communication data is exchanged between you and the provider of that service or content for technical purposes. That provider may use your data for their own purpose. To the best of our knowledge and belief, we have configured the services or content of third-party providers who are known to use data for their own purposes so that communication for purposes other than rendering their content or services on our website is prevented or communication does not come about unless you actively decide to use the service. However, since we have no control over the data collected by third parties and its processing by them we are unable to make any binding statements pertaining to the purpose and scope of the processing of your data.
5. Who comes into possession of my personal data? Within our company those who need access to your information for the purposes described in section 4 will be given access to it. Service providers contracted by us may also be given access to your information (“contract data processors”, e.g. software solutions providers). They are bound by our directives and must provide for data security and the confidential treatment of your information under the contract data processing agreements we have concluded with them. No sharing of information with other recipients such as advertising partners, providers of social media services or credit institutions (“third parties”) takes place.
6. Is my personal data processed outside of the EU or EEA (‘transfer to a third country’)? No
7. What data privacy rights do I have? You have the right to request access to your personal data that is currently stored by us. If this data is incorrect or not up to date, you have the right to request rectification. You also have the right to have your personal data erased and/or its processing restricted as provided for in Art. 17 and Art. 18 GDPR. You also have the right to request a copy of the personal data provided by you in a structured, commonly-used, machine-readable format (right to data portability). If you have given your consent to the processing of your personal information for specific purposes, you can revoke that consent at any time for the future. Your notice of revocation is to be addressed to us by writing to the contact address indicated in section 1. Pursuant to Art. 21 GDPR, you also have the right for reasons relating to your specific situation to raise an objection to the processing of your data that is done on the basis of Art. 6(1)(f) GDPR. You also have the right to lodge an objection to the processing of your personal information for direct marketing purposes. The same applies to automated processes involving the use of individual cookies, unless they are required for providing the functionality of our website. You also have the right to lodge a complaint with the competent data protection authority. The authority responsible for us is, Data Protection Commission 21 Fitzwilliam Square South Dublin, D02 RD28 Ireland Phone: +353 578 684 800
You also have the right to contact the data protection authority at your place of residence and request support in pursuing your matter.
This Privacy Policy informs you about the possibility of asserting the data subject rights under data protection law. In order to be able to answer your request comprehensively, we are obliged by law to verify your identity. This is to protect your data from unauthorised access. For this purpose, it may be necessary for you to provide a copy of your passport or similar information about yourself and the individual data processing. Within this provided information, you may omit information that is not necessary to prove your identity (for example, on a passport copy, eye colour, height, or nationality may be blacked out). Without providing information, we are unable to fulfil your data subject rights.
8. To what extent does automated decision-making take place? We do not use any fully automated decision-making processes for any of the purposes set out in section 4.
9. Is profiling done? No profiling takes place for any of the purposes set out in section 4.
Date of this Privacy Policy: December 2024