Política completa

Data protection provisions 

I. General information 

Name and address of the Controller 

The Controller within the meaning of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (Bundesdatenschutzgesetz (BDSG)) for the learning platform product at training.staedtler.com is: 

 

STAEDTLER SE 

Moosaeckerstrasse 3 

90427 Nuremberg 

Phone: +49 911 9365 0 

 

Contact information of the Data Protection Officer (DPO) 

The DPO can be reached at: 

datenschutz@staedtler.com

 

 II. General information on data-processing 

 1.      Scope 

As a matter of principle your personal data is only processed to enable you to use the learning platform. We obtain your consent to process your personal data if the processing is not already permitted, for example as a result of legal requirements. 

 

2.      Legal basis 

The legal basis for processing your personal data derives from Article 6(1) of the General Data Processing Regulation (GDPR). 

You will find the relevant legal basis after each of the specific purposes for which we process your data.

 

3.      Duration of data storage and deletion of data 

We always delete your personal data when the purpose for saving it no longer applies. However, it is conceivable that data is stored for a longer period as a result of European or national laws, regulations or other requirements. Such data is not deleted until the corresponding retention periods set out in the above legal sources come to an end. The only exception to this is if the data that has been saved is necessary for the conclusion or performance of a contract. As an example of the above, retention periods of up to ten years for specific types of data are demanded by tax law. 

 

III.      Information on our data processing activities 

Visit to our learning platform 

1.      Description and extent of the data processing 

If you visit our learning platform, we always automatically collect information and data from your computer system or terminal. We obtain the following data at this time: 

 

a.      Information about the type of browser and the version used 

b.      The operating system used 

c.      Your Internet service-provider 

d.      Your IP address 

e.      The date and time of your access 

f.       The websites from which you land on our learning platform 

g.      The websites that are accessed by your system via our learning platform 

 

The data we collect is stored in log files. We do not store this data together with your other, different personal data. 

 

2.      Legal basis for the data processing 

Our legitimate interest (Article 6(1), Letter (f) of the GDPR) is the legal basis for the temporary storage of data and log files. For technical reasons it is not possible to use our learning management offering without this data.

 

3.      Purpose of data processing 

It is necessary to store your IP address for the duration of your session so that our learning platform can supply material to your computer or mobile terminal. 

The consistent saving of data in log files guarantees the functional capability of our learning platform and makes an important contribution to the security of the IT systems. We also use the data to improve our product.  

 

4.      Retention period 

The log files we save are normally deleted after seven days. The IP address is only anonymized so that it can no longer be linked to you if it is necessary to store the data for a longer period. 

 

5.      The possibility to object and request data removal 

You have a right to object. However, as the data is essential for the provision of our learning platform, you could subsequently be unable to use the platform. 

 

Registration on our learning platform 

1.      Description and extent of the data processing 

The following data is collected from you for the purpose of registration on our learning platform and for sending information emails to you: 

 

a.      Form of address 

b.      Your given name 

c.      Your family name 

d.      The password you select 

e.      Your email address 

 

2.      Legal basis for the data processing 

In the case of our employees, we process your data for employment-related purposes (Article 6(1), Letter (b) of the GDPR in conjunction with § 26 of the Federal Data Protection Act). Apart from this, the processing is based on your consent in the course of the registration process (Article 6(1), Letter (a) of the GDPR.

 

3.      Purpose of data processing 

You can only register on our learning platform and subsequently use the platform if you supply your data. Disclosure of your email address is necessary so that we can send you access data and, if necessary, remind you of learning units you have not completed. 

 

 4.      Retention period 

The personal data collected from you during the registration process is retained until your account is deleted. 

 

5.      The possibility to object and request data removal 

You can delete your account at any time by clicking on the appropriate field in the learning platform or by informing the Controller directly. 

 

Use of our learning platform 

1.      Description and extent of the data processing 

The following personal data is collected from you so that you can use our learning platform: 

 

a.      Form of address 

b.      Your given name 

c.      Your family name 

d.      Your address 

e.      Your email address 

f.       Course assessment (e.g. access time, session duration and test results) 

g.      Your contributions to forums, chats and wikis 

 

This data is collated in a user profile. 

  

2.      Legal basis for the data processing 

In the case of our employees, we process your data for employment-related purposes (Article 6(1), Letter (b) of the GDPR in conjunction with § 26 of the Federal Data Protection Act). Apart from this, the processing is based on your consent in the course of the registration process (Article 6(1), Letter (a) of the GDPR.

  

3.      Purpose of data processing 

You can only access and use the learning platform if you supply your personal data. 

  

4.      Retention period 

Your user profile data is stored until you delete your user profile. The user profile data is also deleted as soon as a course is removed from the learning platform. In order to comply with our obligations as the responsible party under data protection law, we save our employees’ usage data for 3+1 years, i.e. the usage data is deleted in the course of the fourth year after successful completion of the training course.

 

5.      The possibility to object and request data removal 

You can delete your user profile at any time by clicking on the appropriate field in the learning platform or by informing the Controller directly. 

   

IV.       Transfer and disclosure of personal data 

We pass your data to service-providers who assist or support us. These are companies from the group of affiliated companies or third parties with whom we have concluded corresponding contracts; these companies may be located inside or outside the European Union or EEA. We can also pass your data to public authorities such as the police or Tax Office if this is necessary under the applicable legislation. 

Within what is permitted by the EU General Data Protection Regulation, we pass your personal data to third parties in the following cases: 

 

1.      Processors 

We use providers who only process your personal data on our instructions and act in our name as data processors. These providers support us in the establishment and administration of the learning platform, guarantee its functional capability and comply with the requirements of data protection law. They also perform services which cover specific functions of our offering (e.g. sending emails), hosting services, customer service support and services in connection with the tracing of and reaction to security incidents, malfunction rectification and problem solving in the service or on the website for the purpose of analyzing the website data traffic. 

 

2.      Inquiries from public authorities 

We pass data to government offices if this is required by law. This occurs, for instance, in the case of a valid subpoena enforceable by penalty, or if we must comply with a different legal process or we receive a written request from a public authority. 

 

V.        Information on the protection of your data and your rights 

Your rights as a data subject 

1.      Right of access (Article 15 of the GDPR) 

You have the right to be informed whether we process your personal data and, if so, which data we process. As required by the GDPR, we will provide you with a summary of the personal data. The GDPR allows us a period of one month in which to answer your request for information. 

 

2.      Right to rectification (Article 16 of the GDPR) 

If you inform us that the data we are processing is incorrect or incomplete, we will immediately amend the data after positive verification. 

  

3.      Right to erasure (Article 17 of the GDPR) 

We erase personal data immediately on request provided that none of the grounds specified in Article 17 of the GDPR conflict with the erasure. In every case, erasure can only apply to the future. 

 

4.      Right to the restriction of processing (Article 18 of the GDPR) 

If you so wish, we will restrict the processing of your data provided that one of the conditions set out in the GDPR exists. 

 

5.      Right to notification (Article 19 of the GDPR) 

We inform recipients of personal data (e.g. processors of order-related data) of requests we have received if you have submitted a request for the correction, restriction or erasure of your personal data. 

 

6.      Right to data portability (Article 20 GDPR) 

If so requested, we will provide your data in a commonly used, machine-readable format and will transmit your personal data to another controller at your request. 

 

7.      Right to object (Article 21 GDPR) 

On the grounds referring to your particular situation, you can object to the use of your personal data provided that the data is being processed by reason of Article 6(1), Letters (e) or (f) of the GDPR. 

 

8.      Revocation 

In principle you may only revoke the processing of your personal data if you have previously given your consent in accordance with Article 6(1), Letter (a) of the GDPR. Revocation applies only to the future. 

 

Automated decision-making and profiling 

We undertake no automated individual decision-making including profiling (Article 22 of the GDPR). 

 

Transfer to third countries

We will only transfer your data to third parties in accordance with the provisions of law or based on your consent. Apart from the above, no data is transferred to third parties unless we are obliged to do so by mandatory provisions of law (transfer of data to external bodies such as supervisory authorities or law enforcement agencies).

 

Right to complain to a supervisory authority 

If you come to the conclusion that the processing of personal data referring to you is not in accordance with the GDPR, you have the right to submit a complaint to a competent supervisory authority. Before submitting a complaint you are also welcome to contact our Data Protection Officer who will be happy to answer your questions.

 

VI.       Information on cookies and social media plugins 

Our learning platform uses cookies which are temporarily stored on your device. 

The cookies placed at this time are all of an essential nature and may therefore be used without your consent, as permitted by Article 6(1), Letter (f) of the GDPR. However, you have a right to object. But if you should object to the use of essential cookies you must expect that the functional capability of our learning platform is no longer certain. 

Non-essential cookies or social media plugins are not used on our learning platform. 

If videos are incorporated into our learning platform from relevant platforms such as YouTube or VIMEO, we have taken technical precautions to prevent the placing of cookies of such third party providers if at all possible. However, to ensure that it is quite impossible for third party cookies to be placed, you should deactivate the function “Cookies of third party providers” in your browser settings. Only then can you be certain that no data is sent outside the EU or EEA. 

 

Terms of use / copyright protection 

All documents provided on the learning platform by the Controller or a user are exclusively for the personal use of the participant, his/her colleagues or additional staff. In addition, as personal data is used when making use of the learning platform and also for copyright reasons, the translation, reproduction or copying of the participants’ documents is prohibited in particular. Only the Controller may approve such practices. 

Die deutsche Datenschutzerklärung finden Sie unter folgendem Link: Datenschutzerklärung DE

Puede encontrar la política de privacidad en español en el siguiente enlace: Privacy Policy ES