Data protection declaration
The responsible party as per the General Data Protection Regulation, other data protection laws valid in the member states of the European Union and other regulations relating to data protection, is:
Glen Dimplex Deutschland GmbH
Am Goldenen Feld 18
Data protection agent
You can contact our data protection agent at: E-mail: firstname.lastname@example.org.
Protecting your personal data is important to us. This is why we carry out our activities in accordance with the applicable legal regulations for the protection of personal data and data security. Below, you will find information on data protection for our website.
Definition of terms
The data protection declaration of Glen Dimplex Deutschland GmbH is based on the terminology used by the European directive issuing body and regulators in the General Data Protection Regulation (GDPR). Our data protection declaration is intended to be easy to read and understand for the general public, as well as for our customers and business partners. To ensure this, we will explain some of the terms used below. The following terms are used in this data protection declaration:
a) Personal details
Personal details are all information relating to an identified or identifiable person (referred to in the following as “affected person”). The term identifiable refers to a natural person who can be identified, directly or indirectly, in particular through connection to an identifier such as a name, identification number, location data, online ID or one or multiple unique features that are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
b) Affected person
An affected person is any identified or identifiable natural person whose personal details are processed by the person responsible for processing.
Processing refers to any process carried out with or without the help of automated methods or any such series of processes in connection with personal details, such as collecting, logging, organising, sorting, saving, amending or changing, reading out, querying, using, publishing by sending or distribution, or any other form of supplying the information, comparing or linking, restricting, deleting or destroying the information.
d) Limiting the processing
Limiting processing involves marking saved personal details with the goal of limiting their future processing.
Profiling is any form of automated processing of personal details, where these personal details are used to evaluate specific personal aspects relating to a natural person, in particular to analyse or predict aspects connected to work performance, economic situation, health, personal preferences, interests, reliability, conduct, whereabouts or changes in location of this natural person.
Pseudonymization is the processing of personal details in such a way that the personal details can no longer be linked to a specific affected person without additional information, providing this additional information is stored separately and technical and organisational measures are in place to ensure that the personal details are not assigned to an identified or identifiable natural person.
g) Responsible person or person responsible for processing
A responsible person or person responsible for processing is the natural or legal person, authority, organisation or other entity responsible for making decisions regarding the purpose and means of processing personal details, either alone or as a collective.
h) Order processor
An order processor is a natural or legal person, authority, organisation or other entity responsible for processing personal details on behalf of the responsible person.
A recipient is a natural or legal person, authority, organisation or other entity who receives personal details, regardless of whether or not they are a third party. Authorities, who receive personal details as part of an investigation request in accordance with European Union law or the law of the member states, are not regarded as recipients, however.
j) Third party
A third party is a natural or legal person, authority, organisation or other entity apart from the affected person, the responsible person, the order processor and the persons authorised to process personal details under the direct authority of the responsible person or the order processor.
Consent is any notification of intent given for the specific case in an informed and unambiguous way in the form of a declaration or other clearly confirming action, with which the affected person states that they consent to the relevant personal details being processed.
2. Data collection, data transfer and usage
a) Data collection
Your visit to our website will be logged. The main pieces of data that are logged are the IP address currently used by your PC, the date and time, the browser type and the operating system of your PC, as well as the pages you view. It is not usually possible to relate this information to a specific person and this is also not intended. This information is only logged for the purposes of data protection and to optimize our web content. No other evaluation of the data takes place, except for statical purposes exclusively in anonymous form. No personal surf profiles or similar are created or evaluated.
b) Data transfer and usage
The personal information you provide via a website or via e-mail (e.g. your name and address or your e-mail address), will only be used for correspondence with you and for the purpose for which you provided the information. If service providers are used to carry out and complete work processes, the contractual relationships will be regulated in accordance with the Federal Data Protection Act and the EU General Data Protection Regulation.
3. Consent and revocation
Personal data provided via our website will only be stored until the purpose for which it was provided is fulfilled. In special cases, a use beyond the legal retention periods may take place if this is required as evidence for or for the protection of legal claims or to defend against legal action. The use of your e-mail address, telephone and/or mobile number and fax number for the purposes of advertising or market and opinion research requires separate consent. You can give this consent electronically when entering your details and revoke it at any time for the future. If you are no longer happy for your personal details to be stored or if these details are no longer correct, we will arrange for your details to be deleted on request (where possible according to the valid law), for your details to be blocked or for the necessary corrections to be made. On request, we can provide information on all personal details we have stored relating to you free of charge.
4. Internal security measures
We guarantee the confidentiality and security of your personal details by only using the details provided via our website or in e-mail communication to fulfil your request or concern. Our employees adhere to confidentiality obligations, our security measures adequately correspond to the current state of technology and our systems are regularly checked for security so that we can guarantee lasting protection from any damage, losses and access to data held by us.
5. Notes on improving personal data security
Cookies are small text files stored on the PC of the internet user. They are used to control the internet connection during your visit to our websites. Cookies also provide us with information that enables us to optimize our websites to suit the requirements of the user. Some cookies are only used for the duration of the visit to the website.
7. Google Analytics
This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses so-called cookies. These are text files which are stored on your computer and enable an analyse of your usage of the website. The information produced by the cookie concerning your use of this website is generally transmitted to Google servers in the USA and stored there. If IP anonymization is activated on this website, your IP address will be abbreviated beforehand by Google within the member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and abbreviated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on the website activities and to provide additional services connected with the use of the website and internet use for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be combined with other data held by Google. You can prevent cookies from being created by activating the relevant setting in your browser software; we would like to point out, however, that not all functions of this website may be available in this case. You can prevent the data generated by the cookie relating to your use of the website (incl. your IP address) from being sent to Google and this information being processed by Google by downloading and installing the browser plugin under the following link https://tools.google.com/dlpage/gaoptout?hl=en. You can prevent logging by Google Analytics by clicking on the following link. An opt-out cookie is created, which prevents your details from being recorded in the future when you visit this website: Deactivate Google Analytics. Further information on the terms and conditions of use and data protection is available at https://www.google.com/analytics/terms/gb.html or https://www.google.de/intl/en/policies/. We would like to point out that Google Analytics has been supplemented with the code "anonymizeIp" on this website to guarantee anonymous recording of IP address (known as IP masking).
8. Google Maps (route planning / map display)
We use the software module Google Maps to display locations and routes. If you use this service, Google may receive information on your actual location (such as GPS signals transmitted by a mobile device) or information that can be used to determine your approximate location (e.g. the cell ID). Further information on the processing of your data by Google is available under the following link: Google data protection regulations.
9. Web services
Our online presence offers a range of tools, e.g. for calculating the thermal load, an operating costs calculator and a wide selection of other request options, notification options etc. Some of these services record and process personal data. This information is only used for the intended purpose. Some of the data is statistically evaluated in anonymous form. With some applications, data may also be passed on to third parties. This is explicitly pointed out in the application. If you use a user account for an application, your entries will be stored for future use.
GDTS additionally provides various services in the form of web applications and smart device applications. These can be installed via the Google Play Store or Apple App Store.
When you open our app, information of a general nature is automatically recorded. This information includes details such as the type of device or operating system used, and is solely information that cannot be traced back to you personally. We carry out statistical analyses of anonymous information of this type in order to optimise our app and the technology behind it.
To do this, the app uses ‘Crashlytics’ (Fabric) by software company crashlytics. This analytical tool uses the IP addresses of users for analysis purposes, however these are used in anonymised form. It is not possible to trace the data back to a specific person. For more information, please visit http://try.crashlytics.com/terms/.
10. Payment processing in the Dimplex spare parts shop
The payment process in the Dimplex spare parts shop is managed by Heidelpay. Heidelpay (Heidelberger Payment GmbH) is a payment institution recognized by the Federal Financial Supervisory Authority. You remain on the Dimplex website during the payment process, the entire payment process is carried out by Heidelpay in the background. Once the process is complete, we only receive information on the payment status from Heidelpay (payment successful or unsuccessful). We don't receive any personal banking information. You can view the data protection declaration of Heidelpay here.
11. Links to other websites
Occasionally, we include links to third-party websites. Although we select these third parties carefully, we can not provide any guarantee or accept any liability for the correctness or completeness of the content and data security of third-party websites. This data protection declaration also does not apply for linked third-party websites.
12. Updates to this data protection declaration
We reserve the right to amend this data protection declaration from time to time so that it always corresponds to the latest legal requirements or to implement changes to our services in the data protection declaration, e.g. when new services are introduced. The new data protection declaration then applies for your subsequent visit.
All information on this website has been checked carefully. However, we cannot guarantee that the information will be correct, complete and up-to-date at all times. If you notice an error, we would be grateful if you would let us know. We will then correct it as soon as possible.
14. Control and information centre
If you are not satisfied with the data protection measures outlined here or if you have any questions relating to the recording, processing and/or use of your personal details, please get in touch. We will do our utmost to answer your questions and implement your suggestions as quickly as possible.
15. Use of personal data during the newsletter registration
As part of the registration process for the free GDTS Newsletter, you agree to your personal data being collected. This data is only used for sending the newsletter and is not passed on to third parties. If you no longer want to receive newsletters from GDTS in the future, click on the link in the newsletter to unsubscribe.
16. Contact form
For legal reasons, the website of Glen Dimplex Deutschland GmbH contains information that enables quick electronic contact with our company and direct communication with us, including a general address for so-called electronic mail (e-mail address). If an affected person contacts the person responsible for processing via e-mail or via a contact form, the personal details provided by the affected person are saved automatically. Such personal details provided voluntarily by an affected person to the person responsible for processing are saved for the purposes of processing or for contacting the affected person. No personal details are passed on to third parties.
17. Online application form
The personal details provided by you during the application process are processed exclusively for the purpose of filling jobs within our company. Your details will only be forwarded to the internal positions and specialist departments explicitly responsible for the concrete application process within our company. The information will not be used for any other purpose, nor will it be passed on to third parties. The application details and files provided by you are forward to our human resources department and processed in accordance with the internal guidelines and legal regulations. Once your documents have been evaluated, we will contact you. If we no longer require your details, they will be deleted.
18. Rights of the affected person
a) Right to information
b) Right to correction
c) Right to deletion (right to be forgotten)
d) Right to limited processing
e) Right to data portability
f) Right of appeal
g) Right to revoke consent given in line with data protection regulations
19. Legal basis for processing
Our company uses Art. 6 I lit. a GDPR as a legal basis for processing methods, for which we obtain consent for a specific purpose.
b) Fulfilling an agreement
If it is necessary to process personal details in order to fulfil an agreement, where a contractual party is the affected person, as with processing methods required for delivering goods or providing a different service or return service, for example, the processing is carried out in accordance with Art. 6 I lit. b GDPR.
c) Precontractual measures
The same applies for processing methods required to carry out precontractual measures, such as for processing enquiries relating to our products or services.
d) Legal obligations
If our company is subject to a contractual obligation which makes it necessary to process personal details,for fulfilling tax obligations, for example, the processing is carried out based on Art. 6 I lit. c GDPR.
e) Vital interests of the affected parties
In rare cases, it may become necessary to process personal details to protect the vital interests of the affected person or another natural person. This would be the case, for example, if a visitor to our company were to be injured and their name, age, health insurance details or other vital information had to be passed on to a doctor, hospital or other third party. The details would be processed based on Art. 6 I lit. d GDPR in this case.
f) Justified interests of our company
Finally, processing methods may be based on Art. 6 I lit. f GDPR. Processing methods are carried out on this legal basis if they are not covered by any of the legal bases outlined above, if the processing is necessary to preserve a justified interest of our company or a third party, providing the interests are not outweighed by the interests, basic rights and basic freedoms of the affected party. We are authorised to carry out these processing methods in particular because they have been specifically referred to by the European legislator. The legislator maintained that a justified interest could be assumed if the affected person is a customer of the responsible party (Recital 47 Paragraph 2 GDPR). If the processing of personal data is based on 6 I lit. f GDPR, our justified interest is carrying out our business activity for the benefit of all our employees and shareholders.
20. Retention period for personal data
The relevant legal retention period is the criteria dictating how long personal details are stored for. Once this retention period has elapsed, the relevant details are deleted routinely, providing they do not need to be retained to fulfil the agreement or for contract initiation or for enforcing, executing or defending legal claims.
21. Use of automated decision making
As a responsible company, we refrain from using automated decision making or profiling.