Disclaimer
Data Protection and Privacy Policy Statement
This Data Protection and Privacy Policy Statement (“STATEMENT”) describes the collection and further processing of personal data by companies of Toyota Textile Machinery Europe AG, Turbinenweg 5, CH-8610 Uster and his affiliate (together “TTMEAG”) as far as they are not covered by other data protection policies or are evident from the circumstances or are provided for by applicable law. The term “personal data” shall include all information relating to an identified or identifiable person.
If you provide TTMEAG with personal data of other persons, please make sure that they have seen this STATEMENT, and provide their personal data to TTMEAG only if you are allowed to do so pursuant to applicable data protection law.
1. Controller, data protection officer
Every website (including online-shop), every presence on social media, multimedia portals, chatbots and every app of TTMEAG (each a “WEBSITE”) has a controller within TTMEAG with respect to collecting personal data according to the EU General Data Protection Regulation (GDPR) (or comparable provisions according to applicable data protection laws). Unless provided otherwise on the WEBSITE (according to the imprint, the terms of use, etc.), TTMEAG is the controller. The respective subsidiary or affiliate is the controller in case TTMEAG communicates through other means of communication (email, letter, telephone, in person, etc.) and the communication does not fall within an activity for which TTMEAG has appointed a specific controller within this STATEMENT or otherwise. Should an TTMEAG company or affiliate disclose personal data to another TTMEAG company or affiliate for certain purposes of the receiving company or affiliate, such company or affiliate is the controller according to Article 4 (7) GDPR. TTMEAG has not appointed a data protection officer according to Article 37 GDPR. Any inquiry, claim or concern regarding data protection at TTMEAG (all companies and affiliates) can be addressed to the following Contact Address: compliance@ttm-europe.com.
2. Processing of personal data
TTMEAG collects and processes personal data of the following persons:
Users of its WEBSITES registered with TTMEAG;
Individuals purchasing and receiving/benefitting from products and services of TTMEAG;
Potential or actual parties interested in products and services of TTMEAG;
Recipients of newsletters, if any, of TTMEAG;
Participants in research campaigns and opinion surveys conducted by TTMEAG; and
Participants in courses, seminars and other training org 28.5.2018 Data Protection Statement :: TTMEAG https://www.TTMEAG.com/en/legal/data-protection-statement/?type=98 2/5 Data concerning the use of the WEBSITE including but not limited to the IP address and other identification (e.g., user name of social media, MAC address of smartphones or computers, cookies), date and time of WEBSITE visits, visited sites and contents, referring websites, etc.; and Data in connection with communication such as preferred means of communication, correspondence and communication with TTMEAG (including records of the communication), etc.; (together “CUSTOMER DATA”) In addition, TTMEAG collects: Data of users of the WEBSITE who do not register with TTMEAG (“VISITOR”) but may constitute personal data (“VISITOR DATA”) for example with social media; the provisions of this policy regarding data collected from a CUSTOMER in connection with the use of the WEBSITE shall apply accordingly even though the identification of a VISITOR usually is not possible for TTMEAG; and Information pertaining to employees and contacts of their dealers, suppliers and further business partners (hereinafter natural persons shall be referred to as “PARTNERS”, their data as “PARTNER DATA”) such as contact details, information regarding their function, information relating to the previous contact with these individuals, data regarding marketing activities (e.g., receipt of newsletters), information regarding business transactions, requests, offers, tenders, conditions and contracts, information related to professional or other interests of the individuals. Within the framework of their business relationship, CUSTOMERS will be required to provide CUSTOMER DATA necessary for the establishment and execution of the contractual relationship and the fulfilment of the associated contractual obligations or required by law. Without these data, TTMEAG will generally not be able to conclude or execute the contract with the respective CUSTOMER. This also applies analogously to the PARTNER DATA as far as business relations with the dealers, suppliers and business partners of TTMEAG are concerned; in principle, these cannot be concluded and processed without information on their employees and other contacts. As any access to the WEBSITE is logged, connection data (such as the IP address) will always be logged; this is done automatically during use and cannot be deactivated for individual VISITORS or CUSTOMERS.
3. Purpose of the processing and legal basis
In accordance with applicable law, TTMEAG may process CUSTOMER DATA in particular for, but not limited to, the following purposes: In connection with goods and services offered, conclusions of contracts (in particular purchases), executions of contracts (in particular purchase contracts and contracts regarding the participation at customer programs and events), maintenance and development of customer relations, communication, promotions, advertisement and marketing (including newsletters and mailing of promotional materials), customer service, technical consultancy, support, sales, installation and maintenance; Management of the users of the WEBSITE and other activities in which CUSTOMERS participate, operation and enhancement of the WEBSITE (including the provision of functions which require identifiers or other personal data) and further IT systems, identity verifications; Protection of CUSTOMERS, employees and other individuals and protection of data, secrets and assets of and entrusted to TTMEAG, safety of systems and premises of TTMEAG; Compliance with legal and regulatory requirements and internal rules of TTMEAG, enforcement and exploitation of legal rights and claims, defense against legal claims, litigation, complaints, combating abusive conduct, engaging in legal investigations and proceedings and responding to inquiries of public authorities; Sale or acquisitions of business divisions, companies or parts of companies and other corporate transactions and the transfer of CUSTOMER DATA associated therewith; and Other purposes as far as a legal obligation requires processing and such processing was evident from the circumstances or indicated at the time of the collection; (together the “PURPOSE OF CUSTOMER DATA PROCESSING”). TTMEAG uses the CUSTOMER DATA for the PURPOSE OF CUSTOMER DATA PROCESSING based on the following legal grounds: Performance of contracts; Compliance with legal obligations of TTMEAG; Consent of the customer; Legitimate interests of TTMEAG, including but not limited to: – Purchase and shipment of products and services, also in connection with individuals who are not direct contractual partners (such as e.g., individuals receiving a gift); – Carrying out advertisement and marketing activities; – Efficient and effective customer support, maintenance of contact and other communication with CUSTOMERS outside of the processing of contracts; – Understanding customer behavior, activities, concerns and needs, market studies; – Efficient and effective improvement of existing products and services and development of new products and services; 28.5.2018 Data Protection Statement :: TTMEAG https://www.TTMEAG.com/en/legal/data-protection-statement/?type=98 3/5 – Efficient and effective protection of customers, employees and other individuals as well as protection of data, secrets and assets of or entrusted to TTMEAG, safety of systems and premises of TTMEAG; – Maintenance and secure, efficient and effective organization of business operations including a secure, efficient and effective operation and successful further development of the WEBSITE and other IT systems; – Reasonable corporate governance and development; – Successful sale and acquisition of business units, companies or parts of companies and other corporate transactions; – Compliance with legal and regulatory requirements and internal rules of TTMEAG; and – Concerns regarding the prevention of fraud, offences and crimes as well as investigation in connection with such offences and other improper conduct, handling of claims and actions against TTMEAG, cooperation in legal proceedings and with public authorities as well as the prosecution, exercise of and defense against legal actions. In accordance with applicable data protection laws, TTMEAG may process VISITOR DATA in particular for the purpose of maintaining and developing the WEBSITE (including the provision of functions which require identifiers or other personal data), for statistical analysis regarding the use of the WEBSITE as well as for combating abusive conduct, for purposes of legal investigations or proceedings and for the response to inquiries of public authorities. The VISITOR DATA shall be processed in accordance with the principles set out for CUSTOMER DATA above. In accordance with applicable data protection laws, TTMEAG may process PARTNER DATA in particular for the purpose of entering into and performance of contracts and other business relationships with PARTNERS, promotions, advertisement and marketing, communication, invitation to events and participation in promotions for PARTNERS, organization of joint activities, compliance with legal and regulatory requirements and internal rules of TTMEAG, enforcement and exploitation of legal rights and claims, defense against legal claims, litigation, complaints, combating abusive conduct, engaging in legal investigations and proceedings and responding to inquiries of public authorities, for the sale or acquisition of business units, companies or parts of companies and other corporate transaction and related transfers of PARTNER DATA. The PARTNER DATA shall be processed in accordance with the principles set out for CUSTOMER DATA above. All the purposes of processing shall be applicable for the whole TTMEAG Group, i.e., not only for the company which initially collected the personal data. Personal data of CUSTOMERS, VISITORS and PARTNERS are collected for the purpose of all TTMEAG companies.
4. Disclosure of data and transfer of data abroad
In accordance with applicable data protection laws, TTMEAG may disclose CUSTOMER DATA, VISITOR DATA and PARTNER DATA to the following categories of third parties who process PERSONAL DATA in accordance with the PURPOSE OF CUSTOMER DATA PROCESSING on behalf of TTMEAG or for their own purposes: Service providers (within TTMEAG as well as external), including processors; Agents, dealers, suppliers and other business partners; Local, national and foreign authorities; Acquirers or parties interested in acquiring business units, companies or other parts of TTMEAG; and Other parties in potential or actual legal proceedings; (together “THIRD PARTIES”). TTMEAG may disclose CUSTOMER DATA, VISITOR DATA and PARTNER DATA within TTMEAG as well as to THIRD PARTIES and in any country worldwide, including in particular all countries in which TTMEAG is represented by companies, affiliates, agents or other offices and representatives as well as to countries in which service providers of TTMEAG process their data. If data are disclosed to countries that do not guarantee adequate protection, TTMEAG will ensure adequate protection of data disclosed by CUSTOMERS, VISITORS or PARTNERS by way of putting adequate contractual guarantees, in particular on the basis of EU standard clauses, and binding corporate rules in place, or it bases the transfer on the exceptions of consent, conclusion or performance of contract, the determination, exercise or enforcement of legal claims, overriding public interests or it discloses the data in order to protect the integrity of these individuals. The CUSTOMER, VISITOR or PARTNER can obtain a copy of the contractual guarantees from TTMEAG or will be advised where to obtain such copies under the Contact Address given in Para. 1 above. TTMEAG reserves the right to redact such copies for reasons of data protection or secrecy.
5. Storage of data
As a rule, TTMEAG retains contract related CUSTOMER DATA and PARTNER DATA as long as the contractual relationship is ongoing and for ten years after the termination of the contractual relationship, unless a longer statutory store obligation is applicable on a case-by-case basis, this is required for reasons of proof, another valid reason for an exception is pertinent based on applicable law, or the deleting of the data is required earlier (in particular because the data is no longer needed or TTMEAG is required to delete the respective data). As a rule, shorter retention periods are applicable for operational data containing CUSTOMER DATA, VISITOR DATA or PARTNER DATA (e.g., protocols, logs). 28.5.2018 Data Protection Statement :: TTMEAG https://www.TTMEAG.com/en/legal/data-protection-statement/?type=98 4/5 Business records, including communications, will be retained as long as TTMEAG has an interest in them (in particular an interest for reasons of proof in case of claims, documentation of compliance with certain legal or other requirements, an interest in nonpersonalized analysis) or is obligated to do so (by way of contract, law or other provisions). Deviating legal obligations are reserved in particular with respect to anonymization or pseudonymization.
6. Cookies, Google Analytics and social plug-ins
TTMEAG uses cookies on its WEBSITE. Cookies are a widespread technique that allocates an identification to the browser of the user of a WEBSITE which the user saves and shows upon request. On the one hand, TTMEAG uses session cookies which are automatically erased when the user closes the WEBSITE and which enable the server to establish a stable connection to the user (so that the content of a shopping basket is not lost, for example) as long as he browses on the website. On the other hand, permanent cookies which are only erased after a period defined per WEBSITE are used. Permanent cookies allow saving certain settings (e.g., language) for several sessions or allow for an automated log-in. The user consents to the application of permanent cookies by way of using the WEBSITE and the respective functions (e.g., language settings and automated log-in). The user may block the application of cookies on his browser or delete cookies there which may, however, impair the use of the WEBSITE. In accordance with applicable law, TTMEAG may install coding in newsletters and other marketing e-mails which allow it to determine if the recipient has opened an e-mail or downloaded pictures contained in the e-mail. However, the recipient may block this application in his e-mail application. In any case he consents to the application of this technology by way of receiving newsletters on other marketing related e-mails. Should TTMEAG place advertisement of third parties on the WEBSITE (e.g., banners) or intend to place an own advertisement on the website of a third party, cookies from companies specializing in the use of such advertisement may be used. TTMEAG will not disclose personal data to such companies, i.e., they shall only place a permanent cookie with users of the WEBSITE in order to recognize users and do so in the sole interest of TTMEAG. This allows TTMEAG to place aimed advertisements for these users on external websites (e.g., in connection with products for which these users showed an interest in the online-shop). TTMEAG will not disclose personal data to the operators of external websites either. TTMEAG may use Google Analytics or similar services on its WEBSITE. These applications are third-party services which allow TTMEAG to measure and analyze the use of its WEBSITE. The provider of these services may be located in any country worldwide (in the case of Google Analytics, which is operated by Google Inc., it is the U.S., www.google.com). The service provider uses permanent cookies for these applications. TTMEAG will not disclose any personal data to the service provider (who will also not save any IP addresses). The service provider may, however, monitor the use of the WEBSITE by the user and combine these data with data from other websites monitored by the same service provider which the user has visited, and the service provider may use these findings for its own benefits (e.g., control of advertisements). The service provider knows the identity of the user who has registered with the service provider. In this case, the processing of personal data will be the service provider’s responsibility and data shall be processed according to the data protection policies of the service provider. The service provider will provide data on the use of the WEBSITE to TTMEAG. In addition, TTMEAG may use plug-ins from social media networks such as Facebook, Twitter, Youtube, Google+, Pinterest or Instagram on its WEBSITE. In the default setting of the WEBSITE, plug-ins are deactivated; the user can thus choose whether and when to activate them. Should the user do so, the social-media providers are able to establish a direct connection to the user during his visit on the WEBSITE, which allows the social-media provider to be aware of the user’s visit and to analyze the respective information. The subsequent processing of the personal data will be conducted in the responsibility of the social-media provider and according to his data protection policies. The provider of the respective social media offering will not disclose any information to TTMEAG.
7. Customer Service
Services to CUSTOMERS may be provided by an agent (“AGENT”) on behalf of TTMEAG. In accordance with applicable data protection laws, TTMEAG may disclose according to Para. 4 above CUSTOMER DATA to the AGENT for the PURPOSE OF CUSTOMER DATA PROCESSING as defined in Para. 3 above. The AGENT may collect himself and process the CUSTOMER DATA for the PURPOSE OF CUSTOMER DATA PROCESSING as defined in Para. 3 above.
8. Newsletter and banner advertisement
TTMEAG may send newsletters or other commercial communications in connection with its products and services to CUSTOMERS and PARTNERS. In accordance with applicable law TTMEAG reserves the right to do so without prior consent of existing customers and business partners. However, the respective customers and business partners may object to a further mailing of newsletters or other commercial communications at any time through their account on the respective WEBSITE or through the link indicated in every mailing. However, the termination of one newsletter may not entail the termination of other newsletters, as well. It is possible that personalized advertisement is placed during the visit on the WEBSITE. Every banner advertisement displayed to the CUSTOMER contains products offered on the WEBSITE which have previously been looked at by the customer. The advertisement is generated by TTMEAG by the means of cookies (see Para. 6 above).
9. Rights of the customer, the visitor and the partner
28.5.2018 Data Protection Statement :: TTMEAG https://www.TTMEAG.com/en/legal/data-protection-statement/?type=98 5/5 Any affected individual, including any CUSTOMER, VISITOR and PARTNER, may request information from TTMEAG as to whether data concerning him is being processed. In addition, he has the right to request the correction, destruction or restriction of personal data regarding him as well as to object to the processing of personal data. Should the processing of personal data be based on consent, the affected individual may withdraw consent at any time. In countries of the EU and EEA, the affected individual may, in certain cases, have the right to obtain data generated during the use of online services in a structured, common and machinereadable format which allows for further use and transfer. A request in this respect shall be submitted to the Contact Address given in Para. 1 above. TTMEAG reserves the right to restrict the rights of the affected individual in accordance with applicable law and, e.g., not to disclose comprehensive information or not to delete data. Should TTMEAG make an automated decision with respect to a certain individual which may have a legal effect for the affected individual or seriously affect him in a similar way, the affected individual shall have, in accordance with applicable law, the right to communicate with a controller of TTMEAG and to request a reconsideration of the decision or to request the prior evaluation by the controller. In this case the affected individual might no longer be able to use certain automated services. The individual will be informed thereof subsequently or separately in advance. Any affected individual may also raise a complaint with the competent data protection authority, which in the case of an TTMEAG controller in Switzerland is the Federal Data Protection and Information Commissioner in Switzerland ( www.edoeb.admin.ch[1] ).
10. Changes of the statement
TTMEAG is entitled to amend this STATEMENT at any time and without prior notice or announcement. The latest version according to the WEBSITE shall be applicable. Should the STATEMENT form part of an agreement with CUSTOMERS and PARTNERS, TTMEAG may inform them of an update or amendments by e-mail or in another appropriate manner. The amendments shall be deemed to have been accepted unless an objection is raised within 30 days of notification. In case of objection, TTMEAG shall be free to terminate the agreement exceptionally and with immediate effect.