Data protection notice

(Last update: 23.02.2023)

Thank you for visiting our website, our web portal, our application or our social media channel and for your interest in our company and our products. We take the issue of the privacy of your personal data very seriously and would like you to feel secure when visiting our website.  Protecting your personal data is of great importance to Oerlikon Textile GmbH & Co. KG (“Oerlikon”) and the other companies in the Oerlikon Group. For this reason, we operate in line with the applicable legislation for protecting personal data and data security. In the following, we would like to provide you with information about the processing of your personal data in accordance with the requirements of the EU General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 – hereinafter the “GDPR”). We will update and modify this data protection notice if required. Personal data collated during visits to our website are processed by us according to the legal provisions valid for the country in which the party responsible for the data processing is based. Our website may contain links to other websites that are not covered by this data protection notice. In addition, additional data protection notices may apply (e.g. for applicants).

1. Controller

Oerlikon Textile GmbH & Co. KG
Leverkuser Strasse 65
D-42897 Remscheid
Germany
E-mail: datenschutz.manmade-fibers@oerlikon.com

2. Data Protection Officer

Oerlikon Textile GmbH & Co. KG Data Protection Officer
c/o Oerlikon Textile GmbH & Co. KG
Leverkuser Strasse 65
D-42897 Remscheid
Germany
can also be reached by e-mail on  datenschutz.manmade-fibers@oerlikon.com

3. Scope of application for this data protection notice

This notice relates to the way we collate and utilize your data, e.g. when you visit or use our websites, applications or social media channels that are aimed at customers; purchase or use our products, services, systems or applications; subscribe to our newsletters; supply us with your goods or services; contact our customer support; take part in our business events or interact with us in any other way in your function as a business customer, partner, (sub-) supplier, contractor or other person who has a business relationship with us.

4. Data collection and processing

a) Depending on your business relationship with us (e.g. customer, supplier, business partner, etc.) and how you interact with us (e.g. online, offline, by telephone, etc.), we can process various data of yours. We can collect your data e.g. when you visit or use our websites, applications or social media channels that are aimed at consumers and customers, purchase or use our products, services, systems or applications, subscribe to our newsletters, download a software update, supply us with your goods or services, contact our customer support, take part in our business events, our competitions, sales promotions and surveys or interact with us in any other way.

The following provides an overview of the data categories that we can collect directly from you:

• Personal identification data (e.g. first name, last name, title, date of birth);
• Contact data (e.g. e-mail address, telephone number, address, country);
• Account registration information (e.g. login ID, password or other security codes);
• Financial data (e.g. credit card data, bank account details);
• Other information that you have voluntarily provided us or companies associated with us with;
• Feedback, opinions, assessments, comments, uploaded files, interests, information provided for our due diligence;
• Images and/or videos from which you could be identified (e.g. images uploaded or supplied to us in in other ways.

Finally, we can also record your data – when you visit our premises – for security reasons using video or other electronic, digital or wireless monitoring systems or devices (e.g. video monitoring system).

b) If you visit or use our websites or applications, subscribe to our newsletters or interact with us in any other way via our digital channels, we may collate – in addition to the information you directly provide us with – information that your computer, mobile telephone or other access device sends us. We can automatically collate the following information, for example:

• Device information (e.g. your hardware model, your IMEI number and other unique device identifiers, MAC address, IP address, operating system version and device settings that you use for accessing services);
• Log data (e.g. time and duration of your utilization of our digital channels or products);
• Location information (e.g. your actual location [derived from your IP address or other location-based technologies]), which can be collated when you activate location-based products or functions, i.e. using our apps;
• Other information on your utilization of our digital channels or products (e.g. apps that you use or websites that you visit, links that you click on in our advertising e-mails, motion sensor data).

c) If necessary for the sale of products or provision of services, we process personal data lawfully obtained from other companies or other third parties (e.g. credit bureaus, mailing list providers and journalist databases). We also process personal data that we are permitted to process and have lawfully taken, obtained or acquired from publicly accessible sources (e.g. telephone directories, commercial registers, registers of associations, resident registers, debtor lists, land registers, the press, the internet and other media).

Relevant personal data categories may in these cases particularly include:

• Personal data (name, date of birth, birthplace, nationality, marital status, job/industry and comparable data),
• Contact data (address, email address, telephone number and comparable data),
• Address data (registration data and comparable data),
• Payment confirmation/confirmation of cover in the case of bank cards and credit cards,
• Information about your financial situation (creditworthiness data including scoring, i.e. data for assessing financial risk),
• Customer history,
• Data on your use of the telemedia we provide (e.g., time of accessing our website, apps or newsletter, clicked pages/links from us or posts and comparable data),
• Video data (if you visit our premises).
  In the event of acquisitions of a company or part of a company or in the context of a restructuring, merger or joint venture, we may obtain your personal data from the divesting or merging company to the extent permitted under applicable law.

5. Personal data utilization and purpose limitation

We utilize your personal data for the technical administration of the website, for customer, interested party and vendor management, for surveys and company information and for marketing only to the extent required in each case. We want to inform you to the best of our abilities and therefore also use your data to inform you about products and services and potentially ask you questions relating to these. Needless to say, participating is such activities is voluntary. If you do no consent to these, you can inform us at any time so that we can correspondingly block your data in the future.
You can potentially subscribe to newsletters on our website. The data provided when registering for newsletters will only be used for sending you the newsletters in the event that you object to any further utilization of this data. You can cancel your subscription at any time using the unsubscribe option outlined in the newsletters. We can use your data for further legitimate reasons and for various legitimate business purposes. The following provides you with an overview of the purposes for which we can process your data:

• Assessment and (renewed) checking of (potential) customers, vendors and/or business partners (e.g. for due diligence or comparison with anti-terror lists);
• Conclusion and execution of contracts (e.g. sale, invoicing, delivery of products or services, registration in the case of mobile apps or on websites, warranties, service notifications, account management);
• Support at the request of the affected party (e.g. support via communication channels, such as customer or contact centre support);
• Direct advertising (e.g. for promoting contact with business customers (only in certain countries), e-mail advertising, market surveys, personalization of your experience by means of presenting of products and offerings tailored to you (e.g. on our websites, in our applications or in other communication channels);
• Security and protection of our interests/assets (e.g. use and maintenance of technical and organizational security measures, execution of internal checks and examinations, execution von conflict of interests checks);
• Ensuring and exercising our right to determine who will be allowed or denied access to our premises (e.g. through access controls)
• Measures to manage and optimize business processes
• Reviewing and optimizing procedures for needs analysis
• Further development of services, products and existing systems and processes
• Disclosure of personal data in the context of due diligence when negotiating the sale of a company
• Statistical evaluations or market analysis
• Fulfilment of legal obligations (e.g. disclosure of data vis-à-vis state institutions or supervisory authorities in accordance with the respectively valid stipulations in all countries in which we are active, such as tax and social insurance deductions, recording and reporting duties, execution of compliance audits, implementation of state-prescribed audits and other requests from state or other public offices, responses to court correspondence such as summons, enforcement of legal rights and claims and the management of internal complaints and requests);
• Response to legal claims (e.g. enforcement and exercise or response to legal claims we are, or could be, subjected to).

If we ask you to provide data but you fail to do so, we will in some cases be unable to offer you the full functional scope of our products, services, systems or applications. Potentially, we may not be able to respond to your inquiries.

6. Legal bases for data processing

We can use various legal bases for processing your data; in particular:

• Your consent (only if legally required or permissible). If the legal basis for processing your data is your consent, you can revoke your consent at any time (Art. 6 (1) sentence 1 a) GDPR);
• The necessity to enter into a contractual relationship with you and to fulfil our contractual obligations (Art. 6 (1) sentence 1 b) GDPR);
• The necessity for us to fulfil legal obligations (Art. 6 (1) sentence 1 c) GDPR) and enforce, exercise or respond to legal claims;
• The necessity to pursue our legitimate interests (Art. 6 (1) sentence 1 f) GDPR), in particular:
  • For ensuring that our networks and information are secure;
  • For the administration and general management within the company;
  • For avoiding or examining suspected or actual breaches of laws or business customer contracts;
• The necessity to respond to your inquiries;
• The necessity to protect the fundamental interests of a person;
• Any other legal basis that is in any way permissible in accordance with local laws.

7. Data transfer

Transfers of personal data to state facilities and authorities only take place within the context of compulsory national legislation. Where appropriate, we transfer your personal data within our parent company OC Oerlikon Corporation AG in order to optimally look after and inform you. Our employees, agencies and distributors are obliged by us to maintain confidentiality.

There is no forwarding, selling or other transferring of your personal data to third-parties unless these are required within the context of our business purpose or for the purpose of contract processing or you have explicitly consented to these. To this end, it may be necessary, e.g. when ordering products or services, to forward your address and order data to our contractual partners or within the context of commissioning special service providers supporting us in our activities. We can forward your data to other parties such as professional consultants, e.g. banks, insurance companies, auditors, lawyers, accountant or other professional consultants.

We also commission external service providers to assume certain tasks and to provide services in our name and in accordance with our instructions. Our external service providers support us with our IT solutions, operate our computing centres, provide customer or payment services, send electronic notifications, support us in the fight against fraud, conduct risk assessments and ensure compliance in export control, ITAR and trade control, destroy our data, support us with marketing or fulfil our print orders. External service providers only have access to the personal data that they require for carrying out their specific tasks. These external service providers are – through data processing agreements – obligated to use personal data exclusively within the context of the agreed outsourcing, to protect your data and to not sell it on to other third-parties.

During contract processing via our web shop, you consent to us forwarding your personal data to service providers for the purpose of processing the payment transactions using credit cards, direct debits or other payment processes, that these service providers process and save your personal data, transfer your personal data to the bodies necessary for processing the transactions, in particular the credit institutions, banks, credit card companies involved and to these bodies also processing the personal data.

We can also in each case forward your data in conjunction with company transactions – for example, the sale of a company or a company share to another company or within the context of restructuring, merger, joint venture or other sale of our business, of our assets or of our shares (also in conjunction with insolvency proceedings or similar proceedings).

8. Data transfer abroad

Due to our global focus, data you have provided us with may be transferred to, or viewed by, companies associated with us and trustworthy third-parties. For this reason, your data may be processed outside the country in which you live, if this is necessary for fulfilling the purpose described in this notice.

If you live in a member state of the European Economic Area, we may transfer your data to countries outside the European Economic Area. Some of these offer a sufficiently-high level of protection according to the European Commission. Furthermore, your data may also be transferred to countries whose data protection legislation does not guarantee appropriate data protection. A list of the countries in which Oerlikon is represented can be found by going to www.oerlikon.com. In the event of transferring your personal data, we ensure that the international transfer is carried out in accordance with valid data protection legislation.

9. Special technologies

On our websites, we use the following special technologies and potentially collect, process and utilize further data. Special technologies are deployed to optimally use our services as they are intended to be used.

Cookies
Cookies are small text files that are saved on your computer by your browser when you visit our website. Please note that only technically necessary session cookies are used on this website. The purpose of using these technically necessary session cookies is only to facilitate the registration process.

10. Information relating to data processing in conjunction with the Facebook fan page

We use our Facebook fan page to provide information on us and our products or services. And, of course, also to get in touch and communicate with Facebook users.

Technically, the processing of your personal data is carried out by Facebook. To this end, we refer to the Facebook Privacy Policy.

According to current ECJ jurisdiction, Facebook and we may have joint responsibility for parts of the Facebook fan page under certain circumstances. This processing is then based on an agreement on the joint processing, which can be viewed by clicking here.

11. Deleting data

We retain your data for the period necessary to fulfil the purpose for which they were collated (details on this can be found in the ‘Personal data utilization and purpose limitation’ section above). We will delete, anonymize or aggregate your data as soon as your personal data no longer needs to be stored for identification purposes. Please note that in certain cases a longer period of retention may be legally prescribed or permitted. We use the following criteria, among other things, to determine our retention periods:

• How long are the data required to provide you with our products or services or conduct our business?
• Do you have an account with us? If you do, we will store your data for as long as your account is active or for as long as it is needed to be able to provide you with the services.
• Are we subject to a legal, contractual or similar obligation to store your data? Examples here are data retention obligation laws for the respective legal system or statutory regulations to retain data that are relevant to an investigation or have to be stored for legal proceedings.

12. Data security

We use technical and organizational security measures in order to protect your personal data managed by us against manipulation, against loss, against destruction and against access by unauthorized persons. Our security measures are constantly being improved in accordance with technological developments. We demand that our service providers install appropriate measures to protect the confidentiality and the security of your personal data.

13. Your data protection rights and data subject rights

As a person affected by the processing of personal data, you are able to exercise certain rights. In particular:

• You can demand information on which of your personal data are being collated and how they are used by sending an e-mail to datenschutz.manmade-fibers@oerlikon.com
• You can request a correction or the deletion of personal data if these are incomplete or incorrect;
• You can demand restrictions on the processing of your personal data or appeal against the processing and instruct us to no longer store and use your personal data; appeals must be sent to the above-mentioned responsible person by e-mail (datenschutz.manmade-fibers@oerlikon.com), letter or fax (+49 2191 67 2216).
• In the event of an objection, we will no longer process your personal data unless we can show compelling reasons for processing your personal data that outweigh your interests, rights and liberties or processing your personal data serves the purpose of enforcing, exercising or defending legal claims;
• You have the right to data portability means the receipt of the personal data provided by you in structured, general and machine-readable form;
• You can revoke your consent, if processing is based on a consent. Please note that revocation of your consent does not affect the lawfulness of the processing carried out up to the point of revoking your consent;
• You can request a review of decisions made on the basis of the automatic processing of your personal data, if you are severely affected by these decisions and the right to object to, under certain conditions, automatic individual decision-making processes;
• You can file a complaint with your supervisory authority.

14. Scope of your obligations to provide us with your data

You only need to provide the data necessary for beginning and conducting a business relationship or for a pre-contractual relationship with us or the data we are required to collect by law. Without these data, we will not generally be able to conclude or execute the contract. This may also apply to data required later in the course of the business relationship.

Cookie Policy

1. General

When you visit Oerlikon websites, information is stored on your terminal device in the form of a "cookie". Cookies are text files containing small amounts of information that are stored on your terminal device when you visit a website. Cookies are then sent back to the website when you return to it: in this way, the website recognizes your device and remembers your settings. To find out more about cookies please visit https://allaboutcookies.org/or https://www.aboutcookies.org/. For example, cookies enable Oerlikon to tailor a website to better match your interests or to store your password so that you do not have to re-enter it every time. As a general rule, Oerlikon websites use cookies that are essential to the operation of the operation of this site. If Oerlikon never collect personal data via cookies, unless you have given Oerlikon your express permission to do so. If you do not want Oerlikon to recognize your terminal device, please configure your Internet browser to erase all cookies from your device, to block all cookies or to receive a warning before a cookie is stored. You will find brief instructions on how to do this below. Please note that certain functions of Oerlikon websites may no longer work, or not correctly, without cookies.

2. Types of cookies we use on this website

Absolutely necessary cookies
These cookies are needed for you to navigate within Oerlikon websites and operate basic website functions, such as the issuance of anonymous Session IDs for bundling several related queries to a server.

3. Deactivate cookies

If you wish to restrict or block web browser cookies which are set on your device you can do so through your browser settings. You may wish to visit https://www.aboutcookies.org/ or https://allaboutcookies.org/, which contain comprehensive information on how to do this on a wide variety of browsers.

If our Cookie Policy changes in any way, Oerlikon will place an updated version of the policy on this page.