Data Protection Policy in terms of information to be provided according to Art. 13/14 GDPR
- Introduction
The following data protection policy inform you, as the data subject, what personal information we collect about you when you visit our website and, where appropriate, use our web services and how we process your data.
- Controller responsible for data processing
The data controller as defined by the EU General Data Protection Regulation (GDPR) and other national data protection legislation of the European Union member states as well as other statutory data protection regulations is:
E Fluid Technology Co., Ltd.
Unit 104, Building 6, No.650 Shunqing Lu, Shanghai
Postal code: 201612
Phone +86 (0) 21 / 6477 9206
Fax +86 (0) 21 / 6477 9207
E-Mail: info@e-fluid.com
- Controller responsible for data processing
The data controller as defined by the EU General Data Protection Regulation (GDPR) and other national data protection legislation of the European Union member states as well as other statutory data protection regulations is:
- General information on data processing
- Scope and purpose of the processing of personal data We process personal data of our users insofar as this is required to provide a functioning website as well as to use our content and services. Technical data (such as web browser, operating system, or page access time stamp) is automatically collected by our information technology systems as soon as you enter our website.
- Legal basis for the processing of personal data
If we ask a data subject for consent to use his or her personal data for processing operations, Art. 6 Para. 1 lit. a GDPR serves as the legal basis.
When it is required that we process personal data to perform a contract to which the data subject is a party, Art. 6 Para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are required to carry out pre-contractual measures.
If we are required to process personal data to fulfil a legal obligation to which our company is subject, Art. 6 Para. 1 lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para. 1 lit. d GDPR serves as the legal basis.
If processing is required to safeguard a legitimate interest of our company or a third-party and the interests, constitutional rights and fundamental freedoms of the data subject do not outweigh the first-named interest, Art. 6 Para. 1 lit. f GDPR serves as the legal basis for the processing. - Data recipients or categories of recipients Generally, there is no transfer of this personal data to third parties. However, the operation of this website may require that technical service providers have access to personal information. In these cases, we will - as far as known - specify the scope of the data and the data recipients.
- Transfer to third countries The web servers of our company are located within the European Union (EU) or the European Economic Area (EEA) and we do not process data outside of the EU or the EEA. Nevertheless, we include helpful services on our website for you as a user (for example Google Maps from the USA) and point to third-party transfer in these cases.
- Storage period or criteria used to determine that period The personal data of the data subject is erased or blocked as soon there is no longer a purpose for storage. Storage can take place beyond this if it is provided for by Union law directives, laws or other regulations by European or national legislators to which the controller is subject. Data is also blocked or erased if a retention period prescribed by the standards mentioned expires, unless there exists a requirement for further storage of the data for the conclusion of a contract or the performance of a contract.
- Rights of the data subject
If personal data that concerns you is processed, you are a data subject within the meaning of the GDPR and you have the following rights with regard to us as the data controller:
- The right of access to your processed data pursuant to Art. 15 GDPR.
- The right to rectification of incorrect or incomplete personal data stored with us pursuant to Art. 16 GDPR.
- The right to erasure of your personal data pursuant to Art. 17 GDPR, provided that the prerequisite for erasure is met.
- The right to restriction of processing pursuant to Art. 18 GDPR, if the prerequisite is met.
- The right to receive the personal data concerning you, which you have provided us, in a structured, commonly used and machine-readable format, provided that the requirements for data portability pursuant to Art. 20 GDPR are met.
- The right to object to processing of personal data concerning you, on grounds relating to your particular situation, pursuant to Art. 21 GDPR, if the processing of the data is based on the legitimate interest according to Art. 6 Para. 1 lit. f GDPR.
- The right to withdraw your granted consent pursuant to Art. 7 Para. 3 GPDR.
In addition, you have the right to lodge a complaint with a supervisory authority according to Art. 77 GPDR, if you consider that the processing of personal data relating to you infringes the regulation. You can contact the supervisory authority of your usual place of residence or work place as well as our company headquarters.
A list of the German supervisory authorities with address can be found at: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html More detailed information on your rights regarding the processing of your personal data you can read here.
- Data processing in detail
- Transfer by means of SSL/TLS encryption This website uses SSL or TLS encryption for security reasons and to protect the transfer of confidential content. The encrypted connection is guaranteed by the hypertext transfer protocol HTTPS (“https://”). In this instance, data which is transmitted to us by a user cannot be read by third parties.
- Provision of website and generation of log files
- Description and scope of the processing of personal data
Every time our website is accessed, our system automatically captures data of the accessing device. The following data might be collected:
- Browser type and version used
- The user’s operating system
- The user’s IP address
- Date and time of access
- Websites from which the user accesses our website (referrer)
- Websites accessed by the user through our website
- Legal basis for the data processing The legal basis for the temporary storage of data and the log files is Art. 6 Para. 1 lit. f GDPR.
- Purpose of the data processing
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. The user’s IP address must be stored for the duration of the session.
The storage in log files is carried out to ensure the functioning of the website. In addition, the data serves to optimise the website and to ensure the security of our IT systems. These purposes include our legitimate interest in the data processing pursuant to Art. 6 Para. 1 lit. f GDPR. - Data recipients The recipient of the data may be technical service providers who are responsible for the operation and maintenance of our website.
- Duration of storage
The data is erased as soon as it is no longer required to achieve the purpose of its collection. This happens when the particular session has ended, in the event of data being captured for the provision of the website.
When data is stored in log files, it is erased after seven days. It is possible for data to be stored beyond this point. In this instance, the IP addresses of users are erased or anonymized, so that an association with the accessing client is no longer possible. - Obligation to provide, Withdrawal/objection and removal option The capture of data to provide the website and the storage of data in files is an absolute requirement needed for the operation of the website. For this reason, an objection is excluded.
- Description and scope of the processing of personal data
Every time our website is accessed, our system automatically captures data of the accessing device. The following data might be collected:
- Use of cookies
This website uses cookies in the form of analysis cookies (see below). When our website is accessed, users are notified of the use of cookies purposes by an info banner and referred to this data protection policy.
Cookies are stored on the user’s device and transmitted from there to our website. By changing the settings in your web browser, you can deactivate or restrict the transfer of cookies. Cookies that have already been stored can be erased at any time. If cookies are deactivated for our website, it is possible that not all of the functions of the website can be used in full.- Description and scope of the processing of personal data
We use on our website the open source software tool Matomo to analyse the surfing behaviour of our users. The software places a cookie on the computer of the users. If individual pages of our website are accessed, the following data is stored:
- Two bytes of the IP address of the user’s accessing system
- Website accessed
- Websites from which the user has reached the accessed website (referrer)
- Subsites, which are accessed by the accessed website
- Length of time spent on the website
- Frequency of access to the website
- Legal basis for processing personal data The legal basis for processing the personal data of users is Art. 6 Para. 1 lit. f GDPR.
- Purpose of the data processing The processing of the personal data of users enables us to analyse the surfing behaviour of our users. By analysing the captured data, we are able to compile information on the use of individual components of our website. This helps us to constantly improve our website and its user-friendliness. These purposes include our legitimate interest in the processing of personal data pursuant to Art. 6 Para. 1 lit. f GDPR. By making the IP address anonymous, the interest of users in having their personal data protected is sufficiently accounted for.
- Duration of storage The data is erased as soon as it is no longer needed for our recording purposes. In our case, this is after 180 days.
- Withdrawal/objection and removal option
You may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the used web browser also prevents an analysis cookie from being set on the device of the data subject. In addition, analysis cookies already in use may be erased at any time via web browser settings.
Furthermore, users have the option of objecting to and preventing the collection of data generated by Matomo relating to the use of this website. For this purpose, we offer the users of our website the option of opting out of the analysis process.
- Description and scope of the processing of personal data
We use on our website the open source software tool Matomo to analyse the surfing behaviour of our users. The software places a cookie on the computer of the users. If individual pages of our website are accessed, the following data is stored:
- Contact form and email contact
- Description and scope of the processing of personal data
A contact form is available on our website, which can be used for contacting us electronically. If a user takes this option, the data entered in the input mask is transmitted to us and stored.
At the time of sending the message, the following data is also stored:- The user’s IP address
- Date and time
- Information about the browser type and version used
- The user’s operating system
Alternatively, you can contact us using the email address provided. In this instance, the user’s personal data transmitted with the email is stored.
Data is used exclusively for the processing of the conversation. Data is not passed on to third parties in this context. - Legal basis for processing personal data
The legal basis for this processing is our legitimate interest in the context of a balance of interests pursuant to Art. 6 Para. 1 lit. f GDPR, as we have a legitimate interest in answering your contact request.
If the purpose of your contact is to initiate or to conclude a contract, the additional legal basis for the processing is pursuant to Art. 6 Para. 1 lit. b GDPR. - Purpose of the data processing The processing of personal data that we obtain from the input mask serves only to enable us to process your contact with us. If you contact us by email, there is also the required legitimate interest in the processing of data. The other personal data processed during the sending procedure serves to prevent misuse of the contact form and to ensure the security of our IT systems.
- Duration of storage
The data is erased as soon as it is no longer required to achieve the purpose of its collection. This is the case for personal data from the input mask of the contact form and the personal data that was sent with the email, if the conversation concerned is finished with the user. The conversation is terminated when it can be inferred from the circumstances that the facts in question have been finally clarified.
The additional personal data collected during the sending procedure is erased after a period of 14 days.
- Description and scope of the processing of personal data
A contact form is available on our website, which can be used for contacting us electronically. If a user takes this option, the data entered in the input mask is transmitted to us and stored.
- Google Maps
- Description and scope of the processing of personal data
Geographical material of the Google Maps service provided by Google LLC is included on this website via an API. In order to show the content in your browser, Google receives the following personal data:
- The user’s IP address
Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA
Together with Google Inc. we are joint controllers for this data processing.
For more information about Google's data processing, see the Google Privacy Policy at https://policies.google.com/privacy?hl=en. - Legal basis for processing personal data The legal basis for the processing of data is Art. 6 Para. 1 lit. b GPDR, as the IP address is needed to provide you the content. In this processing, our cooperation with Google is based on a joint liability agreement under Art. 26 GDPR, which you can access at https://privacy.google.com/intl/de/businesses/mapscontrollerterms/
- Purpose of the data processing We integrate the Google Maps API into our website to visually present geographic information to our users and for helping you to find us faster and easier.
- Third country transfer The personal data will be transferred to the USA under the EU-US Privacy Shield on the basis of the adequacy decision of the European. You can find the certificate at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI.
- Duration of storage We have no influence on the storage of data by Google and cannot give information about the storage duration.
- Obligation to provide Google cannot provide you with this embedded content without receiving your IP address.
- Withdrawal/objection and removal option If you do not want Google to process your personal data when you visit our website, you can disable or block JavaScript in your web browser settings. In this case you cannot use the map function any more.
- Description and scope of the processing of personal data
Geographical material of the Google Maps service provided by Google LLC is included on this website via an API. In order to show the content in your browser, Google receives the following personal data:
- Final note
Users are requested to keep themselves informed regularly about the contents of the data protection policy.
- Changes to the data protection policy We reserve the right to change this data protection policy to adapt to changed legal positions or changes to the services and the data processing.
- Date of the data protection policy This data protection policy is currently valid as of 31/10/2019.