Data protection policy
The protection of your data is very important to us. You can visit our website at any time without providing or leaving any personal information about yourself. However, if you make use of a special offer on our website, the processing of personal data may become necessary. If no legal basis exists here, we will obtain the consent of the data subject.
This data protection policy applies to the websites plustek.de, plustek.com/deu or plustek.com, as well as their subpages or subdomains. Furthermore, this data protection policy applies to all linked websites and to all webforms available on such websites.
The processing of personal data of a data subject, such as his / her first and last name, address, e-mail address or telephone number, takes place at Plustek in accordance with the General Data Protection Regulation (GDPR). This data protection policy serves to inform you about the type, scope and purpose of the personal data we collect, use and process. Furthermore, we would like to inform about the rights that data subjects are entitled to.
We have implemented technical and organisational measures to ensure the highest possible level of security for the personal data processed via this website. Nevertheless, the transmission of data via the Internet can present security risks and thus, absolute and general protection cannot be guaranteed by us. Of course, you are free to submit your personal data to us in other ways or by other technical means, such as by telephone.
In order to make the terminology used in the GDPR and in this data protection policy easier to understand, we briefly explain the meaning of some of the terms used below.
Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”). A natural person is considered to be identifiable, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or with one or more special characteristics expressing the physical, physiological, genetic, mental, economic, cultural or social identity of how this natural person can be identified.
The term “processing” refers to any process or series of process performed with or without the aid of automated procedures in connection with personal data such as collecting, recording, organising, arranging, storing, adapting or modifying, reading out, querying, using, disclosing by transmitting, disseminating or other forms of providing, matching or linking, limiting, erasing or destructing.
“Responsible person” means the natural or legal person, public authority, institution or other body that, alone or together with others, decides on the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by European Union law or the law of the Member States, the responsible person or the specific criteria for his / her appointment may be provided for under European Union law or under the law of the Member States.
Who is responsible for the processing?
The responsible party, hereinafter referred to as Plustek or we, within the meaning of GDPR and other data protection policies, is:
Plustek Technology GmbH
Ewige Weide 13
22926 Ahrensburg, Germany
Plustek Inc. is a company based in the Republic of Taiwan (ROC), with the address 13F-1 No. 3 (bldg. F), Yuan Qu Street, Nankang District 115, Taiwan ROC, and represents the main headquarters of Plustek. Plustek Technology GmbH is a German-based company, with the address Ewige Weide 13, 22926 Ahrensburg (Germany) and represents the European headquarters of Plustek. In some cases, both companies manage and process data that is provided voluntarily through offers on our website, such as when using and filling out webforms. In this case, both companies are jointly considered the responsible party.
For more information, please refer to the section “Where is my personal data stored?”
How to contact our Data Protection Officer
For any further information or explanations, please contact the Data Protection Officer of Plustek Technology GmbH, Ewige Weide 13, 22926 Ahrensburg, Germany, or send an e-mail to:
More detailed information about our website analysis can be found under the section “Data protection when using third-party providers”
Collection of general data and information
You can visit our website without providing any personal details. We only store access data in so-called server log files. In these, we record, among other things, the browser types and versions used, the operating system used by the accessing system, the name of the requested file, the date and time of the access, the amount of data transferred and the requesting provider, as well as other data and information that serve to avert danger in the event of attacks on our systems. This data is evaluated exclusively to ensure trouble-free operation of the websites and to improve our offer and does not allow us to draw any conclusions about your person.
We record this anonymously collected data and information for statistical reasons and for increasing data protection and security in our company. The data of the server log files are stored separately from all other personal data provided by a data subject.
Personal data processed during the use of our services and offers will not be transferred to other persons or companies for their use without your prior and explicit consent (with the exception of jointly responsible companies of Plustek). However, some providers with whom we do business to provide products and services may access and process your personal information on our behalf, but only to provide services in connection with the purposes set out in these data protection regulations.
When ordering from our webshop
We provide a webshop for our products with the offer 1A Mediashop, accessible at the URL https://1amediashop.de/. Separate data protection regulations apply to this online shop offer, which can be viewed via the corresponding link in the online shop.
When registering for our e-mail newsletter
If you subscribe to our newsletter, we will use the data required or separately provided by you to regularly send you our e-mail newsletter according to your consent. It is sent monthly and contains information about our products and special offers such as sweepstakes or promotions. Unsubcription from the newsletter is possible at any time and can be done either by sending a message to the contact option described above or via a link provided in the newsletter. In order to register to receive our newsletter, you must enter a valid e-mail address. Any additional information is voluntary. For legal reasons, a one-time confirmation e-mail will be sent to the data subject for the delivery of the newsletter in the double opt-in procedure. This confirmation e-mail and link contained serve to confirm that the owner of the e-mail address is the data subject that authorised the receipt of the newsletter.
To deliver the newsletter, we use the marketing tool “Clever Reach” of CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany. Your personal data will be transmitted to CleverReach GmbH and stored there. In addition, we record when the newsletter is read and which links are clicked. Furthermore, any links to our website are recorded with the analysis tool Google Analytics and evaluated for statistical purposes. For more information about Google Analytics, please refer to the section “Using Google Analytics for web analytics” in this data protection policy.
Further information on the data protection policy of CleverReach GmbH can be found here: https://www.cleverreach.com/de/datenschutz/
When using the contact forms or a query about the product (support form)
If you use one of our contact forms or the "technical questions" form, we use the data required for this purpose or separately provided by you in order to be able to process your request. In order to use the form, you must enter a valid e-mail address; further details are optional. The processing of the information provided takes place in accordance with Art. 6 1 lit. a GDPR (General Data Protection Regulation) on the basis of your voluntarily given consent. Your entered personal data will be collected and stored by us exclusively for internal use and for our own purposes. By submitting the form, you consent to the data being stored outside the European Economic Area for the purpose of contacting you and allocating it for possible queries. This consent can be revoked at any time with effect for the future. The revocation can be made by sending a message to the contact option mentioned below.
When using the product registration form
If you use our form in the “Product Registration” section, we will use the data required or separately provided by you to register your product for warranty or other product-related services and information. In order to use the form, a valid e-mail address is required. Any additional information is voluntary. The processing of the information provided in accordance with Art. 6 1 lit. a GDPR is based on your consent granted voluntarily. Furthermore, as part of your registration, your e-mail address or separately provided data will be assigned to the registered product. By submitting the form, you consent to the fact that the information submitted for registration and allocation of resources for any queries until the expiration of the statutory or additionally agreed warranty obligations may also be stored outside the European Economic Area. This consent can be revoked at any time with effect for the future. The revocation can be done by sending a message to the contact option described above.
For fulfilling contractual obligations
If you wish to purchase our products and services, personal data may be collected in a number of ways, including but not limited to
- ● First and last name
- ● Address
- ● E-mail address
- ● Telephone number
According to Art. 6 1 b GDPR, these are processed on the basis of contractual obligations, the performance of pre-contractual measures, fulfilment of legal obligations or statutory requirements.
Where personal data is stored?
As a rule, we store and process your personal data within Germany or the European Economic Area. However, some of the data may be transferred to, and stored in, a Plustek related company in a country outside the European Economic Area whose laws may not provide the same level of protection for your data as is the case in the European Economic Area. However, we would like to assure you that your data will be adequately protected even in such cases and that all Plustek affiliates processing your data outside the European Union will follow our explicit instructions on how to handle your personal data.
While we always endeavour to protect your personal data adequately when we receive it, the transmission of information to or from us over the Internet is never risk free, which means that your information is sent to us online at your own risk. We would therefore like to emphasise that Plustek does not accept any liability for any loss or damage that you may incur as a result of such transfers.
How long will personal data be stored for?
We store personal data only for the period necessary to achieve the purpose of the storage, or as required by the statutory directives and regulations to which we are subject. If this purpose ceases or if a period of time prescribed by statutory directives and regulations expires, your personal data will be blocked or deleted, unless there is a need for further storage of the data for conclusion or fulfilment of a contract. This does not apply insofar as statutory provisions preclude deletion, further storage is necessary for the purpose of providing evidence or if you have expressly consented to a longer storage period. Furthermore, we store product-related content and data permanently for internal and analytical purposes. Personal data collected and processed in this context will be deleted or anonymised.
According to the General Data Protection Regulation (GDPR), it provides individuals several rights in relation to your personal data:
- ● Right to be inform - You have the right to be clearly and concisely informed about the personal data processed by us;
- ● Right to rectification - You have the right to ask us to change or update any inaccurate or incomplete personal information;
- ● Right to deletion – You have the right the request deletion or removal of personal data, where there is no compelling reason or legal obligation
- ● Right to restriction of processing – You have the right to suspend the processing of personal data temporarily or permanently, in whole or in part;
- ● Right to object – You have the right to object processing of your personal information, unless it is necessary for legal claims;
- ● Data portability – You have the right to request a copy of your personal information in an electronically readable format and transfer it to other services or organization.
Furthermore, you have the right to file a complaint with the competent supervisory authority in a justified case.
Data protection in the application process
We process your personal data if you provide them to us along with your application documents by e-mail or by post. By submitting your application documents to us, you expressly consent to the collection, processing and use of the data contained therein by us for the purpose of processing your application. If an employment is made after the application process, these data can be further processed and used in an employment relationship and for employment purposes.
Your personal application data will be deleted six months after completion of the application process. This does not apply insofar as statutory provisions preclude deletion, further storage is necessary for the purpose of providing evidence or you have expressly consented to a longer storage period.
Data protection when using third-party providers
Google Analytics (with anonymization function)
This website uses the “Google Analytics” service provided by Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) to analyse users’ website usage. The service uses “cookies”, which are text files stored on your device. The information collected by cookies is usually sent to a Google server in the USA and stored there. On our websites, we used the addition “anonymise_ip’: true”. Hereby the IP address of the user’s Internet connection will be shortened and anonymised, provided the access is from one of the member states of the EU and the European Economic Area, or another country of the European Economic Area agreement. This shortening eliminates the personal reference of the IP address. As part of the order data agreement that we have concluded with Google Inc., the collected information will be used to compile an evaluation of website use and activity and to provide services connected to the Internet. The data mentioned is stored there over a period of 50 months and then completely deleted.
You have the option of preventing the cookie from being stored on your device by making the appropriate settings in your browser. However, there is no guarantee that you will be able to access all features of this website without restrictions.
You can prevent the collection of data generated by the cookie and related to your use of the website (including the shortened IP address) to Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en
As an alternative to the browser plug-in you can click on this link to prevent the data collection by Google Analytics on this website in the future. An opt-out cookie is stored on your device. Your browser must therefore allow the storage of cookies. If you delete your cookies regularly, you will need to click on the link each time you visit this website.
A detailed description of Google Analytics can be found here https://www.google.com/intl/de_de/analytics/
Google has submitted to the EU-US Privacy Shield agreement, https://www.privacyshield.gov/EU-US-Framework.
Google AdWords conversion tracking
We use Google’s “AdWords” service offer to run ads on the Google advertising network. In this context, we also use the conversion tracking function, an analysis service of Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA). If you click on one of our advertisements and then reach one of our websites, Google AdWords will set a cookie on your computer (“conversion cookie”). We use this service solely for statistical purposes and to optimise our ads. No personal data is processed and no personal identification takes place. Furthermore, no information about your usage behaviour is generated.
You have the option of preventing the cookie from being stored on your device by making the appropriate settings in your browser. However, there is no guarantee that you will be able to access all features of this website without restrictions.
Google has submitted to the EU-US Privacy Shield Agreement, https://www.privacyshield.gov/EU-US-Framework.
We use the CRM system "Zendesk" from the provider Zendesk, Inc., 989 Market Street #300, San Francisco, CA 94102, USA, in order to process user requests more quickly and efficiently.
Zendesk only uses the users' data for the technical processing of the requests and does not pass them on to third parties. In order to use Zendesk, a valid e-mail address and a name are required outside of service hours; further information is voluntary. Within service hours, pseudonymous use is possible. In the course of processing service requests, it may be necessary to collect further data (name, address). The use of Zendesk is optional and serves to improve and accelerate our customer and user service. We also allow submission of service requests by e-mail, telephone, fax or post. Internal employees who accept and process service requests are obliged to comply with the data protection requirements under the GDPR.
Zendesk Inc. acts as a contract processor for us. Personal data is processed on the basis of a corresponding contract for contract data processing. This contract ensures that all personal data is processed in accordance with the General Data Protection Regulation and that the rights of the data subject are protected.
For the purpose of optimizing and automating sales processes, we use Salesforce and Sales Cloud, a cloud-based application of Salesforce.com. Inc, The Landmark @ One Market, Suite 300, San Francisco, CA 94105. In this context, personal data may be processed in order to, for example, process requests more quickly and efficiently and manage them for business processes. Furthermore, personal data is processed for the performance of a contract or for the implementation of pre-contractual measures, e.g. requests about our products or services.
Salesfoce acts as a contract processor for us. Personal data is processed on the basis of a corresponding contract for contract data processing. This contract ensures that all personal data is processed in accordance with the General Data Protection Regulation and that the rights of the data subject are protected.
We use embedded videos and content from YouTube on our websites.
YouTube’s operating company is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube LLC is a subsidiary of Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.
When accessing a page incorporating a YouTube video, the Internet browser used will automatically be prompted to download the content of the corresponding YouTube video from the YouTube platform.
If you are logged into YoutTube at this time, or are already logged into the YouTube platform, YouTube and Google will be aware of the specific subpage of our website you are visiting. This information is collected by YouTube and Google and associated with the corresponding YouTube account. This happens regardless of whether the embedded video is clicked or not.
If you wish to object to the transfer of this information or prevent it from happening, you must log out of your YouTube account before visiting our websites.
For more information about the collection, processing and use of personal data, please read the data protection policies of YouTube and Google:
Use of service providers and processors
We use external service providers to provide services as well as to process your data. This so-called order data processing within the meaning of Art. 28 GDPR is carried out, among other things, for the hosting of our websites and their databases, for the delivery of goods to authorised shipping companies, or for the delivery of letters or e-mails. Among other things, they are obliged to treat your data exclusively in accordance with our instructions and in accordance with the provisions set out in GDPR. In particular, they are required to treat your data in strict confidence and they are also prohibited from processing the data for any purpose other than agreed.
In certain cases, we use special external service providers, such as companies to insure us against defaults. The transfer of personal data to companies for the purpose of insuring us against defaults is carried out in order to safeguard our legitimate interests in accordance with Art. 6 (1). f GDPR. This takes place in particular with Euler Hermes SA, 56 avenue des Arts, 1000 Brussels, Belgium.
Furthermore, we use an online marketing provider for the provision and delivery of our newsletter service. Here, the transfer of personal data takes place only when you sign up for our newsletter. For more information, please refer to the section “Data use when registering for our e-mail newsletter”.
Some of the servers of service providers of Plustek or Plustek companies are located in the US and other countries outside the European Union. For more information about this, please refer to the section “Processing of data outside the European Economic Area”.
Incidentally, your personal data will only be transmitted to third parties if you have previously submitted it and giving your consent in accordance with Art. 6 no. 1 lit. a ff GDPR; if the processing takes place for the fulfilment of a contract, or if there is a legitimate interest of the person responsible or if a legal obligation exists.
Processing of data outside the European Economic Area
The servers of Plustek, as well as of Plustek’s related companies, or their service providers, are located in the US and other countries outside the European Union. Companies based in these countries are subject to a data protection law that does not require the same level of data protection as is the case of EU Member States.
If your data is processed in such a country, we will provide you with contractual or other recognised tools, such as standard contractual clauses, or certifications under the Privacy Shield Agreement, which will ensure that your personal data is adequately protected.
Security of data during transmission
We have implemented technical and organisational measures to protect your personal data as good as possible against possible unwanted access. The information provided by you on our websites is transmitted in encrypted form using the SSL protocol (Secure Socket Layer) in order to prevent any misuse of the data by third parties. You will recognise this by the fact that the lock symbol is closed in the status bar of your browser and the address line starts with “https”.
Legal basis for processing
Art. 6 I lit. a GDPR forms the legal basis for the processing of personal data within our company and companies affiliated to Plustek, where consent has been obtained voluntarily for a specific purpose. If the processing serves to fulfill a contract to which the data subject is a contracting party, this is based on Art. 6 I lit. b GDPR. These are, for example, operations that become necessary for the delivery of goods or the provision of a miscellaneous service. This also applies to processing operations that are necessary for the implementation of pre-contractual measures, e.g. requests about our products or services. If there is a legal obligation in the context of legal disputes or tax-related retention obligations, the processing is based on Art. 6 I lit. c GDPR. Further processing may be necessary on the basis of Art. 6 I lit. d GDPR in order to protect the vital interests of the person concerned or another natural person. For example, if the name, age, health insurance data or other correspondingly vital information would have to be passed on to a doctor, hospital or other third party in the event of an injury to a visitor.
Changes to this data protection policy
We reserve the right to update this data protection policy from time to time. If necessary, we will use the information channels you provide us with or other company communication channels, to keep these changes posted. If you continue to use our websites and services after you have been clearly informed about the updated data protection policy, you agree to accept and be bound by the updated terms.