?

Information on data protection according to the General Data Protection Regulation

1. The following company processes your personal data (“Controller”)

Triflex (UK) Ltd.
Whitebridge Way
Stone
Staffordshire
ST15 8JS

Phone: 01785 819119

Email: info@triflex.co.uk

2. Representative of the controller

Director: Paul Barker, Tony Mills

Contact: see above under section 1.

3. The contact details of the data protection officer of the controller

Email: info@triflex.co.uk

Address: See above under section 1.

4. Categories of personal data that the controller processes if disclosed

Master data as provided:

  • Complete name
  • Salutation
  • Company
  • Role
  • Function
  • Email
  • Phone numbers
  • Attended product seminars
  • Attended training

5. The purposes of processing for which the personal data are required as well as the legal basis for the data processing

Your personal data will generally be processed for the following purposes:

  • Establishing an agreement
  • Performing your contract
  • Maintain or discontinue the business relationship
  • Marketing: e.g. contacting you to develop (e.g. offer of new products), customer satisfaction survey
  • Legal purposes
Legal basis for the processing
  • You have given consent to the processing of your personal data for one or more specific purposes (Art. 6 subsec. 1 lit. a. GDPR); and/or
  • Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6 subsec. 1 lit. b. GDPR); and/or
  • Processing is necessary for the purposes of the legitimate interests of the Controller or a third party’s legitimate interest (Art. 6 subsec. 1 lit. f. GDPR). However, before the Controller process your personal data on the basis of a legitimate interest it will evaluate in every single case if such processing will compromise your interests or fundamental rights and freedoms which require protection of personal data. In case of a doubt the Controller won’t process that personal data. The Controller generally has a legitimate interest if your personal data is processed for direct marketing purposes or if the Controllers transmitting personal data within the Follmann Chemie Group for internal administrative purposes, including the processing of clients' or employees' personal data.

6. The recipients or categories of recipients of the personal data

  • The Controller may share your personal data with recipients within the Follmann Chemie Group on a need to know basis subject to the legal standards required by the applicable data protection law.
  • The Controller also shares your information with authorized service providers. Usually these are companies that store information or provide IT services.

7. The period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period

The Controller stores your personal information as long as you are the responsible contact person for your company in that matter. As soon as the Controller receives information of you being no longer contact person for the business contact it will delete your personal data if no legal basis (e.g. mandatory retention obligation) is applicable allowing the processing of your personal data. It is appreciated if you contact the Controller without undue delay when you are no longer the contact at your company.

8. The following rights are available concerning the protection of your personal data

  • Right of access (for more see Art. 15 GDPR): You have the right to know what personal information the Controller processes and why.
  • Right to rectification (for more see Art. 16 GDPR): If you believe the Controller stores incorrect information about you, such as your name or address, you can ask the Controller to correct this.
  • Right to erasure / right to be forgotten (for more see Art. 17 GDPR): You have the right to tell the Controller to permanently erase your personal information from the records. You can do this for example if you believe there’s no longer any need for the Controller to keep it. Or, if you previously have given your permission, you can just decide to withdraw it.
  • Right to restrict the processing activities (for more see Art. 18 GDPR) You have the right to restrict the processing activities in certain situations. This means the Controller will continue to store your information, but the Controller temporarily stop any other processing.
  • Right to data portability (for more see Art. 20 GDPR) In certain situations, you have the right to ask the Controller to send your personal information in digital form to you, so that you can forward it to someone else.
  • Right to object (for more see Art. 21 GDPR) You have the right to object to the processing of your information, even when the Controller has a legitimate reason to process it. You can do this when the Controller process your information on the basis of our legitimate interest, and you believe that your personal interest outweighs the Controller’s.
  • Right to lodge a complaint with a supervisory authority (for more see Art. 77 GDPR) If you aren’t satisfied with the way the Controller treats your personal information, you have the right to lodge a complaint about this to the national supervisory authority.
  • Right to withdraw your consent at any time acc. to Art. 7 subsec. 3 GDPR.

8. Is it your obligation to disclose your personal data to the controller

No. You are not obligated to disclose any personal data to the Controller. However, if you won’t disclose your personal contact data or you object to or restrict the processing it could have the following consequences:

  • Delayed performance of your contract.
  • No performance of your contract
  • Incorrect performance of your contract.
  • Losing business opportunities.
  • Losing the opportunity to help to improve our services and products.