fr
nl
de
es
pl1. Data Controller and Contact Information
Data Controller under the UK GDPR: Fiberdeck® Website: https://www.fiberdeck.com
Data Protection Officer (DPO): [If required under Art. 37 UK GDPR - when processing requires regular and systematic monitoring of data subjects on a large scale or large-scale processing of special categories of data]
This privacy policy informs you about the nature, scope and purposes of collecting and using personal data on our website.
Data processing is carried out on the basis of the legal provisions of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018).
2. General Information on Data Processing
Scope of Personal Data Processing
We process personal data of our users only to the extent necessary to provide a functioning website as well as our content and services.
The processing of personal data of our users regularly takes place only after consent of the user.
An exception applies in cases where prior consent cannot be obtained for factual reasons and the processing of data is permitted by legal provisions.
Legal Bases for Processing Personal Data
Insofar as we obtain consent from the data subject for personal data processing operations, Article 6(1)(a) UK GDPR serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) UK GDPR serves as the legal basis.
Insofar as processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Article 6(1)(c) UK GDPR serves as the legal basis.
Where processing is necessary for the purposes of legitimate interests pursued by our company or by a third party and the interests, fundamental rights and freedoms of the data subject do not override those interests, Article 6(1)(f) UK GDPR serves as the legal basis for processing.
3. Provision of the Website and Creation of Log Files
Description and Scope of Data Processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer.
The following data are collected:
- Information about the browser type and version used
- The user's operating system
- The user's internet service provider
- The user's IP address
- Date and time of access
- Websites from which the user's system reaches our website
- Websites that are accessed by the user's system through our website
The data are also stored in the log files of our system. Storage of this data together with other personal data of the user does not take place.
Legal Basis for Data Processing
The legal basis for temporary storage of data and log files is Article 6(1)(f) UK GDPR.
Purpose of Data Processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.
Storage in log files is done to ensure the functionality of the website. In addition, the data serves us to optimise the website and to ensure the security of our information technology systems.
Duration of Storage
The data are deleted as soon as they are no longer necessary for achieving the purpose of their collection.
In the case of collecting data for providing the website, this is the case when the respective session has ended. In the case of storing data in log files, this is after a maximum of 7 days.
4. Use of Contact Forms
Description and Scope of Data Processing
A contact form is available on our website which can be used for electronic contact. If a user takes advantage of this possibility, the data entered in the input mask are transmitted to us and stored.
These data are:
- Name and surname
- Company/organisation
- Function (e.g. architect)
- Full address (street, city, postcode, country)
- Email address
- Telephone/mobile number
- Your message
At the time of sending the message, the following data are also stored:
- The user's IP address
- Date and time of registration
Your consent is obtained for processing the data as part of the sending process and reference is made to this privacy policy.
Legal Basis for Data Processing
The legal basis for processing the data where the user's consent is present is Article 6(1)(a) UK GDPR.
The legal basis for processing data transmitted in the course of sending an email is Article 6(1)(f) UK GDPR.
If the email contact aims at concluding a contract, then additional legal basis for processing is Article 6(1)(b) UK GDPR.
Purpose of Data Processing
The processing of personal data from the input mask serves us solely for handling the contact. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
Duration of Storage
The data are deleted as soon as they are no longer necessary for achieving the purpose of their collection.
For personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended.
The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
5. Cookies
Description and Scope of Data Processing
Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system.
When a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that enables unique identification of the browser when the website is called up again.
We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change.
Legal Basis for Data Processing
The legal basis for processing personal data using technically necessary cookies is Article 6(1)(f) UK GDPR.
The legal basis for processing personal data using cookies for analytical purposes when the user's consent is present is Article 6(1)(a) UK GDPR in conjunction with Regulation 6 of the Privacy and Electronic Communications Regulations (PECR).
Purpose of Data Processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies.
For these, it is necessary that the browser is recognised even after a page change.
Duration of Storage, Objection and Removal Options
Cookies are stored on the user's computer and transmitted by it to our site. Therefore, you as a user also have full control over the use of cookies.
By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Already stored cookies can be deleted at any time. This can also be done automatically.
If cookies are disabled for our website, it may not be possible to use all functions of the website to their full extent.
6. Embedded Third-Party Services and Content
Third-party content, services and performance from other providers may be embedded on our website, such as maps, videos or graphics (hereinafter uniformly referred to as "Content").
This always presupposes that the third-party providers of this content perceive the IP address of users, since without the IP address they could not send the content to their browser. The IP address is therefore necessary for the presentation of this content or services.
We strive to use only such content whose respective providers use the IP address solely for delivering the content. Third-party providers may also use so-called pixel tags (invisible graphics, also called "web beacons") for statistical or marketing purposes.
Through the "pixel tags", information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information can also be stored in cookies on users' devices and contain, among other things, technical information about the browser and operating system, referring websites, visit time as well as other information about the use of our website and can also be linked with such information from other sources.
Legal Basis: Article 6(1)(f) UK GDPR (legitimate interest in the economic operation of the website).
7. Data Subject Rights
Right of Access
You have the right to obtain from us confirmation as to whether personal data concerning you are being processed. Where such processing exists, you have a right of access to this personal data and to the information detailed in Article 15 UK GDPR.
Right to Rectification and Erasure
You have a right to rectification and/or completion vis-à-vis the controller, insofar as the processed personal data concerning you are inaccurate or incomplete. The controller must carry out the rectification without delay.
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay where one of the grounds listed in detail in Article 17 UK GDPR applies, e.g. when the data are no longer necessary for the purposes originally pursued.
Right to Restriction of Processing
You have the right to obtain from the controller restriction of processing where one of the conditions listed in Article 18 UK GDPR applies, e.g. if you have objected to processing, for the duration of the verification.
Right to Data Portability
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format, and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the conditions detailed in Article 20 UK GDPR are met.
Right to Object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6(1)(e) or (f) UK GDPR; this also applies to profiling based on those provisions.
The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Right to Withdraw Consent
You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Right to Complain
Under Section 164A of the Data Protection Act 2018, you have the right to make a complaint directly to us as the data controller. We will facilitate the making of complaints and provide an electronic complaint form where appropriate.
Automated Decision-Making Including Profiling
You have the right not to be subject to a decision based solely on automated processing — including profiling — which produces legal effects concerning you or similarly significantly affects you.
This does not apply if the decision is necessary for entering into, or performance of, a contract between you and the controller.
Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you consider that the processing of personal data relating to you infringes the UK GDPR.
ICO Contact Details: Information Commissioner's Office Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF Telephone: 0303 123 1113 Website: www.ico.org.uk
Response Time to Requests
We will respond to your request within 1 month. In complex cases, we may extend this period by a further 2 months, whereby we will inform you within 1 month of receipt of your request about this extension and the reasons for the delay.
8. Data Security
We use the widely established SSL (Secure Socket Layer) procedure during website visits in connection with the highest encryption level supported by your browser. This usually involves 256-bit encryption.
If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether an individual page of our internet presence is transmitted encrypted can be recognised by the closed display of the key or lock symbol in the lower status bar of your browser.
We use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties.
Our security measures are continuously improved in accordance with technological developments.
9. Data Breach Notification
In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will inform you about it without undue delay.
We will report data breaches to the ICO within 72 hours in accordance with UK GDPR obligations.
10. International Data Transfers
Personal data are not transferred to third countries outside the UK and European Economic Area (EEA), or only when:
- This is necessary for the performance of your orders
- You have expressly consented
- It is legally permitted
- There is an adequacy decision from the UK Government or European Commission
- Appropriate safeguards have been put in place (such as standard contractual clauses)
Where service providers in a third country are used, we ensure through contractual arrangements that they comply with data protection standards equivalent to those applicable in the UK and EEA.
11. Changes to the Privacy Policy
We reserve the right to adapt this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services.
The new privacy policy will then apply to your renewed visit. We will proactively communicate substantial changes to this privacy policy to you.
12. Data Protection Contact
For questions about this privacy policy, your rights or the processing of your personal data, please contact us through our contact form.