PRIVACY POLICY

Privacy Policy

This privacy policy is related to the usage of our website gliwa.com, to our applications, and online services. As the protection of personal data is of particular concern to us, we only process the data exclusively on the basis of the statutory provisions and in compliance with the relevant data protection regulations.


Data Controller

GLIWA GmbH & Co. KG
Pollinger Str. 1
82362 Weilheim i. OB
Germany
fon +49 - 881 - 13 85 22 - 0
fax +49 - 881 - 13 85 22 – 99

Data Protection Officer (DPO)

You can reach our external DPO under the following coordinates:

Joachim Maass
DATA PRO SECURITY @ Maass Consulting GmbH
Feichtetstr. 23
82343 Poecking / Starnberg
Germany

E-Mail:
Fon: +49 8151 4468967
www.data-pro-security.com

 

Processing of data

Browsing the website

Every time you visit our website, your browser transmits the following data:

  • The IP address
  • The date and time of request
  • Time zone difference
  • Content of the request (specific page)
  • The quantity of any data transferred
  • The website from which the request comes
  • The browser
  • The operating system and its interface
  • The language and version of the browser software.

We do not collect other personal data. The legal basis for this is Article 6 (1) (f) GDPR. The above listed data is collected in logs, which are also used to ensure the functionality and optimization of the website. We cannot create user profiles derived from this data.

Contacting us via e-mail

If you contact us via e-mail, your name, e-mail address, and if stated in your signature, the address, and telephone number will be stored to answer your questions. We advise you to select the inbox of your need:

Data processing is carried out based on the statutory provisions of Art. 6 para. 1 lit. b of the GDPR. The processing of the data serves the fulfilment of (pre-)contractual purposes.

Data Transfer within the GLIWA Group

Within the context of central customer service, administration, and development, a transmission of personal data within the companies of the GLIWA Group takes place.

This means that a transmission only occurs if you place an order or are in customer contact with us, for example by e-mail.

The recipient of the personal data for processing are:

  • GLIWA Ltd, Great Britain
  • GLIWA India, India

The GLIWA Group obliges its affiliated companies through internal guidelines to implement technical-organizational measures to ensure the security of processing.

The web pages and protocols are located exclusively on servers in Germany.

Data protection for applications and during the application process

We collect and process the personal data of applicants for the purpose of processing the application process. Processing may also be carried out electronically. This is particularly the case if an applicant submits corresponding application documents electronically, for example by e-mail. If we conclude an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If no employment contract is concluded with the applicant, the application documents will be deleted six months after notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests of the controller. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

Data Processing Information for T1 Customers

It is not possible to use our product T1 without the registration of the license.

After a contract is already established, only the name of the responsible contact person at the customer (the ‘License Admin') and the company of the license are stored in our license manager.

The basis for this specific kind of data processing is Article 6(1)(f) GDPR. The processing of the data serves exclusively the fulfilment of the contract in connection with the license management in order to prevent illegal use of software.

We only transfer the personal data to third parties if this is done on the basis of your consent, if this is necessary for billing purposes (carrying out bank transactions), the delivery of goods (delivery by postal service providers) or otherwise necessary to fulfil our contractual obligations towards you.

Personal data will be deleted as soon as they have fulfilled their purpose and the deletion does not conflict with any retention obligations.

Integration of YouTube videos

Our online training offer contains product videos and trainings on the platform YouTube. You will find several links to our YouTube channel on the web page, which means, when clicking the link, you are leaving the webpage gliwa.com.

YouTube is an offer of YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, a subsidiary of Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA. Further information on the purpose and scope of data processing (also outside the European Union and outside the USA) as well as information on setting options to protect your privacy can be found in the data protection declaration: policies.google.com/privacy.

Links to Third-Party Websites

It is possible that our website contains links to third-party websites. If you follow the links, you will leave GLIWA embedded systems websites and the scope of application of this Privacy Policy. GLIWA embedded systems cannot accept any responsibility for the data protection methods or content of such websites.

Cookies

This website dos not use tracking cookies.

Social Media

We use the following social media platforms for company presentation and communication. For this purpose, our website contains simple (and non-embedded!) links to LinkedIn and YouTube. The links to the websites of the social media platforms can be recognized by the respective company logo. When you click on the symbols, no data is processed, but you are redirected to the company appearance of GLIWA embedded systems on the respective social media platform. Only then will data be processed from the respective provider in its own responsibility. Information on the processing of your personal data when using the provider's website can be found here or in the information on data protection of the respective provider. The following linked data protection information and opt-out options are expressly referred to. We have no influence on the fact that the providers of the social media platforms comply with the data protection regulations.

  1. YouTube:

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, Headquarter: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Privacy policy: https://policies.google.com/privacy; Privacy Shield (ensuring a level of data protection when processing data in the USA):
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Possibility of opposition (Opt-Out): Opt-Out-Plugin:
http://tools.google.com/dlpage/gaoptout?hl=de

Settings for the display of advertisements: https://adssettings.google.com/authenticated.

  1. LinkedIn:

Provider: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Privacy Policy:
https://www.linkedin.com/legal/privacy-policy;

Privacy Shield (ensuring a level of data protection when processing data in the USA):
https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

Possibility of opposition (Opt-Out):
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

These social media platforms may process personal data outside the EU. In this respect, we refer to the above data protection notices of the social media platforms. The respective social media platforms may be able to create user profiles and store cookies on your computer from your usage behavior and the resulting interests and activities on your part. If you have an account on the respective social media platform and are logged in, your usage behavior can even be stored independently of the device. If you log out before pressing the link, you can at least partially avoid data processing.

We process the personal data exclusively for communication with you via the social media platform you have chosen and for optimizing our online presence. We make sure that no interests on your part are affected here, which outweigh this legitimate interest on our part (Art. 6 I p. 1 f GDPR). Thus, as you have already given effective consent about the corresponding data processing to the respective provider of the social media platform, the processing of your personal data also takes place on the basis of this consent (Art. 6 I p. 1 a GDPR).

Newsletter

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter.

We use the so-called double opt-in procedure to ensure that the newsletter is sent with your consent. In the course of this, the potential recipient allows to be included in a distribution list. Subsequently, the user is given the opportunity to confirm the registration in a legally secure manner by means of a confirmation e-mail. Only if the confirmation is received, the address will be actively included in the distribution list. The processing of the data entered in the newsletter registration form takes place exclusively based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of data, the e-mail address and their use for sending the newsletter via the "unsubscribe" link in the newsletter.
The legality of the data processing operations that have already taken place remains unaffected by the revocation. The provided data for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after unsubscribing from the newsletter. Data stored by us for other purposes remain unaffected by this.

We use this data exclusively for sending the requested information and offers.

Our e-mail newsletters are sent via the technical service provider Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin (hereafter referred to as "Brevo”), to whom we pass on your data provided when registering for the newsletter. Brevo is a German, certified provider, which was selected in accordance with the requirements of the General Data Protection Regulation and the Federal Data Protection Act. This transfer takes place in accordance with Art. 6 para. 1 lit. f GDPR and serves our legitimate interest in the use of an advertising-effective, secure, and user-friendly newsletter system. The data entered by you for the purpose of subscribing to the newsletter (e.g., name, e-mail address) will be stored on the servers of Brevo in Germany.
Brevo uses this information to send and statistically evaluate the newsletter on our behalf. For the evaluation, the e-mails sent contain so-called web beacons or tracking pixels, which represent one-pixel image files that are stored on our website. In this way, it can be determined whether a newsletter message has been opened and which links have been clicked, if any. With the help of so-called conversion tracking, it can also be analyzed whether a predefined action has taken place after clicking on the link in the newsletter. In addition, technical information is collected (e.g., time of retrieval, IP address, browser type and operating system). The data is collected exclusively pseudonymized and is not linked to your other personal data, a direct personal connection is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you wish to object to data analysis for statistical evaluation purposes, you must revoke the newsletter subscription and unsubscribe. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
We have concluded an order processing contract with Brevo, in which Brevo is prohibited from selling your data and using it for purposes other than sending newsletters.

You can find more information here: https://www.brevo.com/de/informationen-newsletter-empfaenger/?rtype=n2go
The privacy policy of Brevo can be viewed here: https://www.brevo.com/de/dsgvo/

You can revoke your consent to the storage of data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter.

Data Protection Rights

As a data subject to the data protection rights, you have the following rights:

  1. Right to Access, Rectification or Erasure

You are entitled by law to access, at any time, personal data stored about you, its source, recipients and the purpose for which it is stored (Art. 15 GDPR). In addition, you have the right to demand that your data be rectified (Art. 16 GDPR) or erased (Art. 17 GDPR).

  1. Right to Restrict Processing

Where the statutory requirements are met, you may demand that processing be restricted (Art. 18 GDPR).

  1. Right to Data Portability

Furthermore, where the requirements specified in Art. 20 GDPR are met, you have the right to receive the data which you provided to us in a structured, commonly used and machine-readable format.

  1. Right to Object to Processing of Data in an Individual Case

You have the right to object, on grounds relating to your particular situation, at any time, to the processing of personal data concerning you if the processing is not based on a legitimate interest or a weighing of interests on our part (Art. 21 GDPR). We will cease processing your data unless we are able to demonstrate compelling legitimate grounds for continuing to do so.

  1. Right to Object to Processing of Data for Direct Advertising Purposes

In addition, you may, at any time, object to the processing of your personal data for advertising purposes (Art. 21 GDPR). Where you object to processing for direct marketing purposes, we will no longer process your personal data for such purposes.

  1. Right to Revoke Consent

Insofar as the processing of your personal data is based on your consent, you may, at any time, revoke your consent to such processing with future effect. We will delete your data unless there is a statutory storage and retention period. In such case, your data will be blocked unless a legal basis for processing exists.

  1. Right to Lodge a Complaint with the Competent Authority

If you are of the opinion that the processing of your data violates data protection rights, or your data protection claims have otherwise been violated in any way, you can also contact the responsible data protection supervisory authority, https://www.lda.bayern.de/de/index.html.

Contact

All requests for information, deletion and correction, requests for information, requests for data portability, objections to data processing, etc. should be sent by e-mail to . Please ensure that you can be clearly identified.

Whistleblowing Platform

GLIWA is providing the e-mail address for use by anyone, who, acting in good faith, has reasonable grounds to believe that an entity or authority has breached the legal acts referred to in Article 4(3) of Council Regulation (EU) No 1024/2013 (the SSM Regulation) and wishes to submit relevant information to GLIWA.

Please make sure to send your e-mail anonymously as e.g., described here: https://cybernews.com/secure-email-providers/how-to-send-an-anonymous-email/ .

The data is sent anonymously to our internal HR mediators, who are trained to handle your request. They will perform the necessary steps to clarify the information given.

GLIWA stores the data as follows:

After a case file has been closed, all relevant personal data will be stored for a set retention period as outlined below.

  • If a report received by GLIWA is considered relevant to the companies’ tasks, the data will be stored for five years.
  • If a report is not considered relevant to the companies’ tasks, but nevertheless concerns other tasks, the data will be stored for twelve months.
  • If GLIWA decides that a report is not relevant to any of the companies’ tasks, the data will be stored for three months.

Deletion and blocking of personal data

Your personal data will only be stored for as long as it is necessary to achieve the storage purpose or if this is ordered or provided for by legal regulations. If the purpose of storage no longer applies or if a storage period prescribed by law expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

Data Security (Security Measures)

In accordance with the legal requirements, considering the state of the art, the implementation costs, scope, circumstances, and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk.

Measures shall include ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as access, input, disclosure, ensuring availability and their separation. Furthermore, we have set up procedures that ensure the exercise of data subject rights, the deletion of data and reactions to the threat to the data. Furthermore, we consider the protection of personal data already during the development or selection of hardware, software, and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.

SSL encryption (https): To protect your data transmitted via our online offer, we use SSL encryption. You can recognize such encrypted connections by the prefix https:// in the address bar of your browser.

Changes to the Privacy Policy

We reserve the right to change the data protection information to adapt it to changed legal situation or changes to our offers. Therefore, please look at the information on a regular basis and inform yourself about the latest information on data processing and contact details before using our services and when contacting us.

Status: 12/2023