Privacy Policy

Provision of the website

When you visit our website, we collect a range of general personal data and information by default. This general data and information is stored in so-called log files. In particular, the following data may be recorded: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website, (4) the specific (sub)page accessed, (5) the date, time, and duration of access, (6) an Internet Protocol address ("IP address"), (7) the Internet service provider of the accessing system, and (8) other similar data and information that serves to avert danger in the event of attacks on our information technology systems (collectively, "log file data").

When using log file data, we do not draw any conclusions about a specific person. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content, and (3) ensure the long-term functionality of our information technology systems and technology. We may evaluate the log file data statistically and further with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data we process. We store the log file data separately from all personal data provided by a data subject.

The legal basis for the temporary storage of log file data is Art. 6 para. 1 lit. f GDPR (balancing of interests). We have a legitimate interest in collecting and temporarily storing the aforementioned data, as the temporary storage of the IP address by the system is necessary to enable the delivery of our website. The data is stored in log files to ensure functionality. In addition, this data is used to optimize and ensure the security of our information technology systems.

The log file data is deleted as soon as it is no longer required for the purpose for which it was collected.

General information on the use of cookies

Our website uses so-called "cookies." Cookies are small text files that are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit/session. Permanent cookies remain stored on your device until you delete them yourself or until they are automatically deleted by your web browser.

Cookies have various functions. Many cookies are technically necessary, as certain functions of the website would not work without them (e.g., the shopping cart function or language settings). Other cookies are used to evaluate user behavior or display advertising.

The processing of data through the use of strictly necessary cookies is based on Section 25 (2) No. 2 TDDDG. The processing of the data collected in this way is based on a legitimate interest pursuant to Art. 6 (1) lit. f GDPR in the technically error-free provision of our website.
‍
We use two types of technically necessary cookies:
‍

• The cfuvid cookie is used to limit or regulate traffic and thus ensure the security of our website.
• Consent cookie, which we use to store your selected preferences and consents.

When you contact us

If you contact us by e-mail, the information you provide in the e-mail, including the personal data you provide in there, will be stored by us for the purpose of processing your request and in case of follow-up questions. Providing an e-mail address is necessary to contact us and receive an answer; providing your first and last name and telephone number, for example, is voluntary.
‍
The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 (1) lit. f GDPR and, if applicable, Art. 6 (1) lit. b GDPR, provided that your request is aimed at concluding a contract. Your data will be deleted after processing the request, provided that there are no legal retention obligations.

Disclosure to third parties

We only disclose your personal data to third parties if this is necessary for the respective purposes, if we have obtained your prior consent to do so, or if we are subject to a legal obligation within the meaning of Art. 6 (1) (c) GDPR.

Data will only be transferred to third countries outside the EU and the EEA if the recipient country has been deemed adequate by the EU Commission within the meaning of Art. 45 GDPR or if the requirements of Art. 44 ff. GDPR are otherwise complied with.

Recipients

For the operation of our website and for handling our communication with you, we work with selected service providers who process data on our behalf for specific purposes. We only pass on data to service providers who have been carefully selected by us and commissioned in writing within the scope of legally permissible data processing agreement. These service providers only receive the data that is necessary for the fulfillment of the order. This includes the following categories of contractors: Service providers for hosting, maintenance, and development of our website as well as for electronic communication.
‍

• As a web hosting service provider, we work with Webflow, Inc., 398 11th St., Floor 2, San Francisco, CA 94103 in the USA. The USA is a third country within the meaning of Art. 44 ff. GDPR. Webflow, Inc. is certified under the EU-US Data Privacy Framework, meaning that it has been granted an adequacy decision by the European Commission within the meaning of Art. 45 GDPR. In addition, we have concluded standard contractual clauses with Webflow Inc. within the meaning of Art. 46 (2) (c) GDPR.
• For email communication, we use the e-mail provider Outlook from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521. Processing may be carried out not only by Microsoft Ireland Operations Limited, but also by Microsoft Corporation, Redmond, WA in the USA. The USA is a third country within the meaning of Art. 44 ff. GDPR. Microsoft Corporation is certified under the EU-US Data Privacy Framework, , meaning that it has been granted an adequacy decision by the European Commission within the meaning of Art. 45 GDPR. In addition, we have concluded standard contractual clauses with Webflow Inc. within the meaning of Art. 46 (2) (c) GDPR.

Sale or merger

We may disclose your personal data in the event of a merger, acquisition, or sale of all or part of our assets. We will, of course, notify you by e-mail and/or by a prominent notice on our website and inform you of your rights.

The protection of your personal data is very important to us. Although we take reasonable precautions to protect the personal data we collect, please note that no security system is infallible.

We use various appropriate technical and organizational measures and industry standards to protect your personal data from loss, theft, misuse, unauthorized access and disclosure, alteration, and destruction. The personal data we store about you is located on computer systems with restricted access. In addition, we require third parties we engage to comply with appropriate security measures for the information we transmit to them. When you visit our website or send us information via the website, your data is protected by encryption technologies such as Transport Layer Security (https encryption).

Insofar as we process personal data of you, you are a "data subject" within the meaning of the GDPR. As a data subject, you generally have the following rights vis-à-vis us. You can exercise your rights by sending an informal message to

OmniLiv GmbH
Bockenheimer Landstraße, 31
60325 Frankfurt/Main,
Germany

or by email to: info@omniliv.com.

You have the right to

• to obtain information about the personal data we store about you (right of access - Art. 15 GDPR),
• to have the personal data we store about you corrected (right to rectification - Art. 16 GDPR) if it is inaccurate;
• if the conditions are met, to have it deleted (right to erasure - Art. 17 GDPR) and/or
• to restrict the processing of your personal data (Art. 18 GDPR).
  ‍

Furthermore, you are entitled to

• exercise your right to data portability (Art. 20 GDPR) and
• object to the processing of your personal data that we process on the basis of a legitimate interest (Art. 6 (1) (f) GDPR) (Art. 21 GDPR). If you exercise this right to object, we will no longer process your personal data unless we are legally obliged or entitled to continue processing it.
  ‍

You also have the right to withdraw your consent in accordance with Art. 7 (3) GDPR.
‍
If you have given your consent to the processing of your data, you can revoke this consent at any time with effect for the future. Such revocation does not affect the lawfulness of the processing of your personal data that took place prior to the revocation.
‍
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement, if you consider that the processing of your personal data by us infringes the GDPR.