Version dated May 2018
Thank you very much for your interest in our company. Data protection is important to us and therefore, in this Data Protection Statement, we will explain what personal data (briefly; “personal data” is data that is related to a specific person, such as their name, address, nationality, e-mail address, interests, hobbies, online behavior) we collect and how we process it. This Data Protection Statement is based on the European Union’s General Data Protection Regulation or GDPR for short.
- Responsible party, data protection officer and agents
In terms of data protection, the responsible party is: Dorbena Bettwarenfabrik Aktiengesellschaft Im Mühleholz 8 FL-9494 Schaan (Liechtenstein)
The Data Protection Officer’s contact data is:
Tel.: 00423 / 237 77 22
- Collection of personal data and purpose of processing
We primarily limit the processing of personal data to person-specific data that we collect from our customers, cooperation partners, or other involved parties within the scope of providing our products and services. This also includes data collected from our users via our website, apps or other applications.
In particular, we collect case-specific data from our customers and users and, depending on the purpose (see below), the following data:
- First name, surname
- E-mail address
- Telephone number(s)
- Date of birth
- Tax ID number
- Bank data
- IP address
- Company affiliation
- Other data in connection with our products and services
Beyond this, we collect and process – insofar as it is permitted and available – case-specific additional data from publicly accessible sources (e.g., land register, commercial register, media, Internet, Worldcheck) or receive this data from government agencies or institutions, from your personal network such as family, legal advisers) or from other third parties.
In particular, we require this data for the fulfillment of the following purposes:
- To identify you as a customer or cooperation partner or user of our website
- To correspond with you
- To adhere to legal requirements
- To conclude and process service provision contracts, e.g., Articles of Incorporation, Mandate Agreement, Asset Management Agreement
- To conclude and process Purchase and Sale Agreements, e.g., for purchasing products from suppliers or selling to interesting parties
- To invoice
- To provide additional services from our company or, if required, in collaboration with third parties
- To provide you with the best possible and customized services and to further develop our offer of products and services
- To communicate with third parties (e.g., media outlets)
- To assess and respond to job applications
- To advertise and market our products and services (insofar as you have authorized the use of your data for this purpose)
- To assert legal claims or for the general defense of our interests
- To ensure our general business operation (e.g., IT, website, apps)
- To monitor by surveillance video to provide security for facility access management (incl. visitor lists or other access controls)
- To protect other safety aspects
We only process your personal data insofar as we have a legal (e.g., duty of diligence) or contractual (e.g., founding mission) basis, or the data processing is required for the performance of a task that is in the public interest or is performed in the exercising of official authority. Beyond this, we only process data if we have received your consent and this consent has not been withdrawn. Or if a legitimate interest of ours outweighs this (e.g., continuation of the newsletter subscriptions to existing customers, insofar as no cancellation has been received). A consent may be withdrawn at any time.
- Recipient of personal data and data transfer abroad
We only forward your personal data within the scope of the above-noted purposes -insofar as permitted and solicited – to recipients or third parties. This includes the following:
- Service providers such as, for example, banks, asset management companies, insurances, IT providers, printing companies
- Suppliers, retailers, forwarding companies, sub-contractors or other cooperation partners
- Government offices, federal institutions, courts
- Associations, public interest institutions
This type of data forwarding is either based on a legal obligation (e.g., data transfer during automated data exchange), fulfillment of a contractual obligation (e.g., asset manager abroad), a consent provided on your part, a public interest, or based on a justified interest on our behalf, insofar as neither the interests nor your basic rights and freedoms related to the protection of personal data outweigh these.
The recipients can be based nationally or internationally. In particular, we note that we transfer personal data to countries in which service companies are based and whose services we use (e.g., Microsoft, Google).
In case the recipients are located outside of our company in the EC/EEA or in countries with accepted data protection reverence (e.g., Switzerland), we ensure the data protection by – if required and solicited – concluding order data processing agreements.
If we transfer personal data to third-party countries without adequate legal data protection, we will ensure a suitable level of protection as per legal requirements, for example based on EU standard contract provisions or other instruments (e.g., Binding Corporate Rules, US Privacy Shield).
- Use of our website
When using the website for informational purposes only (i.e., if you do not login to the website, register, or otherwise transfer data), we do not record any personal data. This excludes all data that your browser transfers to us and that enables you to visit our website, whereby the following personal data can be included:
- IP address
- Date and time of your inquiry
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page/website)
- Access status / HTTP status code
- Amount of data transferred in each case
- Website from which the request is sent
- Browser used
- Operating system and its interface
- Browser language and version
We only use them to make our offer even more user-friendly. Some cookies remain stored on your end device until you decide to delete them. The cookies enable us to recognize your browser when you revisit our website.
- Use of other website services
5.1 Google Analytics
The purpose of Google Analytics is the analysis of visitor traffic on our website. Google uses the data and information collected to, among other things, analyze the use of our website, compile online reports showing the activity on our website, and provide additional services connected with the use our website.
Google may combine your online behavior with information from other websites you have visited. If you are a registered Google user, then Google will recognize you. Subsequently, Google Data Privacy Regulations will apply for the further processing of personal data. Cookies are used to store personal information such as time of access, location from which the site was accessed, and the frequency of visits to our website by the person concerned. Upon each visit to our website, personal data – including the IP address of the respective person’s Internet access point – is transferred to Google in the United States. Google may transfer this personal data collected electronically to third parties.
Furthermore, a cookie that has already been set by Google Analytics can be deleted via the browser or using another software program at any time. For further information, see http://tools.google.com/dlpage/gaoptout?hl=de
For all additional queries, please send these directly to Google, in particular using the following links:
5.2 Google Ads
The party responsible for the processing has integrated Google Ads into this website. Google Ads is a service used for online advertising. It allows advertising companies to display ads in Google search engine results as well as in Google advertising networks. Google Ads enables advertisers to predetermine certain keywords through which their single advertisement is only displayed in the Google search engine results if the user uses Google to search for a keyword-related term or search result. In the Google advertising network, the ads are show using an automated algorithm and under consideration of previously determined keywords distributed to topic-relevant websites.
Operating company of the Google Ads services is Google, Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The purpose of Google Ads is the advertisement of our website through the insertion of interest-relevant advertising on the websites of third-party companies, in the search engine results of Google, and the insertion of third-party advertising on our website.
Furthermore, the person concerned has the ability to object to the interest-relevant advertising provided by Google. To do so, the person must make the corresponding settings in each of their browser’s by going to www.google.de/settings/ads.
Further information and Google’s applicable data protection regulations can be found under https://www.google.de/intl/de/policies/privacy.
5.3 Google Fonts
Use of Google Fonts:
Google Fonts is a service provided by Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). It enables us to access a library of fonts. We use these fonts to design our website. For the inclusion of the fonts used by us, your browser must connect to a Google server located in the United States and you must download the fonts required for our website. By doing so, Google is informed that your IP address was used to access our website. Additional information about Google Fonts can be accessed here in Google’s Data Protection Information: https://policies.google.com/privacy?hl=en
On the Dorbena AG website, the users are given the opportunity to subscribe to our company newsletter. The personal data transferred within the scope of newsletter registration to the responsible parties is made evident by the data required for the newsletter registration.
With the newsletter, Dorbena informs its customers and business partners regularly about its products and offers. Our company’s newsletter can generally only be received by the person concerned if (1) the person concerned has a valid e-mail address and (2) if the person concerned has registered for the newsletter. For the initial e-mail address provided by the person concerned for newsletter mailing, a confirmation e-mail with a double opt-in procedure is used for legal reasons. This confirmation e-mail serves to validate whether or not the owner of the e-mail address, as the person concerned, has authorized receipt of the newsletter.
Moreover, upon registration for the newsletter, we store the IP address provided by the Internet-Service-Provider (ISP) of the computer system used by the person concerned at the time of the registration. In addition, we store the date and time of registration. Collecting this data is required in order to retrace the (possible) misuse of the e-mail address of the person concerned at a later point in time. It therefore serves the legal safeguarding for the processing through the responsible party.
The personal data collected within the scope of the newsletter registration is solely used for mailing the newsletter. Furthermore, newsletter subscribers may be informed via e-mail insofar as this is required for the operation of the newsletter service or if a related registration is required, as may be required in case of changes in the newsletter offer or the technical circumstances. Personal data will not be forwarded to third parties within the scope of the newsletter service. The subscription to our newsletter can be terminated by the person concerned at any time. The consent to the storage of personal data that was provided by the persons concerned in connection with the mailing of the newsletter, can be withdrawn at any point in time. For purposes of withdrawing the consent, each newsletter contains a corresponding link. Furthermore, the user can – via our website – also unsubscribe to the newsletter at any time or can inform the party responsible for data processing through any another viable channel.
5.5 Tracking services
The Dorbena AG newsletter contains so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in e-mails sent in HTML format. They are used to enable a log-file recording and a log-file analysis. This enables the processing of a statistical analysis on the success or failure of an online marketing campaign. Based on the embedded tracking pixel, Dorbena AG can recognize if and when an e-mail was opened by the person concerned and which one of the links contained in the e-mail was accessed.
Tracking pixels embedded in the newsletter are used to collect personal data and are stored and analyzed by the party responsible for the data to optimize the newsletter mailing and to make its content more appealing and more interesting to the person concerned. This personal data is not forwarded to third parties. Persons concerned are authorized at any time to withdraw their consent for the special declaration of consent provided via the double opt-in process. After the withdrawal of consent, the personal data is deleted by the party responsible for the data. Unsubscribing from the receipt of the newsletter is automatically considered by Dorbena AG as a withdrawal of consent.
5.6 Profiling methods
Profiling refers to the automated processing of personal data with the intent of determining personal characteristics in order to be able to inform users individually using tailored services and products. The analysis methods used by us allow us to particularly conduct a targeted solicitation.
5.7 SSL and/or TLS-encryption
For security purposes, and for purposes of protecting the transfer of confidential data, this site uses an SSL- and/or TLS-encryption. This is particularly related to orders or inquiries that are sent to the website’s operator. An encrypted connection is recognized by the small padlock symbol appearing in the address bar of your browser and when the accessed address changes from “http://” to “https://”.
When the SSL and/or TLS-encryption has been activated, the data that you have transferred to us cannot be viewed by third parties.
5.8 Other web services
For the use of other web services, for example social media or YouTube, the data protection statements of those companies also apply (these can be accessed via the respective website). However, our Data Protection Statement must be handled with priority.
- Data protection for job applications and during the application process
We collect and store personal data from job applicants for the purposes of managing the application process. The processing can be completed in paper form as well as via e-mail or by filling out the online form. If the applicant signs an employment contract, then the personal data contained therein is used for the purposes of processing the employment relationship under consideration of the statutory regulations. Otherwise, the application documents will be deleted three months after rejection of the application, insofar as the deletion of the documents does not contradict any of our justified interests, for example as proof related to the equal treatment of applicants.
- Duration of storage
In general, we only store your personal data for as long as this is required for the intended purposes in accordance with this Data Protection Statement. However, we may be legally obligated to store certain data for a longer period. In this case, we will ensure that your personal data will be handled in line with this Data Protection Statement for the entire duration.
- Your rights
You have the right to receive information about the data we have stored on your behalf at any time, as well as regarding its origin, the recipients, or the categories of recipients to whom this personal data has been forwarded and the purpose of the storage. In addition, you always retain the right to demand that we correct, delete or limit the processing of your personal data. Furthermore, you have the right to data transferability. You also have the right to withdraw your consent for the processing of your personal data at any time. If you have provided your consent for the use of your personal data, then you can withdraw this consent at any time without providing any grounds for doing so. Furthermore, you have the right to lodge a complaint with the Data Protection Office in Liechtenstein (www.llv.li/#/1758/datenschutzstelle). Insofar as you would like to assert the aforementioned rights, please contact the address listed under No. 1 (1).
- Data security
We have up-to-date technical measures in place to ensure data security, in particular the protection of your personal data from the dangers of data transmission as well as acquisition thereof by third parties. These measures are adjusted in order to constantly remain up to date.
- Online Shop
All data entered by customers within the framework of order placement are stored. These include:
- Name, first name
- Payment details
- E-mail address
All data which are essential for delivery or processing of the order are passed on to third parties. As soon as storage of your data is no longer necessary, or is prohibited by law, these will be deleted.
In order to safeguard your security and the security of the website operator, same shall conduct a credit check prior to conclusion of the contract. In addition to examining past transactions with the website operator and any amendment of your personal data, the website operator shall also avail of the services of third parties.
In the course of the credit check, your personal data (name, address, date of birth) will be sent to MF Group AG, 9004 St. Gallen.
Within the scope of the ongoing technical development of our service offer as well as the statutory framework, we will continually update our Data Protection Statement. For this purpose, any changes to our Data Protection Statement will be published on our website. Please therefore read the current version of this Data Protection Statement on a regular basis. Subject to the legislation in force, all changes made to the Data Protection Statement will be effective as soon as the updated Data Protection Statement is published. If we have already recorded your personal data and/or are subject to a statutory disclosure duty, we will also inform you about significant changes in our Data Protection Statement and will request your consent, should this be required.