Irrespective of whether you are a customer, potential customer, job applicant or visitor to our website: We, Prym Intimates Hong Kong Ltd. (hereinafter: mysoftseal.com, we), take the protection of your personal data very seriously. So, what does this actually mean?
In the following we give you an insight into which personal data we collect from you, for what purpose and in what form we process them. Moreover, you will be given a summary of your rights under the applicable data protection law. In addition, we provide you with details of the person to contact, if you have any other questions.
1.1 Who are we?
As a controller within the meaning of the applicable data protection laws, we, Prym Intimates Hong Kong Ltd., based in
2/F., Sunking Factory Building,
No. 1-7 Shing Chuen Road,
Tai Wai, New Territories,
Hong Kong, P.R. China
and our European Union representative (art.27 (1) GDPR)
William Prym Holding GmbH,
Zweifaller Str. 130, 52224 Stolberg, Germany
The subject of data protection is personal data. According to art.4 (1) GDPR, this is any information relating to an identified or identifiable natural person. This includes information such as name, mailing address, e-mail address or telephone number, and usage data (e.g. your IP address, if it is not shortened), where applicable.
The processing of personal data as meant by this legal definition is understood to be activities such as the capture, collection, organisation, collating, storing, updating or amendment, the reading, querying, use, disclosure by transfer, dissemination or any other form of provision, the checking or linking, the restriction, blocking, erasure or destruction of personal data.
3. Use of your Personal Data, general information
When you access mysoftseal.com, your browser transmits certain information to our web server for technical reasons in order to provide you with the information you have requested. We do not request any further personal data from our website's visitors to access our website. Personal data that you share with us via a website (e.g. your email address or your registration details) are solely processed for correspondence with you and for the purpose for which you made the information available to use (such as providing our services).
If you use our services and other services, we only collect and store your personal data if it is necessary to provide the service or to execute a contract. For this, it may be necessary to pass on your personal data to companies that we use to provide the service or execute the contract. These include, for instance, transportation companies or other services.
After complete contract execution, your data will be blocked and deleted according to fiscal and commercial law guidelines, unless you have expressly agreed to further use of your data.
Furthermore, we ensure that we will not pass on your personal data to other companies, unless we are legally obligated to do so or with your prior consent.
4. Which personal data do we process?
We collect your personal data when you contact us, for example as a potential customer or a customer. This may occur, for instance, because you express an interest in our products, register for our online services, contact us through our communication channels or when you use our products or services in the context of existing business relationships.
We may process the following types of personal data:
- Information on personal identification
- e.g. first name and surname
- Order data
- e.g. customer number, order number, invoice data, invoice and shipment address data
- Company-related data
- e.g. company name, department, activity; telephone number, fax number, email address
- Data on your online behaviour
- e.g. IP addresses, user names, data on your visit to our website, to the customer portals, actions performed on our website and on the customer portals, place of access
- Information on your interests and requirements, which you communicate to us
- e.g. via our contact form or other communication channels
- Further data on your customer complaints
- You are entitled to contact us with regard to customer complaints through our website. For this we need your e-mail address, names, address data, customer group, telephone number, article number, amount claimed, a detailed description of the fault along with a photograph displaying the fault; all other information is voluntary. The data listed above, which must be provided, are needed by us, so that we can process your complaint with the maximum of efficiency and are able to contact you to make enquiries. In the case of a replacement we need these details also to be able to send you the replacement.
- Technical Data
- For technical reasons when you visit our website data are always transferred from your computer. For example, these include the date and time of your access to our website, the type of browser and settings and the operating system, the amount of data transferred, the site last visited and the access status.
- These data are collected as a matter of routine, but they are not personal data.
and other information comparable to these data categories.
4.1 Sensitive Data
Sensitive data within the meaning of the General Data Protection Regulation, i.e. special categories of personal data such as information on health, political opinions, religious beliefs, trade union membership are not collected by this communication channel.
5. For what purpose do we process your personal data – and on what legal basis
5.1 Performance of a contract
We process your data, in order to be able to perform our contracts. This applies also to information, which you disclose to us in pre-contractual correspondence. The specific purposes of the data processing depend on the respective product and the request made and may also be used to analyse your needs and to check which products and services you are interested in.
5.1.1 Implementation of the contractual relationship
To implement the contractual relationship we need your name, company address, company telephone number and company e-mail address, so that we can contact you.
5.1.2 Provision of goods and services
We also need your personal details, in order to be able to check which products we are able and authorised to provide to you and whether we are able and authorised to offer those products and services.
5.1.3 Complaints form
In the event of a complaint we need the following data on your identity: form of address, first name, surname, e-mail, in order to be able to process you request; any other information provided is voluntary. Insofar as absolutely necessary, your data are forwarded, where applicable, to a transport services provider to process the claim. Apart from this, your data are not forwarded to third parties.
5.2 In accordance with the balancing of interests: we improve our services and offer you suitable products
Important: You have the right to object at any time to the use of your personal data for this purpose.
5.2.1 For the consolidation and optimisation of customer relations
As part of our efforts to improve our relationship with you we occasionally request you to participate in customer surveys. The results of these surveys allow us to make changes to our products and services, so that they match your requirements more closely.
5.2.2 Data processing and analysis for marketing purposes
Your requirements are important to us and we try to provide you with information on products and services, which exactly match your needs. For this purpose we use the insights gained from our business relationship with you and from market research. The aim of this is essentially to adapt our product proposals to your requirements.
What do we specifically analyze and process?
- Results from marketing campaigns, in order to measure the efficiency and relevance of our campaigns;
- Information on your visit to our website;
- We analyze the potential need for our products and services.
5.2.3 Measures for your security
The cases, in which we use your personal data, include:
- We analyse your data to protect you or your company from fraudulent activities. This can occur, if you have become the victim of identity theft or unauthorised parties have obtained access to your user account in some other way.
- If there are technical problems, our IT Support Department works closely with you to improve the reliability of our web applications. In this respect we analyse records of access to pages, actions performed, etc.
- to guarantee IT security;
5.2.4 Evidence in case of possible litigation
We also process your personal data to be able to collect evidence and proof in the event of a legal dispute.
5.3 Your consent
Provided that you have given us your consent for the processing of your personal data for one or more specific purposes, we are permitted to process your data. You have the right at any time to withdraw your consent with effect for the future, without incurring any costs other than the transmission costs in accordance with the basic tariffs (cost of an Internet connection). Revocation of the consent does not affect the legality of the data processed up until the revocation.
220.127.116.11 Contact Form
When we receive a contact request, we need the following data on your identity: form of address, first name, surname, e-mail, in order to be able to process you request; any other information provided is voluntary. Insofar as absolutely necessary, your data are forwarded, where applicable, to a transport services provider to process the enquiry. Apart from this, your data are not forwarded to third parties.
18.104.22.168 Dealer registration form
If you are a dealer, when we receive a contact request, we need the following data on your identity: form of address, first name, surname, e-mail, in order to be able to process you request; any other information provided is voluntary. Insofar as absolutely necessary, your data are forwarded, where applicable, to a transport services provider to process the enquiry. Apart from this, your data are not forwarded to third parties.
5.3.2 Unsolicited applications
Unsolicited applications are processed on the basis of Article 6(1) point (a) GDPR (your consent).
5.4 Legal provisions
As a company we are subject to an extremely wide variety of legal requirements (e.g. under tax legislation). In order to comply with our legal obligations, we process your personal data to the extent required.
6. Where and why we transfer data
6.1 Internal use of data
We provide access to your personal data only to the departments, which require access to these data, in order to fulfil our contractual or statutory duties or to protect our legitimate interests.
6.2 External use of data
We are mindful of the protection of your personal data and transfer information on you only if required to do so by legal provisions, if you have given your consent, or to fulfil contractual obligations.
For example, we have a legal duty to transfer your personal data to the following recipients:
- public authorities or supervisory authoritiesg. tax authorities, Customs authorities;
- judicial and law enforcement agencies, e.g. the police, the Courts, the Public Prosecutor's Office
- barristers, solicitors and notaries, e.g. in legal disputes;
- accountants and auditors.
So that we are able to fulfil our contractual obligations we cooperate with other companies. These include:
- transport services providers and shipping companies
- banks and financial services providersfor the transaction of all financial matters.
Our service providers
In order to operate more efficiently, we rely on the services of external service providers, who may receive personal data in order to fulfil specified purposes; these service providers include IT service providers, print and telecommunication service providers, debt collection, consultancy or distribution companies.
Important: We take the greatest care of your personal data!
In the case of service providers, who are domiciled outside the European Economic Area (EEA), we undertake specific security measures (e.g. by enforcing special contractual clauses), in order to ensure that the data are handled with the same amount of care as in the EEA. We check on a regular basis that all our service providers are complying with our requirements.
Very important: On no account do we sell your personal data to third parties!
6.3 Data protection within the PRYM Group
In order to offer you the best service possible, we occasionally exchange data within the Group. In doing so we guarantee that the applicable regulations of data protection law are complied with and that your personal data are adequately protected at all times.
For this reason we have taken appropriate measures to ensure compliance with data protection within the PRYM Group:
We have concluded contracts with the individual subsidiary companies, which ensure that personal data, which is exchanged within the Group, is always protected.
7. Are you obliged to provide personal data to us?
In the context of the business relationship between you and mysoftseal.com we need the following categories of personal data from you:
- all the data necessary for accepting and performing a business relationship;
- data, which are needed for compliance with contractual duties;
- data, which we are required by law to collect.
Without these data it is impossible for us to enter into or perform any contracts with you.
8. Erasure periods
Pursuant to the provisions on data protection we store your personal data no longer than we need it for the purposes of the respective processing. Provided that the data are no longer needed to comply with contractual or legal duties, they are erased by us on a regular basis, unless we are required to retain them for a specific period. The following are possible grounds for retaining data for a further period:
- Duties of retention under commercial or tax lawmust be complied with: Retention periods take precedence in accordance with the provisions of the national law applicable (for instance retention periods according to the German Commercial Code and the German Tax Code can be up to 10 years).
- For the preservation of evidence in the case of legal disputeswithin the framework of the legal provisions on the statute of limitations: for instance, according to the German civil law the statute of limitations can apply for up to 30 years, although the usual limitation period is three years.
9. Your rights
You also have specific rights where the processing of your personal data is concerned. More exact details can be found in the relevant provisions of the General Data Protection Regulation (Articles 15 to 21).
9.1 Right to ACCESS and rectification
You have the right to receive information from us as to which of your personal data we process. If this information is not correct or is no longer correct, you have the right to request that we rectify the data, or where data are incomplete to complete the data. If we have transferred your data to third parties, we notify the appropriate third party in the case of equivalent legal status.
9.2 Right to erasure
Under the following circumstances you can request the immediate erasure of your personal data:
- if your personal data are no longer required for the purposes, for which they were collected;
- if you have withdrawn your consent and there is no other legal ground for your data to be processed;
- if you object to the processing and there are no overriding legitimate grounds for the data to be processed;
- if your data are processed unlawfully;
- if your personal data have to be erased to comply with legal duties.
Please note that prior to erasing your data we must check that there are no legitimate grounds for processing your personal data.
9.3 Right to restriction of processing (right to blocking)
You have the right to request us to restrict the processing of your personal data on any of the following grounds:
- if you contest the accuracy of the data, before we have had the opportunity to make sure of the accuracy of the data;
- if we process the data unlawfully, but instead of requiring that the data be erased, you request only that the use of the data be restricted;
- if we no longer need the personal data for the purposes of the processing, but you need the data to establish, exercise or defend legal claims;
- if you have objected to the processing and have not yet established whether your legitimate interests override ours.
9.4 Right to object
9.4.1 Right to object on a case to case basis
If the processing is in the public interest or is based on a balancing of interests, you have the right on grounds relating to your particular situation to lodge a complaint against the processing. If the objection is upheld, we shall not continue to process your personal data, unless we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms or because your personal data serve to establish, exercise or defend legal claims. The objection does not apply to the legality of the processing of the data prior to the lodging of the objection.
9.4.2 Objection to advertising
In the cases, in which your personal data are used for advertising campaigns, you have the right at any time to object to this form of processing. We shall then no longer process your personal data for these purposes.
The objection need not be in any particular form and should preferably be sent to our following email address:
9.5 Right to data portability
You have the right to receive on request the personal data, which you have provided to us for processing, in a transferable and machine readable format.
9.5.1 Right to lodge a complaint with the supervisory authority (Article 77 GDPR)
We try to respond to your enquires and claims as fast as possible in order to protect your rights accordingly. Depending on the frequency of the enquiries, it may happen that up to 30 days elapse before we are in a position to give you further information on your concerns. If the delay should be longer, we shall notify you in good time of the reasons for the delay and we shall discuss with you how to proceed.
In some cases we are unable or are not permitted to give information. Insofar as legally admissible, we shall share with you the reason for the delay.
If, nevertheless, you are not satisfied with our responses and reactions or consider that we are in breach of applicable data protection law, you have the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for us is:
Die Landesbeauftragte für Datenschutz und Informationsfreiheit
Kavalleriestr. 2-4, 40213 Düsseldorf, Germany
Phone: +49 211 38424-0
Fax: +49 211 38424-10
9.6 Final provisions
9.6.2 Additional Questions
Please contact us at the address listed in section 1.1 for any additional questions you may have.