Data Privacy Notice

(Updated August 2023)

General Information

The protection of your personal data is important to us. Pursuant to EU General Data Protection Regulation (Art. 13 GDPR) we must inform you about the purpose for which we collect, save or forward data, and about your rights to data protection. The content and scope of the data processing corresponds essentially to the respective data that you provide or the data that are required for the business relationship or communication.

The Responsible Parties, the contact details of the Data Protection Officer and the address of the supervisory authority can be found in the Imprint of this website.

Data Processing

We process personal data that we receive from you, from a partner commissioned by you or from one of our business partners in the context of our business relationship. In addition, we process data that we have legitimately received from publicly accessible sources (e.g., commercial register, address directory, media, trade fair participants, webinars). Personal data include your personal details (e.g., title, name, country, address, e-mail address and telephone number, delivery addresses, order and invoice data, information on creditworthiness, documentation data, log of trade fair talks, etc.).

Personal data are processed especially in the following business processes:

  • Visits to the website, Online-Shop
  • Initiation of contact
  • Visitor registration, WLAN guest access
  • Job applications and vocational training
  • Trade fairs, events and product training
  • Customer Hotline
  • Advising by our employees or by trade partners
  • Order processing, delivery, invoicing
  • Marketing actitivities
  • Based on legal obligations (customs and compliance screening, reporting of accidents)
  • Temporary work, training, vacation assistant programs
  • Quality inspections and quality certificates, claims
  • Service accounting of subcontractors
  • Communication and Videoconferencing (especially via Microsoft Teams)

Purposes and Legal Basis of the Processing

We process personal data only in the context of our business activity.

The legal basis for the processing is based on a contractual relationship or a relationship of mutual trust preceding conclusion of a contract, or legal requirements, or based on legitimate interest of our company or based on your consent or if you contact us (e.g., at trade fairs, by e-mail, by post, by telephone or via this website).

In the context of the business relationship, you must provide the personal data required to initiate and maintain the business relationship, and also those that we are legally obligated to collect. If you do not provide us with these data, then we will, as a rule, have to reject your requests or your contact query, conclusion of the contract, or explanation of the order, or have to end an existing contractual relationship.

If you have granted us your consent to processing your personal data, then the processing is carried out only according to the purposes set out in the declaration of consent and in the scope agreed therein. Once granted, your consent can be revoked at any time with future effect without stating reasons, as long as this is legally permissible. Please be aware that lawmakers classify job applications as a pre-contractual business relationship, and application documents are stored for 6 months after conclusion of the application process.

Moreover, we reserve the right to store your first and last names, your mailing address and - if we have received this additional information from you in the context of a contractual relationship - your title, academic degree and your professional, sectoral or business designation in compiled lists and use for own advertising purposes, e.g., for sending interesting offers and information on our products by mail. You can object to the storage and use of your data for these purposes at any time by giving notice at the address stated in the mailing.

If we provide services in advance, e.g., in the case of a purchase on account, we reserve the right to procure information on identity and creditworthiness from service companies specializing in this (credit agencies) to protect our justified interests.

Recipients and Data Transfers

We only transfer your data to third parties if this is permitted by law, if you have provided consent or the transfer is required for fulfilment of our business aims.

If possible, the data are anonymized or pseudonymized for this purpose.

Within our corporate group, only the offices or employees that require your data to meet our contractual, legal or supervisory obligations or for protection of justified interests will receive them.

In addition to this, we transfer your data to processors commissioned by us:

  • IT and hosting service providers (internal within the Freudenberg Group and external like Microsoft 365, SAP, Newsletter systems and hosting services)
  • Security services, visitor registration and registry
  • Credit institutions and payment providers to settle the payment transactions if orders have been placed
  • Back office service providers for handling advertising mailings
  • Suppliers for settlement of product and sample orders
  • Laboratories and institutes for testing of products
  • Transport and logistic fulfillment
  • Marketing partners
  • Agencies for surveys, marketing measures and organization of events.

Furthermore, data are transferred to public agencies and institutions (tax authorities, other authorities, customs offices), if there is a legal or supervisory obligation to do so.

All processors and marketing or trade partners are obligated by contract to process your data only in the context of the provision of services and pursuant to provisions of data protection law in force.

Retention Periods

We store your data only as long as is required for processing of the business transaction or compliance with documentation obligations. Legal requirements stipulate that trade letters be stored at least 6 years, but at least 10 years if their content is relevant for tax purposes. Our IT systems are equipped, moreover, with comprehensive data backup concepts that do not permit premature deletion. In this case, access to data is restricted after expiry of the allowed storage period. Job application documents are saved or stored 6 months after the position has been filled, but if the application is made through an employment agency, then master data must be stored for a longer time.

Rights of the Individual

You have the right to access the information free of charge regarding data that we have saved about you, as well as a right to correction, blocking or deletion of these data. If you have granted your consent for data processing, then you can revoke your consent for future processing.

To do so, please contact at first the contact person which whom you have been recently in contact. In addition, you can contact our Data Protection Officer.

If you believe that we breach European data protection law by processing your data, then we request that you contact us so that we are able to clarify your concerns. Furthermore, you have the right to lodge a complaint with the competent supervisory authority for data protection, if you believe that your personal data is being processed unlawfully.

Technical and Organizational Measures

We make use of state-of-the-art security measures to protect your data appropriately. We have implemented an Information Security System related to ISO 27001. Our employees, subcontractors and trade partners must observe our guidelines on information security.

Additional Information for this Website, for Online Services and for Marketing

You can visit our web pages without providing information about yourself. We store only access data in so-called server log files, such as the name of the requested file, data and time of its retrieval, amount of transferred data and the requesting provider. These data are assessed only for ensuring smooth operation of the webpage and for improving our offerings, and they do not allow us to infer your identity.

Newsletter data

Freudenberg Performance Materials uses Evalanche for sending newsletters. Provider is Evalanche (SC-Networks GmbH). Würmstraße 4, 82319 Starnberg, GERMANY. Evalanche is a service that enables organization and analysis of the newsletter mailing. The data that you enter to subscribe to the newsletter (e.g., e-mail address) are stored on Evalanche’s servers in Germany. As a provider based in Germany, Evalanche follows European data protection obligations in accordance with the EU GDPR.

Our newsletters sent with Evalanche enable us to analyze the behavior of the newsletter recipients. This serves to analyze among other things, how many recipients have opened the newsletter message and how often recipients clicked on each link in the newsletter. Using so-called conversion tracking we can also analyze whether a pre-defined action takes place after clicking on the link in the newsletter. You can find further information on data analysis using Evalanche at: www.sc-networks.com/data-protection/

The data processing is carried out based on your consent (Art. 6, para. 1, lit. a GDPR). You can revoke this consent at any time by cancelling your subscription to the newsletter or opting out of personalized tracking consent. The legitimacy of any data processing procedures that have already been carried out is not affected by the revocation.

If you do not want analysis by Evalanche, then you must cancel your subscription to the newsletter. For this purpose, we provide you with a corresponding link in each Newsletter message.

Personalized Marketing Information

Subscribers can opt-in to receive personalized emails based on your interests and interactions with each email. The personal data collection and evaluation as well as the use of various system functionalities is only permitted if the consent of the subscriber is granted.

You can revoke your consent for personalized marketing at any time using the link in the footer of every email or by contacting us directly at newsletters@freudenberg-pm.com

If we received your e-mail address in connection with the purchase of goods or services, and if you have not objected to this, then we reserve the right to send you regularly offers on our products similar to the one you have already purchased from our product line. You can object to receive marketing information at any time using a link provided for that purpose in the e-mail.

Use of cookies

To make the design of our website attractive to visit and to enable the use of certain functions, we use so-called cookies on different pages. Cookies are small text files that are stored on your terminal. Some of the cookies used by us are deleted at the end of your browser session, i.e., when you shut down your browser (so-called session cookies). Other cookies remain on your terminal and enable us to recognize your browser again on your next visit (persistent cookies). You can configure your browser so as to be notified when cookies are saved and to decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general. If you do not accept cookies, then the operation of our website may be restricted.

Google Analytics 4

This website uses Google Analytics 4 (“GA4”), a web analytics service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), which enables analysis of our website.

The information is transmitted to Google servers and processed further there. It is also possible that the information will be transmitted to Google LLC based in the USA. For the purpose of data transmissions to the USA, Google is a signatory to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission. We have concluded an third-party processing agreement with Google which contractually ensures that the data of visitors to our site will be protected and prohibits unauthorized disclosure to third parties.

Google uses this information on our behalf to analyze your use of the website, compile reports on web activities for us and to provide additional services associated with use of the website and the Internet. The IP address transmitted by your browser and shortened by the final digits (so that no connection with a person can be made) in Google Analytics will not be merged with any other data by Google. The data collected during the use of Google Analytics 4 will

be stored for a period of 14 months and then deleted.

Cookies will only be placed on the terminal device you are using if you have granted us your express consent for this purpose in accordance with Art. 6 Para. 1 lit. a GDPR.

You can revoke your consent with future effect at any time. To assert your right to withdrawal, please deactivate this service by way of the cookie bot tool provided on the website.

Further legal information on Google Analytics 4 can be found at https://policies.google.com/privacy?hl=de&gl=de and https://policies.google.com/technologies/partner-sites

Use of Sitecore Tracking

For purposes of further development and to improve our approach to customers with contents customized for the customers, this web presence uses the web analysis service from Sitecore. You can prevent saving of cookies by setting your browser software appropriately. We advise you however that if you do so it is possible that all functions of this website will not be fully available to you.

Information on data processing by Sitecore and the corresponding data protection provisions can be found at: www.sitecore.com/trust/privacy-policy

Further information on cookies used can be found on our page www.freudenberg-pm.com/Footer/Cookies.

YouTube

Some of the webpages use video plugins from the video-sharing website YouTube. YouTube belongs to Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“).We embed videos from our official YouTube channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode.

You find further information concerning the treatment of user data in the Privacy Policy of YouTube under: policies.google.com/privacy?hl=en.

Use of a cookiebot

This website uses the cookiebot service provided by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark. Information on data processing through Cybot and relevant privacy regulations can be found at: www.cookiebot.com/en/privacy-policy/.

If an end user provides his or her approval on our websites, the following data are automatically recorded by Cybot: Anonymized IP number of the end user (the last three digits are set to “0”), date and time of approval, browser’s user agent of the end user,the URL from which approval was sent, an anonymous, random, encrypted key, the consent status of the end user serving as a verification of approval.

In the end user’s browser, the key and the approval status are also saved in the “CookieConsent” cookie so that the website can automatically read and comply with the end user’s approval and all subsequent website requests and future end-user sessions for up to 12 months. The key is used for verifying the consent and also for an option which checks whether the approval status saved in the end user’s browser remains unchanged from the original approval which was sent to Cybot.

Additional Information for Social Media Activities

We have our own presence in various social media to present ourselves, provide information, get in touch with the respective users and to communicate with them. Social networks such as LinkedIn, Twitter, Xing, Facebook, Instagram, etc. can generally analyze user behavior extensively.

Even if you are not logged in to your social media account they can recognize you as an unlogged/non-registered user via “cookies” and use statistical data obtained from your next login.

Although some of the social networks provide user information to the owners of business accounts or fanpages, we do not use this information.

Additional Information for Videoconferencing and Microsoft365

Microsoft Teams is part of M365, which we use as a productivity, collaboration, and exchange platform for individual users, teams, communities and networks across our Freudenberg group of companies. As part of our online meetings using Microsoft Teams, we process the following personal data:

  • Communication data (e.g. email address),
  • Logfiles,
  • Metadata (e.g. IP address, time of participation),
  • Profiles (e.g. username).

Through the video conferencing feature of Microsoft Teams, we enable meetings and online events to be held. There is no recording of the videoconference, unless this is expressly agreed upon. We carry out the data processing on the basis of a legitimate interest.

We use Microsoft as a processor according to Article 28 GDPR.

M365 is a software from the company: Microsoft Ireland Operations Limited, One Microsoft Place,

South County Business Park Leopardstown, Dublin 18 D18 P521, Ireland

Microsoft Teams is part of the cloud application M365. A user account is automatically created for use. Data processing with M365 is done on servers in data centers in the European Union in Ireland and the Netherlands. For this purpose, Freudenberg has concluded a controller-processor agreement with Microsoft.

For the purpose of remote maintenance, Microsoft may request access. This access will then be checked by us on a case-by-case basis and granted if approved. In this case, such access may also be made by Microsoft affiliates from outside the European Union. Only in this case of access from outside the European Union in the individual case we have approved, we have concluded standard EU contracts with Microsoft. In order to guarantee an adequate level of data protection when transferring personal data to a third country, we have, as described above, additional measures in the form of state-of-the-art technical and organizational measures, such as access and encryption concepts for networks, databases, and servers.

Microsoft reserves the right to process customer data for its own legitimate business purposes. We have no influence on these Microsoft data processing operations. To the extent that Microsoft Teams processes personal information in connection with legitimate business purposes, Microsoft is an independent controller of such data processing activities and, as such, is responsible for compliance with all applicable privacy policies.

Login data and IP addresses are deleted in accordance with legal requirements.

Extensive technical and organizational measures have been agreed with Microsoft, which correspond to the current state-of-the-art technology.

Adjustment of the Data Privacy Notice

Please be aware that we can make adjustments of this Data Privacy Notice at any time.

The Sites of Freudenberg Performance Materials