1. Basic Information
We are delighted to have you visit our website, and we would like to thank you for your interest. In the following, we would like to inform you about how we handle your personal data when you use our web services, like our website with mobile end devices such as smart phones or tablets. Personal data includes all data which could be used to identify you personally, or which make you identifiable via a username or identification code, such as your IP address.
This Privacy Statement explains the legal basis and the purpose for this collection or processing of your data. We would like to inform you of your rights regarding the use of your personal data.
For security reasons and to protect the transfer of personal data and other confidential information (e.g., queries sent to Controllers), these online services use SSL or TLS encryption. You can identify an encrypted connection by checking that the letters “https://” and a lock symbol appear in your browser address line.
2. Your contact person for all data privacy related questions
If you have any questions regarding data protection, please contact us (from the EU):
Rolf C. Hagen INC.,
20500 Trans-Canada Hwy
Baie d’Urfé, Quebec
Tel.: +1 -514-457-0914
If you are from the EU or the EEA, the following applies:
- This company is the Controller for the processing of data on our online service pursuant to the General Data Protection Regulation (GRPD).
- Our EU representative is: Kaschae Datenschutz & Compliance GmbH, An der Alster 62, 20099 Hamburg, email@example.com
Contact information for our company Data Protection Officer: Data-Protection-HAGENGROUP@rchagen.com
3. Data collection when accessing our online services
Accessing our web pages (without registration) will result in the automatic anonymised collection of the following data on our servers:
- masked IP address,
- access date/ time/ time zone,
- access status,
- type of access,
- type of protocol,
- type and number of pages accessed on our site,
- name and size of accessed files,
- referring website,
- web browser,
- operating system.
The listed non-personal data are collected automatically as part of the normal operations of our internet services. The information gathered about the use of our pages is not combined with any personal information provided through the online registration form. We do not have any personal references in our usage data.
We use the above data for the purposes of troubleshooting, generating statistics and measuring website activity with the aim of improving the value and use of our services. This also constitutes a legitimate interest for the purposes of processing (permissible in the EU pursuant to: Art. 6 (1) (f) GDPR).
Within our company, our web administrator is the only person with access to these data for the purposes listed above. We work with external services provided to maintain and to program the services we offer on the web, with whom we have job processing agreements for that purpose.
The above data are only collected for the period of use; once the use has ended, the data shall be deleted without delay, after seven days at the latest.
We do not use any automated decision making or conduct any profiling.
On our pages, we have provided an online form which enables you to make contact with us electronically. Your first and last name, address, email address and the kind of product you have purchased is required information. We need these data to process your request. You can also choose to provide us with additional information. Contacting us is always voluntary. Your request is logged by our internal customer service.
These data are solely used for the purpose of answering your request or responding to your request for contact, and the technical administration involved (permissible within the EU pursuant to: Art. (1) (b) GDPR).
After your request has been processed, we delete your contact information, at the latest, seven days after your request has been dealt with. This period of storage may be subject to statutory storage periods, for example, when your request is in connection with the processing of a contract or a warranty or guarantee. In this case, we store your request beyond seven days only for the purpose of complying with our legal obligations (permissible within the EU pursuant to: Art. 6 (1) (c) GDPR). In this case, we delete your data on termination of the statutory storage period, beginning at the conclusion of the contract. We will delete your data at the end of this retention period without any request to do so on your part.
5.1 Recommending products to existing customers
If you have ordered products from us and provided your email address, we are permitted by law to send you product recommendations for similar products which could be of interest to you, where you have not objected this use during the purchase process. This form of contact will only occur for the purpose of sending product recommendations via email to you as an existing customer. In this, we are pursuing our legitimate interest in sending personalised direct advertising to existing customers (permissible within the EU pursuant to: Art. 6 (1) (f) GDPR). If you have initially objected to this use of your email address, we will not send this information to you via email. You may withdraw your consent to the use of your email address to receive such messages from us at any time and with future effect. After receipt of your withdrawal of consent, we will cease the use of your email address for this purpose without delay.
5.2 Newsletter subscription
You can register for our email newsletter on our website. Our newsletter provides regular updates on new items, interesting offers and new promotions and campaigns. To receive our newsletter, you must only provide your email address. You may also choose to provide your name, to allow us to address you personally. We use the double opt-in process for our newsletter subscription. For this purpose, we will send you a confirmation email after we have received your consent to a newsletter subscription. In this email, we will ask you to confirm your subscription via a provided link. You will only receive our newsletter after this (second) activation of the service.
We store your email address and name if provided along with the declaration of consent for newsletter delivery for the period of your subscription, or until you withdraw your consent (cancel subscription). Any other data collected as part of newsletter delivery will be deleted after seven days.
5.3 Consent to newsletter subscription within the EU
The address you provided for our newsletter subscription and any other data you provided such as your name will solely be used for the purposes of sending advertisements to you via electronic mail. This sending of electronic advertising is lawful pursuant to Art. 6 (1) (a) GDPR.
You can withdraw your consent to the use of your email to receive newsletters at any time with future effect by sending an email or using our online contact form, or the link provided with the newsletter. After cancellation of this service, we will delete your email address without delay from our distribution list, unless you have expressly consented to another use of your data, or we reserve the right to use your data for lawful purposes and of which you have been informed appropriately. Data processing is legal until you withdraw your consent.
Your declaration of consent will be recorded electronically for the purposes of verification. On registration for the newsletter we also store the IP address provided by your Internet Service Provider (ISP) as well as the date and time of your subscription to trace any potential misuse of your email address at a later date.
If you have not consented to the newsletter subscription or have withdrawn said consent, you will only receive electronic mail from us in connection with the processing of orders you have placed with us.
5.4 Service providers for sending electronic advertising
Product recommendations and our newsletter are sent via email using the services provided by the following service provider: Mailchimp, a platform of The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA. This service provider acts on our behalf and strictly on our instructions, and is provided with your email address and your name (where provided) for this purpose. These data are processed on the service provider’s servers.
This service provider, acting on our behalf, will only use this information for delivery purposes and for the statistical assessment of the newsletter. For the purposes of this assessment, the emails contain web beacons or tracking pixels. This allows us to ascertain whether a newsletter has been opened, and which links you may have clicked. Using conversion tracking, we can then also analyse whether a certain action (e.g. the purchase of a product on our online pages) has taken place after clicking the link in the newsletter. Additionally, we collect further technical information, namely the time of access, the masked IP address, browser type and operating system. This technical information is exclusively collected in an anonymised form and is not linked to your personal data or your customer account, making it impossible for us to link that information back to you. In this way, we can rule out any connection of the data with your person. The data are only utilised for statistical analysis of our newsletter campaigns. The results of this analysis assist us in adapting our newsletter to customise future offers better to our customers’ interests. This analysis is lawful pursuant to Art. 6 (1) (f) GDPR as a legitimate interest in the optimisation and adaptation of our newsletter to better meet demand (permissible within the EU pursuant to: Art. 6 (1) (f) GDPR).
If you wish to reject the use of these data for analytical purposes, you must unsubscribe from the newsletter.
We have entered into a Data Processing Agreement with the service provider to protect our customers’ data and to not disclose that data to third-parties. This service provider is also registered with the “Privacy Shield” Program of the US Department of Commerce. The service provider is also obliged to observe the privacy protection provisions of the EU-US Privacy Shield, the legal framework for transatlantic transfer of data agreed between the European Commission and the United States of America. Available here: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv%3AOJ.L_.2016.207.01.0001.01.ENG.
More information on data processing by the service provider is available here: https://mailchimp.com/legal/privacy/.
6. Data processing in Canada
Personal data are also processed in Canada. An agreement between the EU and Canada mutually recognises adequacy of data protection. This provides the legal framework for the transatlantic transfer of data. You can read the agreement here: https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32002D0002
7.1 What are cookies?
7.2 What cookies do we use?
According to function, we classify our cookies as Required, Functional, Analysis & Statistics, and Advertising and Marketing. Some of the cookies we use are required for you to use our web pages (so called session cookies). If you disable this cookie, our pages may not be accessed. The authentication cookie provides you with access to the log-in page. Without this cookie, you cannot register or access the log-in page. These session cookies will be deleted when you close your browser.
Other cookies remain on your device and allow us and our partner companies (third-party cookies) to recognise your browser on your next visit (persistent cookies). Persistent cookies are automatically deleted after a certain period of time, which differs from cookie to cookie. For advertising purposes, we use a retargeting cookie which allows us to show you interesting offers, even outside of our web pages. For more information, see the following overview of cookies used.
7.3 What is the purpose of using cookies?
Most of the cookies we use do not store any information that can identify you personally or that makes you identifiable. Rather, these cookies provide us with general and anonymised information regarding the use of our websites, the pages that are visited, the browsers and operating systems used and the cities our visitors are located. We only collect masked IP addresses which make it impossible to recognise individual users or be assigned to any one individual.
In some cases, settings may be saved using cookies to simplify certain processes (e.g. registration). This processing is carried out in order to fulfil our obligations to you (permissible within the EU pursuant to: Art. 6 (1) (b) GDPR).
7.4 How to disable cookies
You can set your browser to inform you about the setting of cookies and whether you wish to accept cookies individually, or to accept only specific kinds of cookies, or to disable all cookies. Each browser is different in the way it administers its cookie settings. The Help menu of your browser provides information on how to change your cookie settings. You can find this information for your browser using the links below:
- Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
- Edge: https://support.microsoft.com/en-US/help/4027947/microsoft-edge-delete-cookies
- Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
- Chrome: https://support.google.com/chrome/answer/95647?hl=en&hlrm=en
- Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/12.0/mac/10.14
- Opera: https://help.opera.com/en/latest/web-preferences/#cookies
Alternatively, the Digital Advertising Alliance provide information on cookies and settings at www.aboutads.info.
We sometimes work with web partners who help us to make our web pages more interesting for you. For this purpose, when you access some of our pages online, cookies from our partner companies may also be stored in your device (third-party cookies). This section provides more information regarding the use of these kinds of cookies, their scope, and the data they collect. The third-party cookies used by us are partially used for data processing in the USA. These service providers (e.g., Google, Facebook) are registered with the “Privacy Shield” Program of the US Department of Commerce.
They are also obliged to observe the privacy protection provisions of the EU-US Privacy Shield, the legal framework for transatlantic transfer of data agreed between the European Commission and the United States of America. Available here: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv%3AOJ.L_.2016.207.01.0001.01.ENG.