Data Protection is a priority issue for Eurosmart and its members. This page aims at informing you in accordance with the General Data Protection Regulation (GDPR) provisions about the use of personal when you browse our website and the rights you have as a data protection subject.
1. Legal basis, personal data
2. Name and address of the controller
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
Rue de la Science 14b
1040 Brussels – BELGIUM
Phone : +32 2 880 36 35
Email : email@example.com
Data Protection Officer is:
Director of Operations
Rue de la Science 14b
1040 Brussels – BELGIUM
Phone : +32 2 880 36 35
Email : firstname.lastname@example.org
Hosting company is:
2 rue Kellermann
The website of Eurosmart is hosted by a mutulalised cluster of servers located in France.
Cookies may contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites to identify the internet browser used.
The data subject may, at any time, prevent the setting of cookies through our website by setting the browser preferences accordingly, and may thus permanently avoid the setting of cookies. Furthermore, cookies already set may be deleted at any time in the browser preferences or by other software programs. If the user deactivates cookies in his internet browser, not all functions of our website may be entirely usable.
4. Collection of general data and information
The website of Eurosmart collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.
When using these general data and information, Eurosmart does not draw any conclusions in respect of the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, Eurosmart may analyse anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our organisation, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
5. Data protection provisions about the application and use of Google Analytics
Data protection provisions about the application and use of Google Analytics On this website, the controller has integrated the component of Google Analytics (with the anonymiser function). Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behaviour of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics are mainly used for the optimisation of a website and in order to carry out a cost-benefit analysis of Internet advertising. The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States. The purpose of the Google Analytics component is to analyse the traffic on our website. Google uses the collected data and information, inter alia, to evaluate the use of our website and to provide online reports, which show the activities on our websites, and to provide other services concerning the use of our Internet site for us. Google Analytics places a cookie on your information technology system. The definition of cookies is explained above. You may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the Internet browser used would also prevent Google Analytics from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Google Analytics may be deleted at any time via a web browser or other software programs.
Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html Google Analytics is further explained under the following Link https://www.google.com/analytics
6. Data protection provisions about the application and use of Twitter
On this website, the controller has integrated components of Twitter. Twitter is a multilingual, publicly-accessible microblogging service on which users may publish and spread so-called ‘tweets,’ e.g. short messages. These short messages are available for everyone, including those who are not logged on to Twitter. The tweets are also displayed to so-called followers of the respective user. Followers are other Twitter users who follow a user’s tweets. Furthermore, Twitter allows you to address a wide audience via hashtags, links or retweets.
The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, UNITED STATES.
With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which a Twitter component (Twitter button) was integrated, the Internet browser on your information technology system is automatically prompted to download a display of the corresponding Twitter component of Twitter.
Further information about the Twitter buttons is available under https://about.twitter.com/de/resources/buttons The applicable data protection provisions of Twitter may be accessed under https://twitter.com/privacy?lang=en
7. Newsletter tracking
The newsletter of Eurosmart contains so-called tracking pixels. A tracking pixel is a miniature graphic embedded in such e-mails, which are sent in HTML format to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online diffusion, optimize the newsletter and adjust it to meet the readers’ interests. Based on the embedded tracking pixel, Eurosmart may see if and when an e-mail was opened by a data subject, and which links in the e-mail were clicked by data subjects. These personal data will not be passed on to third parties. Data subjects are at any time entitled to object this use of the data.
9. Contact form
Our website allows the users to contact us via a contact form or the contact information given. If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of dealing with the data subject’s request. There is no transfer of this personal data to third parties.
10. Period for which personal data are stored
The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to.
If the storage purpose is fulfilled, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or erased in accordance with legal requirements. Newsletter data are deleted once the user unsubscribes. Data sent in connection with requests send to us via our website are deleted once the purpose of the communication is fulfilled. Our right to retain data for a longer period in accordance with legal retention periods or due to possible disputes remain unaffected.
11. Rights of the data subject
a) Right of confirmation
Each data subject shall have the right to obtain from us the confirmation as to whether personal data in respect of him or her are being processed.
b) Right of access
Each data subject shall have the right to obtain from us free information about his or her personal data stored at any time and a copy of this information.
c) Right to rectification
Each data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
d) Right to erasure
Each data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary:
The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
The data subject withdraws consent to which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
The data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR.
The personal data have been unlawfully processed.
The personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.
e) Right of restriction of processing
Each data subject shall have the right to obtain from the controller restriction of processing. where one of the following applies:
f) Right to data portability
Each data subject shall have the right to receive the personal data concerning him or her, which was provided to a controller, in a structured, commonly used and machine-readable format. He or she shall have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, as long as the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR, or on a contract pursuant to point (b) of Article 6(1) of the GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, in exercising his or her right to data portability pursuant to Article 20(1) of the GDPR, the data subject shall have the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
In order to assert the right to data portability, the data subject may at any time contact any employee of the Pentatonic GmbH.
g) Right to object
Each data subject shall have the right to object, on grounds relating to his or her particular situation, at any time, to processing of personal data concerning him or her, which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions.
h) Right to withdraw data protection consent
Each data subject shall have the right to withdraw his or her consent to processing of his or her personal data at any time.
i) Right to lodge a complaint
Each data subject shall have the right to lodge a complaint with a supervisory authority.
12. Legal basis for the processing
Art. 6(1) lit. a of GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose, such as our newsletter. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when we process data while you are visiting our website or send us a message via our contact form or by using our contact data, the processing is based on Article 6(1) lit. b GDPR. Finally, processing operations could be based on Article 6(1) lit. f GDPR, as is the case, when we collect information about your visit at our website and store cookies. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Our legitimate interest is to improve our website and to make it more user-friendly.
12. Existence of automated decision-making
Eurosmart does not use your data for profiling purposes or automatic decision-making.