Data Protection Policy

Data Protection Notice

Below, we would like to explain to you which data we collect about you and what we do with these data. We also inform you about your privacy rights and explain to whom you can turn with questions about data protection.

About us

Data controller (responsible for data processing):
ADEKA Europe GmbH    
Berliner Allee 22    
40212 Düsseldorf    
Managing directors: Masakazu Kato, Shigeki Fujisawa, Masaki Maeno    

phone: +49 (0) 211 1792 45-0   
email: info@adeka.eu

Concerning questions about this Data Protection Notice, processing of your data, your rights or other data protection topics, our data protection officer (DPO) would be pleased to help you.

Contact details of our data protection officer:

ADEKA Europe GmbH    
Data Protection Officer    
Berliner Allee 22    
40212 Düsseldorf    
Deutschland
E-Mail: dsb@adeka.eu

Scope of application

This privacy policy applies to the website adeka.eu. It is aimed at the visitors of our website.
Our website offers links which lead to the websites of other operators for which this Data Protection Notice does not apply.
Responsibility for integration of advertisements, text advertisements or commercials before or during embedded videos lies with the respective operator.

Do I have to enter my data?

When you visit our website, user data are automatically stored. Some of the collected data are necessary for the use of a website. In addition, we also process your data in order to safeguard our legitimate interests according to a balance of interests. This will enable us to continuously improve the services we offer to you. On the following pages, you will learn about the background of our interests as well as whether and how you can object to the use of your data or disable the use of the data.

In order to use one of our offers or to send a request, you will be asked to provide your personal data. You can decide for yourself whether to take advantage of these offers and to provide your data. We also offer services for which we process your data only if you have given us your consent. The granting of consent is always voluntary. Consent that has been granted may be revoked at any time.

Please note that if you provide information about other persons, you must have obtained their prior approval and informed them of the purposes for which the information is being disclosed, as set forth in this Data Protection Notice.

We also ask you to share this information with the people you include in the use of our services, such as family members or authorised persons.

Processing purposes, processed data and legal bases

We distinguish between various types of processing personal data which are described below. The processed data are listed in tables.

Service provision

In order to visit and use our website, the specified data must be collected. Processing your data is based on our legitimate interest in providing a working website (Art. 6 (I) lit. f) DS-GVO).

Data security

Every access to our website is stored in a log file. We process these data for the purpose of data security. Processing your data for that purpose is based on our legitimate interest in guaranteeing data security (Art. 6 (I) f) GDPR).

Map service

We offer a map from the service provider OpenStreetMap so you can find our location and plan your visit. To display the map service on our website, the specified data will be transferred to OpenStreetMap Foundation. You can find more information in the terms and conditions and the data protection notice of OpenStreetMap. We process your data to protect our legitimate interest in making it easier for our customers to find our location and plan their journey (Art. 6 (I) lit. f) GDPR).

Enquiries

We process your data that you give to us when you have a question or another concern. This may include data that you send to us via email.

Processing your data is required for dealing with your concern. It is based on our legitimate interest in answering your questions and inquiries (Art. 6 (I) lit. f) DS-GVO).

Display of videos

In order to be able to use the videos on our website, the specified data need to be processed. Your data will only be processed to display videos and passed on to the service provider Google Ireland Ltd (hereafter referred to as "Google") as soon as you give your consent by activating the video service (Art. 6 (I) lit. a) GDPR). This makes Google aware that our website has been accessed via your IP address. The data can also be used by Google for analysis of usage behaviour and for market research and marketing purposes. More information about the use of personal data can be found in Google's privacy policy.

Information about Cookies

The legal basis for using cookies that are necessary for providing the website is our legitimate interest (Art. 6 (I) f) GDPR) in providing a working website. Otherwise, further cookies will be set if you give your consent (Art. 6 (I) lit. a) GDPR).

Further information about the processed data, legal bases for processing, storage duration of personal data, technologies used, lifespan of cookies (if applicable), data recipients and transfer of personal data to third countries (if applicable) can be found in the Consent Manager . There you will also find further links to the providers' data protection notices.

Processed Data

Data

Service provision

Data security

Map service

Enquiries

Display of videos

IP address

x

x

x

 

x

Name of the accessed file

 

x

x

 

x

Transferred data volume

 

x

x

 

x

Accessed website

x

 

 

 

 

Referrer URL (the previously visited website)

 

x

x

 

x

User agent

x

x

x

 

x

Google cookies

 

 

 

 

x

Date and time of access

 

x

x

 

 

Information about your browser (type, version, resolution (inner window size), browser language)

x

 

 

 

 

Country

x

x

 

 

 

Cookies on/off

x

 

 

 

 

Java script on/off

x

 

 

 

 

Form of address, name

 

 

 

 

x

 

Contact details (email address, address, phone number, fax number)

 

 

 

x

 

Subject, topic, concern

 

 

 

x

 

Message contents

 

 

 

x

 

Time stamps of incoming message/sign-up

 

 

 

x

 


Other processing purposes

In addition, the above-mentioned data are used for the following purposes in the context of a balance of interests (Art. 6 (I) (f) GDPR). The interests are described below:

  1. Should a security incident occur in our company that affects your data, we are   obliged to report the case to our data protection supervisory authority (Article 33 GDPR). Since our legitimate interest is to comply with this statutory reporting obligation as quickly as possible, it may happen that in the context of the investigation of the corresponding security incident data about you are processed. Reports of these security incidents to data protection supervisory authorities do not contain any of your personal data.
  2. As it is in our interest to ensure the security of our systems, we regularly conduct security and efficiency tests that allow us to process your above-mentioned data.
  3. Since it is our interest to solve legal disputes, we process your data in that specific case. It is also in our interest, in the event of litigation, to keep evidence until all relevant statutory limitation periods pursuant according to sections 195 and fallowing of the German Civil Code, have expired. For this purpose, we retain the relevant data about you in accordance with these limitation periods. The retention periods cannot be globally predicted, since they depend on the particular matter in dispute and the respective statutory limitation period, which can be up to 30 years. The regular limitation period is three years.
  4. In addition, it is in our interest to investigate suspected cases and to hand over relevant information to law enforcement authorities in case of a specific criminal suspicion.
  5. We perform (internal) audits and other control activities (e.g. data protection officer’s monitoring activities), because it is our legitimate interest to comply with legal provisions, to obtain transparency about our business processes, to constantly optimise these processes and to prevent and identify harmful acts against our business. In doing so, documents or data sets with your personal data may be processed.
  6. We process your data for testing IT systems and software products and for migrations. The processing is necessary for satisfying our legitimate interest in evaluating if new products are correct and if migrations are complete.

Deletion period (or retention period)

The data processed for the purpose of data security will be deleted after 14 days.

We delete the data processed for processing enquiries 12 months after the enquiry has been finally processed.

For the preservation of evidence, we retain data in accordance with the statutory limitation periods according to sections 195 and following of the German Civil Code. The storage duration of your data may exceed the duration stated above. The statutory limitation periods can be up to 30 years. The normal limitation period is 3 years.

Sources of data

We do not collect your personal data from third parties.

Information about automated individual decision-making

There are no automated individual decisions.

Who receives your data?

The following list shows which organisations (“data recipients”) receive your data. You can read about the specific data in the corresponding sections of this data protection notice. Transfer of your data may sometimes occur due to contractual or legal requirements. In other cases, we use selected vicarious agents and service providers who work for us as commissioned data processors (in accordance with Art. 28 GDPR) and may obtain access to your data in the required scope. Commissioned data processors are subject to numerous contractual obligations and may, in particular, process your personal data only on our instructions and solely for the fulfilment of the orders received from us.

  • Auditors
  • Data protection officer
  • Service providers for mass file destruction
  • Service providers for map services
  • Recipient’s e-mail provider (for communication via e-mail)
  • IT service providers
  • Lawyers, law enforcement agencies, public prosecutor, courts, opposing lawyers, state or federal criminal police (for legal disputes or actual suspicious cases only)
  • Service providers for telecommunication (in case of communication via phone)
  • Shipping providers (in case of written communication)

Data recipients in non-EU countries

Our service providers for IT and display of videos in the EU have affiliates or subcontractors outside the EU that can access your data. The EU Commission determines which non-EU/EEA countries (third countries) have an adequate level of data protection. The affiliates and subcontractors of our service providers have either submitted to the so-called Data Privacy Framework (Decision No. C(2923) 4745 final of 10 July 2023) if they are based in the USA; otherwise our service providers are responsible for the use of the EU standard contractual clauses in accordance with Commission Decision No. (EU) 2021/914. A model of these EU standard contractual clauses can be found on the websites of the EU Commissioner for Justice and in the Official Journal of the EU.

This website uses a map from the service OpenStreetMap. To display the map, data are transferred to the OpenStreetMap Foundation in the United Kingdom. For the transfer of personal data to the United Kingdom, the EU Commission has issued an adequacy decision with the number C(2021) 4800, which you can find on the website of the EU Commissioner for Justice.

Your rights

You have the legal right to:

  • Access to your personal data that we process (Art. 15 GDPR)
  • Rectification and completion of your data (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)    
  • Data portability (Art. 20 GDPR)
  • Withdrawal of your consent (Art. 7 GDPR) with effect for the future. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
  • You have the right to demonstration of your own point of view and refutation of an automated decision (Art. 22 GDPR).
  • You also have the right to object to the processing of your data which is based on our legitimate interests or the legitimate interests of a third party at any time, on grounds relating to your particular situation (Art. 21 GDPR). This also applies to profiling based on these provisions within the meaning of Art. 4 (4) GDPR.
  • Objection to direct marketing – You have the right to object to the processing of your data for the purpose of direct marketing at any time without giving reasons. 

To exercise these rights, you can contact us via the contact details mentioned above.

You also have the legal right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

TOP