Protection of Data Privacy
Data protection declaration
Welcome to FUCHS HELLAS S.A.!
We are very pleased that you are visiting our website and thank you for your interest in our company, products and website. Data protection and data security are extremely important to us. We would therefore like to take this opportunity to inform you about the personal data relating to you that we capture when you transact with our company and visit our website and the purposes for which it is used. Please therefore take note of the information that follows.
As changes to the law or to our internal procedures may make it necessary to modify this data protection declaration, we would ask you to read through this data protection declaration regularly. The data protection declaration can be viewed, saved or printed out at any time by clicking on the “Data protection declaration” option.
- 1 Controller and scope of application
The controller, within the meaning of the General Data Protection Regulation (hereinafter referred to as the GDPR) and other national data protection laws of member states as well as other data protection legislation, is:
FUCHS HELLAS S.A.
2-4 Mesogeion ave., Athens Tower,Building Β
11527 Athens, Greece
Tel.: +30 210 6712646
Fax: +30 210 6745535
This data protection declaration covers the pages published on the internet by FUCHS HELLAS S.A., which can be viewed on the domain www.fuchs.com/gr/en/ as well as all sub-domains (hereinafter referred to as “our website”).
- 2 Data protection officer
The external data protection officer for the controller is:
Attorney at law, LL.M. EU Law
48 D. Soutsou st.
11521 Athens, Greece.
- 3 Principles of data processing
Personal data is defined as all information which relates to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address or your usage behaviour. Information that does not allow us (or only allow with a disproportionate amount of effort) to connect the data to you as a person - e.g. through anonymising the information - is not counted as personal data. The processing of personal data (e.g. collecting, accessing, using, saving or relaying personal data) must always have a basis in law, or your consent must have been obtained. Processed personal data is erased as soon as the purpose of the processing has been fulfilled and there are no statutory record-keeping obligations to be met.
You will find below information on the specific processes, scope and purpose of data processing, the legal basis for the processing and the length of time for which data will be stored for those cases where we process your personal data in order to be able to provide you with certain services.
- 4 Individual processes involving data processing
1. Provision and usage of the website
a. Type and scope of data processing
When you access and use our website, we capture the data that your browser automatically transmits to our server. This data is temporarily stored in a so-called log file.
When you use our website, we capture the following data that we need for technical reasons in order to be able to show you our website and to ensure its stability and security; and which is also analysed for statistical purposes only:
- IP address of the source computer
- Date and time of access
- Name and URL of the file accessed
- Website facilitating access (referrer URL)
- Controller sub-domains visited
- Browser used and, where applicable, your computer’s operating system and the name of your access provider
- Access status (http status code)
b. Legal basis
The legal basis for the data processing referred to above is provided by Art. 6 (1) (f) GDPR. The processing of the data referred to above is required for the provision of a website and thus necessary for the purposes of the legitimate interests pursued by our company.
c. Data storage duration
The log files created in conjunction with the usage of our website will be held for a period of 14 days and subsequently erased. The capture of the data and its storage in log files is required for the operation of the internet pages and for ensuring the stability and quality of this service. Greater and/or longer storage of data shall apply in cases stipulated by law.
2. Contact options on our website
You have the following different email contact options available to you through our website:
General contact: firstname.lastname@example.org
Customer Service: email@example.com
a. Type and scope of data processing
Every user of our website can send his or her queries or messages to these email addresses. Our central enquiry point and the relevant specialist department - Customer Service - will process enquiries/messages, based on the contact form you have used, by email. The data we collect is limited to the email address of the email account used by you to make contact with us, along with any personal data you provide us with in the context of your enquiry/message.
b. Legal basis
Data collection is permitted based on Art. 6 (1) (f) GDPR, as there is a parallel interest between you and our company in making contact and communicating, as well as a justified interest on the part of our company in processing the abovementioned data in order to be able to respond to your enquiry/message.
c. Data storage duration
The period of time for which the abovementioned data will be stored is dependent on the reason for your having made contact. Your data will be routinely erased once the reason behind the communications has lapsed and storage is no longer necessary (e.g. once your enquiry/message has been dealt with/responded to).
3. Business transactions
a. Type and scope of data processing
In case of business transactions, the data we process include your master data (first name, surname, name supplements, ID data), contact data (address, telephone number, email address) as well as other data we receive on account of our cooperation (e.g. bank account details, tax identification number). We collect the abovementioned data directly from you during our transactions.
b. Legal basis
First and foremost, data processing serves to establish, implement and terminate our business relationship. The primary legal basis for this is Art. 6 Para. 1 b) GDPR. If applicable, your separate consents may constitute the legal basis for processing, pursuant to Art. 6 Para 1 a) and 7 GDPR.
We also process your data in order to fulfil our legal obligations, especially in the area of tax law, on the basis of Art. 6 Para 1 c) GDPR.
Where necessary, we also process your data on the basis of Art. 6 Para 1 f) GDPR in order to protect our legitimate interests within the FUCHS Group for purposes of management and communications and administrative purposes.
c. Data storage duration
Your personal data will be erased as soon as they are no longer required for the abovementioned purposes. After termination of our business relationship, your personal data will be stored as long as we are legally obliged to do so. This results regularly from legal proof and storage obligations, which are regulated, among other things, by commercial and tax law. Storage period is then up to ten years. In addition, personal data shall be stored for the period during which claims can be asserted against us (statutory limitation period of five up to twenty years).
- 5 Sharing of data with third parties
We only share your personal data with third parties if:
- You have given your express permission for us to do so, in accordance with Art. 6 (1) sent. 1 lit. a GDPR
- In accordance with Art. 6 (1) sent. 1 lit. c GDPR there is a legal obligation to do so
- This is legally permissible and in accordance with Art. 6 (1) sent. 1 lit. b GDPR necessary for the performance of contract with you
- In accordance with Art. 6 (1) sent. 1 lit. f GDPR the sharing of your data is necessary to safeguard a justified company interest on the part of FUCHS PETROLUB SE and there are no grounds for assuming you have an overriding right not to have your data shared with a third party, which is worthy of protection
- In accordance with Art. 6 (1) sent. 1 lit. f GDPR the sharing of your data is necessary to assert, exercise or defend a legal entitlement and there are no grounds for assuming you have an overriding right not to have your data shared with a third party, which is worthy of protection
- 6 Usage of cookies
- 7 Plug-ins
- Facebook and LinkedIn
Our websites contain social plug-ins for the “Facebook” (Facebook Inc., 1601 S. California Ave, Palo Alto, California 94304, USA) and “LinkedIn” (LinkedIn Headquarters 2029 Stierlin Ct. Ste. 200 Mountain View, CA 94043, USA) social networks. It is possible that personal data on website visitors may be collected through these plug-ins and relayed and linked to the service in question.
FUCHS HELLAS S.A. itself does not collect any personal data through the social plug-ins or the usage thereof. In order to prevent data being relayed to the service provider in the US without the user’s knowledge, we have deployed the so-called Shariff solution on our website. This causes the social plug-ins to be linked in purely as a graphic on the website. The graphics contain a link to the website of the relevant plug-in provider. You are only forwarded on to the provider’s service if you click on one of the graphics. This solution ensures that personal data is not automatically relayed to the providers of the relevant social plug-in when you visit our website. If you click on one of the social plug-in graphics, data can be relayed to, and stored by, the providers in question. If you do not click on one of the graphics there will be no data transmitted between you and the provider of the relevant social plug-in. You can find out further information on the Shariff solution on this website: https://github.com/heiseonline/shariff
Once you have clicked on a social plug-in, the provider in question will receive the information that you have visited the relevant page on our website. Please be aware that you do not have to have a user account for the service in question nor do you already need to be logged in for this to happen. But should you have a user account with the service provider in question and already be logged in when visiting our website, the data collected by the social plug-in will be directly linked to your account. If you do not want to have the data linked to your profile with the service provider you must log out of your user account before clicking on a social plug-in.
Please be aware that FUCHS HELLAS S.A. has no influence on whether, and to what extent, the service providers in question collect personal data. We do not know the scope, purpose or storage duration of the data collected. We would, however, point out that it must be assumed that, at the very least, the IP address and device-related information will be collected and used by the social plug-ins. Also service providers in question deploy cookies.
Please read the data protection notifications directly on the websites of the services in question to establish the scope and purpose of each service’s data collection activities as well as how your data is further processed and used. You will also find information on your relevant data protection rights and on settings options to protect your privacy there.
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA
LinkedIn Inc., LinkedIn Headquarters 2029 Stierlin Ct. Ste. 200 Mountain View, CA 94043, USA:
A button for the “XING” network is used on our website. When you click on this button a connection is quickly established through your browser to the servers of XING AG (hereinafter: XING), which provide the “XING button” functions. XING does not store any of your personal data as a result of you accessing this website. In particular, XING does not store any IP addresses. There is also no analysis made of your user behaviour through the deployment of cookies in conjunction with the “XING share button”. You can view the current data protection information concerning the “XING share button” as well as supplementary information on this web page:
- 8 Hyperlinks
On our website there are so-called hyperlinks to the websites of other providers. If you activate these hyperlinks you will be taken from our website directly to the website of the other providers. This can be seen from the change in URL, amongst other factors. FUCHS HELLAS S.A. has no influence on the content or design of these other providers’ web pages. Understandably, therefore, the assurances made in this data protection declaration do not apply to the providers’ web pages. Please inform yourself of the treatment of your personal data by these organisations by visiting their websites direct.
- 9 Rights of data subjects
The GDPR has provided for you, as a data subject, to have the following rights in respect of the processing of personal data:
- Art. 15 GDPR provides for you to demand information on the personal data we process in relation to you. In particular, you can demand information on the purposes for which we process data relating to you; the categories of personal data; the categories of recipients to whom your data has been or will be presented; the scheduled duration of data storage; the existence of a right to rectification, erasure, restriction of the processing or to object to processing; the existence of a right to complain; the source of the data on you if it has not been collected by us; whether the data is to be transferred to a third country or international organisations; and whether data is selected on the basis of an automated decision-making process or profiling, with meaningful information on the details of this process, where applicable.
- Art. 16 GDPR provides for you to demand the immediate rectification or supplementing of your personal data held by us.
- Art. 17 GDPR provides for you to demand the erasure of your personal data held by us, provided the processing thereof is not required to exercise the right to freedom of expression and information, to meet a legal obligation, for public interest reasons or to assert, exercise or defend legal claims.
- Art. 18 GDPR provides for you to demand the restriction of processing of your personal data where you dispute the accuracy of the data; the processing is unlawful; or we no longer require the data but you oppose its erasure because you need it to assert, exercise or defend legal claims. You are also entitled to the right provided for in Art. 18 GDPR if you object to the processing in accordance with Art. 21 GDPR.
- Art. 20 GDPR provides for you to demand to receive, in a structured, current and machine-readable format, the personal data you have provided to us; or you can demand that it is relayed to another controller.
- Art. 7 (3) GDPR provides for you to withdraw the consent you gave us at any time. The consequence of this is that we may in future no longer continue with the data processing dependent on this consent.
- Art. 77 GDPR gives you the right to complain to a supervisory authority. The contact information for the supervisory authority responsible for our company is:
Hellenic Data Protection Authority
1-3 Kifisias ave.
11523 Athens, Greece
Tel.: +30 210 6475600
Fax: +30 210 6475628
- 10 The right to object
Where your personal data is processed on the basis of legitimate interests, Art. 6 (1) sent. 1 lit. f GDPR provides for you, in accordance with Art. 21 GDPR, to object to the processing of your personal data, where there are grounds for so doing based on your own particular situation, or your objection is to direct marketing. In the case of direct marketing you have a general right to object, which we must implement without the need for stating the existence of a particular situation.
- 11 Data security and backup measures
We undertake to protect your privacy and to treat your personal data with the utmost confidentiality. In order to avoid the manipulation, loss or misuse of the personal data we have stored that relates to you, we have adopted extensive technical and organisational security measures which are routinely checked and updated in line with improvements in technology. These include the use of recognised encryption methods (SSL or TLS). We must, however, point out that, due to the structure of the internet, observation of data protection rules and abovementioned security measures depends on other persons or institutions who/which do not come under our scope of responsibility. In particular, unencrypted data - e.g. if sent in an email - could be read by third parties. We have no technical influence on this. It is the user’s responsibility to protect the data provided to him/her against misuse, through encryption or some other method.
If you have any queries please do not hesitate to contact us at firstname.lastname@example.org .
FUCHS HELLA S.A.