We control the ways your Personal Data are collected and the purposes for which we use your Personal Data acting as “data controller” for the purposes of the GDPR.
1 Contact details
The controller pursuant to Art. 4 (7) GDPR is Dennemeyer S.A. (Société anonyme), 55 rue des Bruyères, L-1274, Luxembourg, Telephone: +352 499841-1, E-Mail: info(at)dennemeyer(dot)com, (see our legal notices).
You can address any question with regard to this policy and privacy aspects in general to:
Dennemeyer S.A. may share your Personal Data with its affiliated companies (collectively “Dennemeyer IP Group”, detailed list of entities can be consulted (https://www.dennemeyer.com/about/offices/).
Our German affiliates Dennemeyer & Co. GmbH, Dennemeyer & Associates S.A. (German Branch) and Dennemeyer Consulting GmbH appointed a local data protection officer who can be contacted at this email address: dataprotectionofficer(at)dennemeyer(dot)com.
Our Romanian affiliates Dennemeyer S.R.L. and Dennemeyer & Associates S.R.L. appointed a local data protection officer that can be contacted at this email address: o.grigoriu(at)teutsch-services(dot)com.
3 Personal Data we collect and extend of data processing
3.1 Types of Personal Data we process
- Identification information (such as first name, family name, date and place of birth, gender).
- Business contact information (such as phone and fax numbers, email address, country of residence).
- Publicly available information (such as LinkedIn profile, etc.)
- Financial information (such as identification and number of bank account, notably linked to billing).
- Personal information provided to us by or on behalf of our customers or generated by us in the course of providing services.
- Other relevant personal details (such as nationality, citizenship, job title, function within a company, preferred language).
- Content you provide (such as CV, education history, comments, responses to questions).
- IP addresses.
3.2 Extent and legal basis of data processing
We will process your Personal Data if and to the extent applicable law provides a lawful basis for us to do so. We will therefore process your Personal Data only if:
- You have consented to us doing so, or
- We need it to perform the contract we have entered into with you; or
- We need it to comply with a legal obligation or perform a task carried out in the public interest; or
- We (or a third party) have a legitimate interest which is not overridden by your interests or fundamental rights and freedoms. Such legitimate interests may for instance be the provision of services by us, administrative or operational processes and direct marketing, the sharing of Personal Data within the Dennemeyer IP Group or
- You have made an information request to us; or
- You wish to attend an event (offline or online) organized by us; or
- You participate in one of our surveys or blogs; or
- You subscribe to our newsletter; or
4 Purpose for the processing of your Personal Data
We only process personal data where we have a lawful reason for doing so or you gave us your prior consent and only process Personal Data which is relevant and necessary to achieve the intended purpose for the processing of your Personal Data. The purpose for the processing of Personal Data performed by us will always be one of the following, depending on the concerned processing, nature of Personal Data and data subjects:
- To establish, administer and implement a business relationship;
- To strengthen the existing business relationship or to develop a new business relationship or to approach interested parties including information on current IP-related developments and our range of services (Marketing);
- To provide our services to you and manage our relationship with you, including communicating with you in relation to the products and services you obtain from us;
- To fulfil our administrative purposes and protect our business interests;
- To comply with our legal obligations (e.g. laws of the financial sector, anti-money-laundering and tax laws), including disclosures to tax authorities, financial service regulators and other regulatory and governmental bodies, and investigating or preventing crime;
- To ensure the safety of our clients, employees and other stakeholders;
- To provide and improve our website, including auditing and monitoring its use;
- Any other purposes we notify to you from time to time.
5 Your rights
We would like to make sure you are fully aware of all of your data protection rights. Every user of this website is entitled to the following:
5.1 Right to access
You have the right to obtain from us confirmation as to whether or not Personal Data concerning you is being processed and, where that is the case, you have the right of access to the Personal Data. We shall provide you with a copy of the Personal Data undergoing processing and, for any further copy requested, we may charge a reasonable fee.
5.2 Right to rectification
You have the right to request that we correct any Personal Data concerning you that you believe to be inaccurate. You also have the right to request us to complete information you believe is incomplete.
5.3 Right to erasure
You have the right to request that we erase your personal data. We can refuse to erase your data (1) when processing your data is necessary for exercising the right of freedom of expression and information; (2) when we are legally obliged to process your data; (3) when keeping your data is necessary for establishing, exercising or defending legal claims. or (4) when keeping your data is required for the provision of services we requested from us.
5.4 Right to restrict processing
You have the right to request that we restrict the processing of your Personal Data; in this case, we would keep your Personal Data but refrain from using it during the period for which you exercise your right.
5.5 Right to object to processing
You have the right to object to our processing of your Personal Data. However, we may remain able to process your Personal Data if we have a compelling legitimate ground for the processing or for the establishment, exercise or defense of legal claims.
5.6 Right to data portability
This only applies to Personal Data we are processing based on your consent. You have the right to request that we transfer the Personal Data we have collected to another controller, or directly to you.
5.7 Exercise of your rights
If you make a request to exercise any of the rights mentioned above, we have one month to respond to you. Should your request be manifestly unfounded or excessive, we may either charge a reasonable fee or refuse to act on the request.
To exercise any of your rights, please send your request to dataprivacy(at)dennemeyer(dot)com.
6 Your right to complain
You may also lodge a complaint with the data protection authority in Luxembourg, the Commission Nationale pour la Protection des Données (the "CNPD"), or with your local data protection authority if you do not reside in Luxembourg. The CNPD can be contacted as follows:
- Telephone: (+352) 26 10 60 - 1
- Website: https://cnpd.public.lu/en.html
- Web form: https://cnpd.public.lu/en/particuliers/faire-valoir/formulaire-plainte.html
- Address: 1, avenue du Rock’n’Roll, L-4361 Esch-sur-Alzette, Luxembourg
7 Cookies and how we use them
Cookies are text files placed on your computer to collect standard internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology. This website uses Google Analytics, a web service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help Dennemeyer analyze how visitors use this website. To learn how Google Analytics works and uses your personal information, please see the following link:
8 Technical and organizational measures to protect your Personal Data
Ensuring that Personal Data is appropriately protected from data breaches is a top priority for Dennemeyer. We have adequate technical and organizational security measures in place (such as, Physical Access Control, System Access Control, Data Access Control, Transmission Control, Data Backup, Data Segregation) to ensure a level of security appropriate to the risks represented by the processing and the nature of the Personal Data to be protected.
Access to Personal Data is permitted to employees for the sole purpose of performing their professional services. They are subject to confidentiality obligations and are provided with training in order to maintain and develop their practical skills and knowledge on data protection matters.
9 Sharing your Personal Data
Insofar as you have provided your explicit consent or when we are otherwise legally entitled to do so according to applicable data protection laws, we will share your Personal Data with the Dennemeyer IP Group, where applicable, for the purposes indicated above.
In connection with the operation of this website and the services provided by way of the website, Dennemeyer works with service providers such as hosting or IT maintenance service providers, for example.
These recipients may possibly be located in countries outside of the European Economic Area (“Third Countries”), in which applicable laws do not offer the same level of data privacy protection as in your home country. In such cases, Dennemeyer takes measures to ensure an appropriate level of data privacy protection, including the execution of GDPR Standard Contractual Clauses.
Data is shared only in connection with and in compliance with applicable laws and regulations. We do not sell or otherwise market your Personal Data to Third Parties.
10 IP Addresses
Access to our website is logged for the purpose of security analysis reports and to defend against cyber-attacks. With the exception of the IP address, no Personal Data is ever collected or used in this connection. IP addresses are analyzed only in the event of a cyber-attack. Log data is promptly deleted on a regular basis.
11 Embedded web links
12 E-mail Addresses
If you choose to give us your e-mail address, we will communicate with you via e-mail. We do not share your e-mail address with others outside the Dennemeyer IP Group. You can choose not to receive any more e-mail at any time.
13 Data Retention
Dennemeyer will retain your Personal Data as long as needed to fulfil the purpose for which it was processed or as required by applicable laws or regulations. Once the information collected is no longer needed, Personal Data will be securely deleted.
Where required, we may anonymise your Personal Data so that it can no longer be associated with you, in which case it is no longer considered as Personal Data. Upon expiry of the applicable retention period we will securely destroy your Personal Data in accordance with applicable laws and regulations.
If you are a customer, former customer, interested party or prospective customer or a contact person of one of the aforementioned, we store your Personal Data for marketing purposes until revocation or the revocation of your consent if the marketing measures were carried out based on your consent.
14 Protecting children’s privacy
We do not knowingly collect Personal Data from children under the age of 13. If we learn that Personal Data was collected of a child under the age of 13, we will delete that data from our system in accordance with applicable laws and regulations.
15 Changes to your Personal Data
We are committed to keeping your Personal Data accurate and up to date. Therefore, if your Personal Data changes, please inform us of the change as soon as possible using the contact information provided below.
16 Questions and comments