We, edding International GmbH (hereinafter referred to as “edding”), have written this privacy statement to inform you about the personal data we collect when you interact with our website, how these data are used and your options for influencing the way we collect, store and process data (hereinafter also referred to as “use”).
1. Responsibility and contact
The controller responsible for the use of personal data within the terms of the General Data Protection Regulation (hereinafter referred to as “GDPR”) is edding International GmbH, Bookkoppel 7, 22926 Ahrensburg, Germany, telephone +49 (0)4102 808-0, email@example.com.
The company’s data protection officer, Herr Andreas Daniel, can be reached via the contact details above.
If you would like to view or update personal data, or have questions about privacy in relation to our website, please email firstname.lastname@example.org or write to us at the above address.
2. Use of personal data
Personal data means any information relating to an identified or identifiable natural person (data subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2.1 Collection with your cooperation
We collect and store your personal data when you use this website if you provide us with such data voluntarily. We use such personal data without specific consent solely for the purpose of dealing with your request or question. You are free to choose whether to provide us with your data for the stated purposes. If the nature of your request or question permits, you can also interact with us anonymously, or by using a pseudonym. We will always obtain your express consent to use your personal data for other purposes (in particular for advertising).
In principle, we will only store your data for the length of time required to deal with your request or question. Data required for internal administrative purposes, in particular for commercial purposes and in order to defend legal claims, will not be erased until such data are no longer required for the purpose in question (legal basis is Art. 6 (1f) GDPR), but until that time will be barred from being used for any other purpose.
2.1.1 Email enquiries
If you send us an email, we will store your email address and any personal information that the message contains (legal basis is Art. 6 (1f) GDPR). We only do this in order to be able to deal with your enquiry, and we will erase the data in question once the data are no longer required. You may also assert your rights as a data subject (see point 5) at any time with regard to the processing of data; in particular, you can object to the corresponding processing of data.
2.1.2 Enquiries using the contact form
If you have contacted us using the contact form and have agreed the declaration of consent shown below, we will use your personal data as follows:
In order to process the form, the personal data you have entered in the corresponding entry fields of the contact form will be collected and stored.
Depending on the matter in question, this shall include the following personal data in particular:
- email address
- telephone number
Furthermore, you can compose a message to edding in the area of the contact form provided for this. If you enter any personal data as part of your message, these data will also be collected and stored.
These personal data are used exclusively in order to deal with your enquiry and are stored in the event that you have further questions. The enquiry may be forwarded by email to the relevant individual(s) within the company in order for us to be able to respond to your enquiry.
If you fill in the contact form or send an email to express interest in specific or general goods or services offered by edding, we will use the data you have provided so that we may advise you and, where necessary, send you information about these goods or services.
We use your personal data for the stated purposes on the basis of your consent (legal basis is Art. 6 (1a) GDPR). Furthermore, we store your IP address and the time at which you gave your consent to document the fact that you have given your consent.
On the website www.edding.com, edding provides a newsletter that contains news about products, services and promotions. We will use your personal data as follows if you subscribe to the newsletter and if you have consented to receiving the newsletter when you register:
When you subscribe to the newsletter, we will store your email address. Futhermore, you are able to submit your title, forename, surname and date of birth. The same applies to your interests. We use these data for internal statistical purposes and in order to personalise your newsletter.
We use what is known as the "double opt-in process" when you sign up for our newsletter. After you have signed up for our newsletter, we will send an email to the email address you have provided and will ask you to confirm that you have asked to receive the newsletter. If you confirm your subscription, the newsletter will be sent to your email address until further notice. If, on the other hand, you do not confirm your subscription, your registration will be automatically deleted after 48 hours.
We use your personal data for the stated purposes on the basis of your consent (legal basis is Art. 6 (1a) GDPR). Furthermore, when you sign up for and confirm your newsletter subscription, we store your IP address and the time at which you gave your consent to document the fact that you have given your consent.
We use MailChimp, a service of the Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA (hereinafter "MailChimp"), to structure the remaining content, distribute our newsletter and to analyse the response. We have concluded a data processing agreement with MailChimp for this purpose. This agreement ensures that MailChimp processes your personal data exclusively according to our instructions and in accordance with current data protection law. MailChimp is licensed under the EU-US Privacy Shield and therefore guarantees a level of data protection which corresponds to the standards of European laws on the protection of personal data.
If you sign up our newsletter, your email address and other personal data that you have given us in order to personalise the newsletter will therefore be stored on MailChimp's servers in the USA. MailChimp uses this information to send out our newsletters and to analyse user behaviour once the newsletter is received. MailChimp collects technical information when analysing use, in particular with regard to the browser used, the IP address and the time of download. MailChimp establishes whether and when a newsletter or the links it contains are opened. This information is used exclusively to make a better assessment of the expectations of the newsletter recipient and to adapt the content accordingly. In addition, it is also possible for MailChimp to use these data to optimise or improve its own services (for example, making newsletter distribution more efficient), by recording the language settings, location data or time zones. At no time will MailChimp write to you for its own ends using your personal data, or pass your data on to third parties.
The legal basis on which the newsletter is distributed is the consent for which provision is made in Art. 6 (1a) GDPR. We therefore use the services of MailChimp as our processor on the basis of the statutory consent given in accordance with Art. 6 (1f) GDPR. Our legitimate interest lies in the centrally coordinated offer of a legally compliant and interest-specific newsletter by a professional provider. If you no longer wish to receive the newsletter, you may cancel at any time (Art. 21 GDPR), or withdraw your consent (Art. 7 (3) GDPR) and thereby unsubscribe from the newsletter. To do so, click on the link that can be found in each newsletter. You will then be taken through the subscription cancellation process. Alternatively, you can cancel the newsletter by sending an email to email@example.com.
2.2 Collection of data without your cooperation
We collect and use personal data generated automatically by your visit to our website in order to provide our services. The authoritative legal basis for this analysis of user behaviour is section 15 (3) of the German Telemedia Act [Telemediengesetz] and Art. 6 (1f) GDPR. Our legitimate interest lies in offering a user-friendly service, optimising our product to meet our customers’ expectations, for example by tracking how users reach our website, the content that is of interest when they do and how much time is spent viewing it. We can then offer products that correspond more specifically to interests on this basis.
2.2.1 Log files and (session) cookies
Whenever you visit our website, our server temporarily notes your computer’s IP address, the client’s file request (filename and URL) and the http status code, as well as the website from which you have visited us, in what are known as log files. We store your IP address for seven days to highlight abuse (spam, virus, worms, etc.) and to identify and rectify problems.
Furthermore, our website uses “cookies” in several places, designed to make our products more user-friendly and efficient. Cookies are small text files which do not contain any personal data. These are placed on your computer and stored by your browser. These data are not combined with other data sources. Most of the cookies we use are “session cookies” and are deleted once you finish browsing.
Cookies do not damage your computer per se and do not contain viruses. You can set your browser so that it does not accept cookies at all or so the cookies are deleted at the end of your browser session. Please note that you may not be able to use all of our website’s functions if you do so.
2.2.2 Web analytics
This website uses Matomo to analyze user behaviour. Matomo is a free and open source software project in which many developers from different countries and professional backgrounds are engaged.
Matomo sets cookies in your local browser. The information stored in these cookie files is transferred to our web analytics server on every page view. We do not process any personal data: Your IP address is masked before any data gets stored.
We host our analytics software on our own servers and do not share this data with any third parties unless we grant access to our analytics software for technical reasons, e.g. regular updates.
You can prevent the tracking mechanism from working in your local browser by opting out in the form below. Furthermore, Matomo recognizes the "Do not track" setting which is available in most modern browsers.
You will find more information about Matomo at matomo.org.
3. Forwarding of data
Some data may have to be forwarded to comply with contractual and statutory requirements:
3.1 Forwarding to external service providers
Service providers come into contact with our customers’ personal data only within the scope of data processing. There is express legal provision for this (Art. 6 (1f) GDPR in conjunction with Art. 28 GDPR) in accordance with our legitimate interest in offering our services on a more user-friendly, secure and more operationally meaningful basis.
In this case, too, edding remains responsible for protecting your data. The service provider works exclusively in line with our instructions, which we ensure through strict contractual regulations, technical and organisation measures and additional checks.
3.2 Forwarding on the basis of statutory obligations
We reserve the right to disclose your personal data if we are obliged to do so by law, or if we are asked to provide such information by officials or prosecution authorities. Beyond this, we do not pass any data on to third parties.
4. Data processing location and data security
In principle, your data are processed in Germany. In individual cases, the data may also be processed outside Germany if permitted by law. We have taken comprehensive, state-of-the-art technical and organisational safety measures in accordance with European data protection law (Art. 32 GDPR) to protect your data from unauthorised access and abuse.
5. Rights of the data subject
You can request information about the scope, origin and recipients of the stored data and the reason for which such data are stored, free of charge, at any time (Art. 15 GDPR). You can ask for incorrect data to be rectified at any time (Art. 16 GDPR). You also have the option of receiving the personal data relating to you in a structured, commonly-used and machine-readable format (Art. 20 GDPR). You can object to the use of your personal data in future (Art. 21 GDPR), request partial or complete erasure (Art. 17 GDPR), restrictions on the processing thereof or blocking (Art. 18 GDPR).
We will verify your request and comply with it, provided there is no other statutory basis for processing. We will inform you of the outcome.
No special format is required when asserting your right to information. Send an email to firstname.lastname@example.org or a letter to the above address.
You will find detailed information about this website's provider in our legal notice.