Choose your region

or choose our
SEARCH
REGION: UNITED KINGDOM
DATA PROTECTION INFORMATION CHG-MERIDIAN

DATA PROTECTION INFORMATION

CHG-MERIDIAN AG, represented by the chairman of the board of management, Dr. Mathias Wagner, is the provider of, and therefore responsible for, the commercial and business related online offering.

Data protection declaration

A. General

This data protection declaration (Version: GDPR 1.0 from 11.05.2018) was produced by:
Deutsche Datenschutzkanzlei Datenschutz-Office Munich – www.deutsche-datenschutzkanzlei.de

Data protection
We, CHG-MERIDIAN AG, are responsible for this online offering and, as the provider of a teleservice, must inform you at the beginning of your visit to our online offering, about the type, scope and purpose of the collection and use of personal data in a precise, transparent, understandable and easily accessible way in clear and simple language. The contents of the information must be retrievable for you at all times. We are therefore obliged to inform you about which personal data will be collected or used. Any information relating to an identified or identifiable natural person is described as personal data.

We place great value on the security of your data and compliance with the data protection regulations. The collection, processing and use of personal data is subject to the regulations of the European and national laws currently in force

We would like to show you in the following data protection declaration how we handle your personal data and how you can make contact with us:

CHG-MERIDIAN AG
Franz-Beer-Straße 111
88250 Weingarten
Germany

E-Mail: info@chg-meridian.com
Web: www.chg-meridian.de 

Telephone: +49 751 503-0
Fax: +49 751 503-66

Chairman of the supervisory board: Jürgen Mossakowski
Chairman of the board: Dr. Mathias Wagner
Board: Frank Kottmann, Oliver Schorer, Ulrich Bergmann

Registry court: Ulm HRB 551857

Tax office: Weingarten
Sales tax identification number: DE 1463495200

Court of jurisdiction: Ravensburg
Applicable law: Law of the Federal Republic of Germany (BRD)
Our data protection officer
If you have questions, you can contact our data protection officer as follows:

Frank Schreiber, E-Mail: dataprotection@chg-meridian.com

B. Wording

For the sake of easier reading, no gender-specific distinction is made in our data protection declaration. The terms used apply, in the context of equal treatment, to both genders.

The meaning of the terminology used, for example ‘personal data’ or its ‘processing’ can be taken from Article 4 of the EU-General Data Protection Regulation (GDPR).

The users’ personal data processed in the context of this online offering, includes inventory data (e.g. client’s name and address), contract data (e.g. services used, name of person responsible, payment information), usage data (e.g. Websites of our online offering visited, interest in our products) and content data (e.g. input into the contact form).

‘User’ includes all categories of persons affected by the data processing. These include, for example, our business partners, customers, interested parties and other visitors to our online offering.

C. Specific

Data protection declaration
We guarantee that we only collect, process, store and use your incoming data in connection with the processing of your request, as well as for internal purposes and providing the services that you have requested or to make content available.

The basis of data processing
We process the user’s personal data only in compliance with the relevant data protection regulations. The user’s data are only processed when the following statutory permission exists:

  • in order to deliver our contractual performance (e.g. Processing orders) and online services
  • processing is required by law
  • your consent is given
  • on the basis of our legitimate interests (i.e. interest in the analysis, optimization, and economic operation and security of our online offering in the sense of Art. 6 para. 1 lit. f. GDPR, in particular, range measurement, production of profiles for advertising and marketing purposes, as well as the collection of access data and the use of services from third-party providers)

We would like to show you where the main legal grounds are regulated in the GDPR:

Consent  - Art. 6 para. 1 lit. a. and Art. 7 GDPR

Processing to deliver our contractual performance and carrying out contractual measures -  Art. 6 para. 1 lit. b. GDPR

Processing to fulfil our legal obligations - Art. 6 para. 1 lit. c. GDPR

Processing to safeguard our legitimate interests - Art. 6 para. 1 lit. f. GDPR

Data transfer to third parties
Data is only passed to third parties within the framework of the legal provisions. We only pass the user’s data to third parties when this is, for example, necessary for contractual purposes or based on our legitimate interest in the economic and effective operation of our business.

In the event that we use subcontractors to provide our services, we make suitable legal arrangements as well as appropriate technical and organizational measures, to provide protection for personal data in accordance with the relevant legal provisions.

Data transfers to third countries or an international organization
Third countries are countries in which the GDPR is not a directly applicable law. This basically includes all countries outside the EU, respectively, the European Economic Area.

A transfer of data to a third country or an international organization takes place. Hereby the EU commission’s decision on adequacy is taken into account. This says that a secure third country or a secure international organisation is concerned, which offers an adequate level of protection.

Length of storage of your personal data
We adhere to the principles of data economy and data avoidance. This means the data made available to us is only retained as long as it is needed to fulfil the previously named purposes or as laid down by the manifold storage periods provided for by the legislator. If the relevant purpose no longer exists, respectively after the expiry of the appropriate period, your data is routinely blocked, respectively erased, in accordance with the statutory provisions

We have developed a company-internal concept to guarantee this procedure.

Making contact
If you make contact with us by email or through the contact form, you consent to electronic communication. Personal data will be collected in the context of contacting us. Which data is collected in the case of a contact form, can be seen on the respective contact form. Your data are transmitted with SSL encryption. The statements which you make will be stored exclusively for the purpose of processing your inquiry and for possible follow-up questions.

We would like to tell you the legal grounds:

Processing to fulfil our performance and carry out contractual measures - Art. 6 para. 1 lit. b. GDPR

Processing to safeguard our legitimate interests - Art. 6 para. 1 lit. f. GDPR

We would like to advise you that emails can be read or changed, unnoticed and without authorization, during transmission. We would also like to bring to your attention that we use software to filter unwanted emails (spam filter). Emails can be rejected by the spam filter if they are wrongly identified as spam due to the presence of certain characteristics.

What rights do you have?

  1. Right to information
    You have the right to obtain information about your stored data without charge. Upon request, we will tell you in writing, in accordance with current law, what personal data about you we have stored. This also includes the origin and recipient of your data as well as the purpose of the data processing.
     
  2. Right to rectification
    You have the right to have your data which is stored by us, corrected if it is incorrect. You can demand a limitation to the processing of your personal data, e.g. if the accuracy of your personal data is contested.
     
  3. Right to blocking
    Furthermore, you can have your data blocked. So that a blocking of your data can be taken into account at any time, the data must be held in a lock file for control purposes.
     
  4. Right to erasure
    You can also demand the erasure of your personal data, so long as no legal storage obligation exists. If such an obligation exists, we will block your data on request. If appropriate statutory requirements are present, we will also erase your personal data without a request from yourself.
     
  5. Right to data transferability
    You are entitled to demand that the personal data transferred to us is made available in a format which enables it to be transferred to another location.
     
  6. Right to complain to a supervisory authority
    You have the option of approaching a data protection supervisory authority with a complaint.

The state representative for data protection and freedom of information, Baden-Württemberg
Postal address: Postfach 10 29 32, D-70025 Stuttgart
Building address: Königstraße 10a, D-70173 Stuttgart
Telephone +49 711 615541–0
Fax: +49 711 615541–15
E-Mail: poststelle@lfdi.bwl.de
Web: https://www.baden-wuerttemberg.datenschutz.de

You can open the complaint form through the following link:
https://www.baden-wuerttemberg.datenschutz.de/online-beschwerde

  1. Right to object
    You have the option to object at any time to the use of your data for internal purposes with future effect. For this, it is sufficient to send an appropriate email to dataprotection@meridian.de. However, such an objection does not affect the legality of processing procedures which we have already carried out. This does not affect data processing in respect of other legal bases, for example, such as contract initiation (see above).

Protection of your personal data
We take state of the art contractual, organizational and technical security measures to ensure compliance with the provisions of the data protection laws and therefore, to protect the data which we process against accidental or deliberate manipulation, loss, destruction or access by unauthorized persons.

In particular, our security measures include the encrypted transfer of data between your browser and our server. 256-bit-SSL (AES 256) encryption technology is used for this. This includes our IP address.

Thereby your personal data is protected in the context of the following points (extract):

  1. Ensuring the confidentiality of your personal data
    To ensure the confidentiality of the personal data which we store, we have taken various measures to control access.
     
  2. Ensure the integrity of your personal data
    To ensure the integrity of the personal data which we store, we have taken various measures to control transfer and input.
     
  3. Ensure the availability of your personal data
    To ensure the availability of the personal data which we store, we have taken various measures to control orders and availability.

The security measures employed are continually improved in accordance with technical development. Despite these precautions, because of the insecure nature of the internet, we are unable to guarantee the security of your data transfers to our online offering. For this reason, all data transfers from you to our online offering are made at your own risk.

Protection of minors
Persons who are under 16, are not allowed to provide us with their personal information without the express consent of the person having parental responsibility unless they have reached the age of 16 or are older. These data will be processed in accordance with our data protection declaration.

Cookies
We use cookies. Cookies are small text files which are stored locally in the internet browser’s cache. Cookies enable the internet browser to be recognized. The files are used to help the browser navigate through the internet offering and use all functions to their full extent.
Our internet offering uses: Browser cookies

Control of cookies by the user
Browser cookies: All browsers can be set so that cookies are only accepted upon request. Also, per set-up, cookies can only be accepted for sites which are currently being visited. All browsers offer functions which make the selective deletion of cookies possible. The acceptance of cookies can also be deactivated generally, however in that case, limitations in the online offering’s user-friendliness must be accepted.

Lifespan of the cookies employed
Cookies are managed by our internet offer’s website. The internet offering uses
Transient cookies/Session cookies (single use)
Life spam: Until the online offer is closed

Deactivate or remove cookies (Opt-Out)
Every browser offers the option of limiting or deleting cookies. Further information about this can be obtained from the following websites:

  • Internet Explorer:

http://windows.microsoft.com/en-GB/windows7/How-to-manage-cookies-in-Internet-Explorer-9

  • Firefox:

https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer?redirectlocale=en-US&redirectslug=Cookies

  • Google Chrome:

https://support.google.com/chrome/answer/95647?hl=en

  • Safari:

https://support.apple.com/de-de/HT201265

Use of METIS web beacons
We use web beacon technology from VG Wort (METIS System). Web beacons are considered harmless in data protection legislation. The METIS web beacons are used to track the number of visitor numbers to various subpages of our website.

Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc.,1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookies about your use of this website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information for Google.

Prevent storage of cookies
You can deny the use of cookies by selecting the appropriate settings in your browser, however, please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Objection to data collection
If you do not want Google to receive data from your browser when you visit these pages, you can find the link to the opt-out solution for Google Analytics here: http://tools.google.com/dlpage/gaoptout?hl=en .

This plug-in prevents the browser from requesting the Analytics-Code so that Google does not receive any data when the page is accessed. The plug-in is only available for Microsoft Internet Explorer 11, Google Chrome, Mozilla Firefox, Apple Safari and Opera. According to Google, the browser blocks the Google Analytics script after installation. For more information on terms of use and privacy, visit http://www.google.com/analytics/terms/de.html or http://www.google.com/intl/de/analytics/privacyoverview.html .

 

Deactivate Google Analytics

Storage period
We have used Google Analytics data-storage-settings to determine how long data is stored before it is automatically deleted from Analytics servers. We have chosen the following storage period: 26 months

IP anonymisation
Google Analytics anonymises all data coming into the system. It’s against Google Analytics Terms of Service to have any data that identifies a specific user by IP address, name, email or otherwise. Some data is used to track a single user but the data is aggregated, thus anonymous.

Demographics
This website uses the feature Demographics by Google Analytics. This allows reports to be generated that contain statements about the age, gender, and interests of site visitors. This data comes from interest-related advertising by Google and visitor data from third parties. This information cannot be assigned to any specific individual. You can deactivate this function at any time via the ad settings in your Google Account or generally prohibit Google Analytics from collecting your data as described under "Objection to data collection".

Use of Google Ads (formerly AdWords)
On our website we use Google Conversion Tracking, an analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). Google Ads places a cookie on your computer ("conversion cookie") if you have reached our website via a Google advertisement. These cookies lose their validity after 30 days and are not used for personal identification. If you visit certain pages on our site and the cookie has not expired yet, we and Google may recognize that someone has clicked on the ad and has been redirected to our site. Each Google Ads customer receives a different cookie. Cookies therefore cannot be tracked through the websites of Google Ads customers. The information collected from the conversion cookie is used to generate conversion statistics for Google Ads customers who have opted for conversion tracking. The Google Ads customers will know the total number of users who clicked on their ad and were directed to a page tagged with a conversion tracking tag. However, you will not receive any information that personally identifies users.

If you do not wish to participate in tracking, you can disable the installation of cookies by setting your browser software accordingly (deactivation option). They will then not be included in the conversion tracking statistics. You can find more information on the terms of use and data protection at: https://policies.google.com/privacy

Use of Google Maps
We use Google Maps for the presentation of maps and the creation of route maps. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this online offer, you consent to the collection, processing and use of the automatically collected data as well as the data which you input yourself (including the IP address) by Google, one of its representatives or a third-party provider. The conditions of use for Google Maps can be found under the following link:

https://www.google.de/intl/de/policies/terms/regional.html

Comprehensive details about transparency and choices, as well as the data protection regulations, can be found in the data protection center of google.de: https://www.google.de/intl/de/policies/privacy/?fg=1

Use of YouTube
Functions of the YouTube service are integrated into our website for displaying and playing videos. This function is offered by YouTube, LLC 901 Cherry Ave. San Bruno, CA 94066 USA. Further information can be found in YouTube’s data protection guidelines.

An extended data protection mode is used for this which, according to the provider, only begins to record user information when the video playback is started.

If the playback of an embedded YouTube video is begun, YouTube uses cookies to collect information about user behavior. According to notes from YouTube, this is used to collect video statistics, improve user friendliness and prevent misuse, among other things. Independently from the playback of the embedded videos, a connection is created with the Google network “DoubleClick” each time our online offering is called up, which can lead to further data processing procedures without our influence.

Further details about the use of cookies by YouTube can be found in YouTube’s data protection declaration: http://www.youtube.com/t/privacy_at_youtube

Use of Vimeo Plugins
We use plugins from Vimeo.com. The operator is Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA (“Vimeo”).

When you call up such a plugin, a connection is made to the Vimeo servers and the plugin is displayed on the internet page through a message to your browser. This tells the Vimeo server which internet pages you have visited. If you are logged in as a Vimeo member, Vimeo relates this information to the platform’s respective user account. By using these plugins, for example by clicking the start button for a video or sending a comment, the information is related to the e.g. Vimeo user account, which you can only prevent by logging out before using the plugin.

Information about the collection and use of data by the above-named platform, respectively plugins, can be found in the data protection note: http://vimeo.com/privacy

Use of the Xing-Share-Button
We use the “XING Share-Button”. By calling up our online offering, a short-term connection to the XING AG (“XING”) servers is made over your browser, with which the “XING Share-Button” functions (especially calculation/display of meter readings) are produced. XING does not store any personal data about you from calling up this offering. In particular, XING does not store IP addresses. In addition, no evaluation of user behavior is made through cookies in connection with the “XING Share-Button” .

The current data protection information about the “XING Share-Button” and complementary information, can be found under the following link: https://www.xing.com/app/share?op=data_protection

Use of LinkedIn Plugins
We use social plugins from the social network LinkedIn. LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”). The LinkedIn plugins can be recognized by the LinkedIn logo or the “Share-Button” (“recommend”) on our online offering.

When you visit our online offering, the plugin makes a direct connection between your browser and the LinkedIn server. LinkedIn receives the information that you have visited our online offer with your IP address. If you click the LinkedIn “Share-Button” while you are logged into your LinkedIn account, you can link the contents of our online offering to your LinkedIn profile. Thereby, LinkedIn can associate your visit to this online offer with your user account.

The purpose and scope of the data collection and its further processing and use by Pinterest, as well as your rights in this connection and settings options for the protection of privacy, can be found in LinkedIn’s data protection notes: https://www.linkedin.com/legal/privacy-policy?_l=de_DE

Amendments to our data protection policy
We reserve the right to adapt our data protection declaration occasionally, so that it always meets the current legal requirements or to implement changes in our services in the data protection declaration. This could apply e.g. to the introduction of new services. The new data protection declaration would then apply to your return visit.

Brand protection
Each firm or trade mark named here is the property of the respective firm. The naming of brands and names is purely for informative purposes.

D. Specific provisions for Russia

The following applies to users who are residents of the Russian Federation:

The services of our online offer listed above, are not intended for citizens of the Russian Federation who are resident in Russia.

If you are a Russian citizen resident in Russia, you are expressly informed that all personal data that you make available to us over our internet offering, is exclusively at your own risk and on your own responsibility. You further agree that you will not hold us responsible for a possible breach of Russian Federation law.

Business Data protection declaration

1 Introduction and scope

The CHG-MERIDIAN AG (CHG) is committed to process personal data responsibly and in compliance with the applicable data protection laws in all countries in which the company operates.

This European Union (“EU”) Customer/Vendor Data Protection Notice (the “Notice”) describes the types of personal data CHG collects, how CHG uses that personal data, with whom the CHG shares your personal data, and the rights you, as a data subject, have regarding the CHG`s use of the personal data. This notice also describes the measures CHG takes to protect the security of the data and how you can contact us about our data protection practices.

2 Contact details of the Data Controllers

The CHG-entities responsible for the collection and use of your personal data (the Data Controllers) in your home country for the purposes described in this notice are:

  • CHG-MERIDIAN AG
  • CHG-MERIDIAN Industrial Solutions GmbH
  • CHG-MERIDIAN Nederland BV
  • CHG-MERIDIAN Belgium NV
  • CHG-MERIDIAN Belux NV
  • CHG-MERIDIAN UK Limited
  • CHG-MERIDIAN Computer Leasing UK Limited
  • CHG-MERIDIAN Ireland Limited
  • CHG-MERIDIAN France SAS
  • CHG-MERIDIAN Spain S.L.
  • CHG-MERIDIAN Italia S.p.A.
  • CHG-MERIDIAN Austria GmbH
  • CHG-MERIDIAN Schweiz AG
  • CHG-MERIDIAN tehnološki menedžment d.o.o.
  • CHG-MERIDIAN Norway AS
  • CHG-MERIDIAN Skien AS
  • CHG-MERIDIAN Sweden AB
  • CHG-MERIDIAN Denmark A/S
  • CHG-MERIDIAN Finland OY
  • CHG-MERIDIAN Polska sp. z.o.o.
  • CHG-MERIDIAN Czech Republic s.r.o.
  • CHG-MERIDIAN Slovakia s.r.o.
  • CHG-MERIDIAN USA Corp
  • CHG-MERIDIAN Canada Ltd.
  • CHG-MERIDIAN S.A.P.I. de C.V.
  • CHG-MERIDIAN do Brasil Arrendamento Mercantil S.A.
  • CHG-MERIDIAN do Brasil Locação de Equipamentos Ltda.

3 Contact details of the Data Protection Manager

A Data Protection Officer (“DPO”) is designated. The DPO is involved in all issues related to the protection of your personal data. In particular, the DPO is in charge of monitoring and ensuring compliance with this notice and the applicable data protection laws. They will also provide advice on data protection matters upon request.

For any clarification or additional information you may need in order to fully understand this Notice, please contact:

dataprotection@chg-meridian.com

4 Purposes of data processing and legal basis

CHG processes personal data in accordance with applicable data protection laws and regulations and only for limited, explicit and legitimate purposes. CHG will not use personal data for any purpose that is incompatible with the original purpose for which it was collected unless you provide your prior explicit consent for further use.

Personal data relating to customers/vendors may be processed for the purposes of:

  • Managing commercial relationships with current and potential clients;
  • Managing commercial relationships with current and potential suppliers and vendors;
  • Carrying out promotional operations;
  • Conducting statistical surveys and marketing studies, etc.

CHG ensures that our internal governance procedures clearly specify the reasons behind decisions to use personal data for alternative processing purposes. Prior to using your personal data for a purpose other than the one for which it was initially collected, you will be informed about such new purpose.

5 Categories of personal data processed

The provision of personal data is a requirement necessary to enter into a contract with CHG or a requirement by law or regulation for the CHG to administer your customer/vendor relationship. The personal data processed is limited to the data necessary for carrying out the purpose for which such personal data is collected.

Personal data processed includes the following:

  • Business information (such as name of organization, department and job title);
  • Contractual information (such as date of agreement, type of commercial relationship, etc.).

CHG will not collect personal data if such collection is prohibited under the applicable data protection laws.

In no case will personal data revealing religious beliefs, racial or ethnic origin, political opinions, philosophical beliefs, trade union membership or concerning sex life be processed in the customer/vendor context.

CHG will maintain personal data in a manner that ensures it is accurate, complete and up-to-date.

6 Data Security

CHG has implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, such risk analysis includes an analysis of the risk of compromising the rights of the data subject, costs of implementation, and the nature, scope, context and purposes for data processing.

The measures include

(i)     encryption of personal data where applicable/appropriate;

(ii)    the ability to ensure the ongoing confidentiality, integrity, availability and resilience of Processing systems and services;

(iii)   the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and

(iv)   a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

7 Recipients of personal data

CHG will only grant access to personal data on a need-to-know basis, and such access will be limited to the personal data that is necessary to perform the function for which such access is granted.

Authorization to access personal data will always be linked to the function so that no authorization will be extended to access personal data on a personal basis. Service providers will only receive personal data according to the purposes of the service agreement with the Company.

8 International data transfers

International data transfers refer to transfers of personal data outside of the European Economic Area (“EEA”). The international footprint of CHG involves the transfer of personal data to and from other group companies or third parties, which may be located outside the EEA. CHG will ensure that when personal data is transferred to countries that have different standards of data protection, appropriate safeguards to adequately protect the personal data are implemented to secure such data transfers in compliance with applicable data protection laws. CHG has implemented Data Transfer agreements based on EU model clauses to cover international data transfers and a copy of these agreements can be obtained by contacting the DPO.

9 Retention of personal data

CHG will not retain your Personal data for longer than is allowed under the applicable data protection laws and regulations or for longer that is justified for the purposes for which it was originally collected or otherwise processed, subject to applicable local retention requirements.

10 Data Protection rights

Under applicable data protection laws, you will benefit from the following rights:

  • Right to access to, rectification and erasure of personal information;
  • Right to restriction of processing and to object to processing;
  • Right of data portability to the extent applicable;
  • Right to withdraw consent where the processing is based on consent; and
  • Right to lodge a complaint with the supervisory authority.

11 Miscellaneous

This notice may be revised and amended from time to time and appropriate notice about any amendments will be given.

CHG is allowed to adapt the text of this notice only in order to be compliant with local legislation by means of an addendum attached to this notice. In case of any discrepancies between this notice and a specific local addendum made in accordance with local law, the terms of the latter will prevail.

Data Protection Information of Tesma®

1 General information

Introduction

We, CHG-MERIDIAN AG, are the controller of this online offering. As the provider of a teleservice, we have to notify you about the nature, scope and purposes of the collection and use of personal data, in a precise, transparent, understandable and easily accessible form and in clear and simple language, at the start of your visit to our online offering. You must be able to access the content of this notification at any time. As a result, we are obliged to notify you of the types of personal data that are collected or used. Personal data is any information relating to an identified or identifiable natural person.

We set great store by ensuring that your data is secure and by complying with the provisions of data protection legislation. The collection, processing and use of personal data is subject to the provisions of currently applicable European and national laws.

We would like to use the below Privacy Policy to show you how we handle your personal data and how you can contact us:

 

CHG-MERIDIAN AG
Franz-Beer-Straße 111
88250 Weingarten
Germany

Email: info@chg-meridian.com
Website: www.chg-meridian.com

Telephone: +49 751 503-0
Fax: +49 751 503-66

Chairman of the Supervisory Board: Jürgen Mossakowski
Chairman of the Board of Management: Dr Mathias Wagner
Board of Management: Frank Kottmann, Oliver Schorer, Ulrich Bergmann

Register Court: Ulm HRB 551857

Tax Office: Weingarten
VAT ID no.: DE 146349520

Court of Jurisdiction: Ravensburg
Applicable law: Law of the Federal Republic of Germany (FRG)

Our data protection officer
If you have any questions, you can contact our data protection officer as follows: Frank Schreiber, email: datenschutz@chg-meridian.com

 

Terminology

To improve readability, our Privacy Policy does not differentiate between genders. In the interests of equality, the corresponding terminology refers to both genders.

Article 4 of the EU General Data Protection Regulation (GDPR) details the meaning of the terminology that is used, such as ‘personal data’ or the ‘processing’ of this.

Users’ personal data processed within the framework of this online offering includes inventory data (e.g. customers’ names and addresses), contract data (e.g. services used, names of administrators, payment information), usage data (e.g. websites within our online offering that were visited, interest in our products) and content-related data (e.g. information entered into a contact form).

Here, the term ‘user’ refers to all categories of data subjects affected by data processing. For example, this includes our business partners, customers, prospective customers and other visitors to our online offering.

 

The legal basis of processing

Article 6 (1) (a) GDPR serves as the legal basis for processing when we have sought consent for a particular purpose of processing.

If personal data needs to be processed for the performance of a contract to which the data subject is a party, as is the case for processing operations relating to the delivery of goods or the rendering of a service or consideration in return, for example, processing is based on article 6 (1) (b) GDPR. The same applies to processing operations required for taking steps prior to entering into a contract, such as in cases of enquiries relating to our products or services.

If we are subject to a legal obligation that makes it necessary to process personal data, such as the fulfilment of obligations under tax law, processing is based on article 6 (1) (c) GDPR.

If personal data needs to be processed to protect vital interests of the data subject or of another natural person, processing is based on article 6 (1) (d) GDPR.

Finally, processing can be based on article 6 (1) (f) GDPR. Processing is carried out on this legal basis if the processing is necessary to protect our legitimate interest or that of a third party, provided that the interests, fundamental rights and fundamental freedoms of the data subject do not override this.

2 General use of online services

The processing of personal data

You can visit our website without actively providing information about yourself as an individual. However, we automatically store access data (server log files) every time the website is accessed. This data includes the name of your internet service provider, the operating system used, the website you visit us from, the date and duration of your visit or the name of the file requested, for example. We also store data for security reasons, e.g. we store the IP address of the computer used so that we can recognise attacks on our websites. This data is solely used to improve our offering and cannot enable conclusions to be drawn about you as an individual. This data is not merged with other sources of data.

The legal basis for data processing is article 6 (1) (f) GDPR. We process and use data for the following purposes:

  1. providing CHG-MERIDIAN AG's websites,
  2. improving our websites and
  3. preventing and recognising errors/malfunctions and the misuse of the websites.

 

This type of data processing is either undertaken for the performance of the contract regarding the use of CHG-MERIDIAN AG’s website or because we have a legitimate interest in guaranteeing the functionality and error-free operation of CHF-MERIDIAN AG's websites and adapting these websites to suit users’ requirements.

After users have logged into TESMA® within our customer area, log files are processed and stored with an additional user identifier that is assigned internally.

After the user has logged into TESMA®, these log files encompass the following data: user identifier, browser version, the operating system used and the date and duration of the visit.

We process data within this framework to fulfil our contractual obligation to our customers and to render our service. The legal basis for data processing within this framework is article 6 (1) (b) GDPR. In addition, we are contractually bound to instructions under a processor contract and have suitable technical and organisational measures in place to protect the rights of the data subject.

 

Email contact

If you send us enquiries or information via email, your details (email address, content of your email, subject line of your email, and date/time), including the contact information provided by you in it (e.g. signature, such as first name, last name, telephone number if given, address) will be stored for the purpose of handling the enquiry and dealing with follow-up questions. We will not disclose this information without your consent. The legal basis for the collection and processing of the data is article 6 (1) (a) GDPR.

Users are reminded that emails can be read or changed while they are being transferred, without this act being authorised or detected. CHG-MERIDIAN AG uses software to filter out undesired emails (a spam filter). The spam filter means that the system can put emails into the spam folder if certain characteristics cause them to be wrongly identified as spam, meaning that they may not reach us.

The data you provide remains with us until you request that it is erased, you withdraw your consent for the storage of the data or the purpose of storing the data lapses (e.g. once your enquiry has been processed to completion). Mandatory statutory provisions, particularly retention periods, remain unaffected by this.

3 Use of TESMA®

Cookie-based services

We use ‘cookies’ on our websites to make visiting our website a more attractive experience and to enable certain functions to be used. Cookies are small text files that are stored on your end device. They are a standard internet technology for storing and accessing log-in details and other user information for all users of CHG-MERIDIAN AG’s websites. They also enable us to store user settings, permitting our websites to be displayed in a format tailored to your device.

The use of cookies serves our legitimate interest in making your visit to our website as enjoyable as possible and preventing you from inputting information multiple times or adjusting your settings repeatedly. The legal basis for this is article 6 (1) (f) GDPR.

Some of the cookies we use are deleted after the end of the browser session, or, in other words, after you close your browser (known as ‘session cookies’). Other cookies remain on your end device and make it possible for us or our partner companies to recognise your browser during your next visit (known as ‘persistent cookies’).

You can adjust your browser's settings so you are informed when cookies are placed and can make an individual decision as to whether to accept them, accept them under certain circumstances or universally exclude them. In addition, cookies can be retrospectively deleted to remove data that websites have stored on your computer. If cookies are deactivated, this may limit the functionality of CHG-MERIDIAN AG ’s websites.

 

Deactivate or remove cookies (opt-out)

Web browsers offer options for limiting and deleting cookies. Further information on this can be found on the following websites:

 

Our services

Registering on the website and logging in

You have the option of registering on our website. Registration serves the purpose of offering you content or services that can only be offered to registered users due to the nature of the matter at hand. To do so, we require the following data: first name and last name, email address. This data is required for registration, and by extension, for the fulfilment of our contractual obligation.

Logging into our website with your log-in details also leads to the IP address provided by the data subject’s internet service provider (ISP), the date, and the time of log-in being stored. This data is stored because this is the only way that the misuse of our services can be prevented and because this data is required, when necessary, to shed light on crimes that have been committed. To this extent, this data needs to be stored for our protection. In principle, this data is not disclosed to third parties, unless there is a statutory obligation for disclosure or the disclosure is in the interests of law enforcement.

The legal basis for processing is the performance of a contract pursuant to article 6 (1) (b) GDPR.

Contact form/enquiries

On our website, you have the option of sending us enquiries via a contact form. Here, your details from the contact form (content of your enquiry, subject line of your enquiry and date), including the contact details you provide (first name, last name, company, telephone number and email), are stored by us for the purpose of handling the enquiry and in the event of follow-up questions. The legal basis for the collection and processing of the data is article 6 (1) (a) GDPR.

The data provided by you via the contact form remains with us until you request that it is erased, you withdraw your consent for the storage of the data or the purpose of storing the data lapses (e.g. once your enquiry has been processed to completion). Mandatory statutory provisions, particularly retention periods, remain unaffected by this.

Shop function

Our websites give you the option of using shop functions. To this end, we collect additional contact and address data for the following purposes:

We process your data for the following purposes:

  • To process your order and, if necessary, return your order
  • In addition, we process your data to manage your personal account
  • To send text messages about your order’s shipment status
  • To make contact in the event that there are problems with delivering your goods

We may need to disclose this data to third parties such as processors, shipping services, banks, the tax office etc. in order to fulfil our contractual obligations. The legal basis for the collection and processing of data is article 6 (1) (b) GDPR.  This data remains stored for the entire usage period. Mandatory statutory provisions, particularly retention periods as per the provisions of trade law and tax law, remain unaffected by this.

Feedback function

Our websites give you the option of leaving feedback. This feedback can be accessed by the TESMA community. Your comment will be stored and published with the user name stated by you and details about when the comment was left. In addition, the IP address of the data subject provided by the internet service provider will be logged as well.

Information service

When you write a comment, you can tick a box for our email service. This will inform you if other users leave a comment on your post. You can turn off notifications at any time by clicking the link within the email.

4 Data security

CHG MERIDIAN AG has implemented appropriate technical and organizational measures to ensure a level of security, appropriate to the risk. This type of risk analysis includes estimating the risk that the data subject’s rights will be compromised, the costs of implementation and the nature, scope, context and purpose of data processing.

These measures encompass:

  1. encrypting personal data, provided this is necessary and appropriate;
  2. ensuring the confidentiality, integrity and availability of the processing systems and services, and their reliability in the event of malfunction;
  3. guaranteeing the availability of and access to personal data in the event of a physical or technical incident, and its timely restoration;
  4. creating a procedure for regularly reviewing and assessing the effectiveness of technical and organisational measures to guarantee the security of processing.

5 Data transfer

Recipients of personal data

CHG-MERIDIAN AG only grants access to personal data if this is absolutely necessary. This access is limited to the personal data required for the purpose in question.

The authorisation for access to personal data is always associated with a purpose, meaning that universal approval for access to personal data is not granted. Service providers only receive personal data in line with the purpose of their contractual relationship with the company.

 

International data transfer

International data transfer relates to the transfer of personal data outside the European Economic Area (EEA). The international presence of CHG-MERIDIAN AG involves the transfer of personal data from and to other group companies or third parties located outside the EEA. When personal data is transferred to countries with different data protection standards, CHF MERIDIAN AG will ensure that suitable measures are taken to provide personal data with adequate protection, ensuring that data transfers are performed in compliance with the applicable data protection legislation. CHG-MERIDIAN AG has implemented data transfer agreements on the basis of EU standard contractual clauses to cover international data transfers. The data protection officer can provide a copy of these agreements on request.

6 Storage periods

CHG-MERIDIAN AG will not process your personal data for longer than permissible in line with applicable data protection legislation and provisions. This applies subject to the applicable local retention requirements.

7 Note regarding minors

This online offering is not suitable for minors under the age of 16. Individuals who are under the age of 16 may not transfer personal data to CHF-MERIDIAN AG without the permission of their parent or guardian.

8 Your rights

Within the framework of the applicable data protection legislation, you have the following rights:

  • The right of access, the right to rectification, and the right to erasure of personal data;
  • The right to restriction of processing and the right to object to processing;
  • The right to data portability, as applicable;
  • The right to revoke your consent to processing; and
  • The right to file a complaint with the supervisory authority.

9 Final provisions

External links

Our website contains links to websites offered by other providers, We hereby indicate that we have no influence over the content of the linked websites and their providers’ compliance with the provisions of data protection legislation.

 

Changes to our Privacy Policy

This Privacy Policy can be changed and expanded from time to time. CHF-MERIDIAN AG is only permitted to adapt this Privacy Policy to take local and general legal provisions into account. In the event that this Privacy Policy contradicts with a specific local law, local laws take precedence.