Meraxis is pleased about your interest in our internal and our products. We want you to feel comfortable when you contact us. For this reason the security of your personal data such as your name, address, telephone number or e-mail address which is created when you contact Meraxis is important to us.
This privacy statement is intended for anyone with which Meraxis interacts including customers and prospects, visitors of our Web sites, users of our apps/applications, other users of our products or services and visitors to our sites. It contains the information discribed in Art. 13 and 14 GDPR.
The processing of personal date takes place within the guidelines of legal regulations.
The Term „personal data“ refers to all information relating to an identified or identifiable natural person. „Processing“ means any operation or set of operation which is performed on personal date whether or not by automated means such as collection, recording, organization, arrangement, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or association, qualification, erasure or destruction.
Further data protection terms are used in accordance with the definitions in Art. 4 GDPR.
2. Name and address of the controller
3074 Muri bei Bern
Respresentative within the European Union:Meraxis Services GmbH
Contact details of the data protection officer:
Dr. Alexander Walter
3. General processing purposes and legal bases
Meraxis collects and processes your personal date in particular in the following cases:
- If you contact us directly e.g. via our website, or if you visit us at our locations, participate in our events, and are interested in our products or services or have any other concerns.
- If you or your employer buy products or services directly from us
- If you or your employer request information about our products and services (e.g. sending brochures or price lists).
- If you buy or use Meraxis products
- If you or your employer offer or sell us products or services
Please help us keep your information current by informing us of changes to your personal data, in particular your contact details.
Insofar as Meraxis processes personal data, this applies in particular to your name and your official contact data such as company, function, telephone number or e-mail address as well as contract and transaction date. Additional data categories may be collected for special purposes described in detail below.
Besides the collection of your data from our contact forms on our website, we also collect the data directly from you or from generally accessible sources (e.g. commercial register, authorities and internet) to the necessary extent for the purpose.
4. Individual processing purposes and legal bases
In the following we inform you for which purposes Meraxis processes which personal date. In the case of nonrecurring circumstances, Meraxis will generally draw your attention to this information separately in the specific processing situation and, if necessary, provide additional information.
4.1. Processing of data for the preparation, conclusion and performance of contracts
As a trading company, Meraxis processes personal data within the scope of acquisition (also under 5.7.) and sales processes as well as for the execution of contracts. For this purpose, data is processed in particular for contract initiation, quotation processing, customer consulting procurement, storage and delivery of goods, contract management and complaint processing.
Within the context of these activities, the following data categories are processed in particular:
- Contact data/ personnel master data (surname first name, address, e-mail address etc.)
- Logistics data such as delivery address
- Contract data, payment data
It may be necessary for us to pass on the data for the preparation of an offer and the execution of the contract to third parties who are integrated into the supply chain or otherwise required for the execution of the contract.
For the purpose of credit checks of our business partners, we process data which we receive under the legal requirements of credit agencies (such as Creditreform).
If data is collected directly for the processing of an inquiry or the execution of a contract, Meraxis will inform you which data is absolutely necessary.
If it is not you yourself but your employer or another third party which is contractually connected with you or your employer which is the contracting party, the data will be processed on the basis of Art. 6 I f GDPR. The data will be processed insofar as the data is required for the execution of the contract or for the fulfilment of further legal e.g. product liability obligations and duties (e.g. duties to inform, clarify and warn).
If processing is carried out on the basis of Art. 6 I f GDPR, you can always object the processing on grounds relating to your particular situation.
4.2. Use of supplier portal
Meraxis maintains a supplier portal which stores personal data. When you register, you will be informed of the type and scope of this data.
In general, we use your personal data to control operational processes, for quality assurance measures, supplier relationship management, contract processing, risk management, for the use of information and communication systems within the supplier portal and to administer the supplier portal.
In order to maintain the supplier relationship it may also be necessary for us to store and process your personal data and, for example, to communicate it to other companies of the REHAU Group in order to be able to better respond to your range of services.
If you provide us with data within the scope of a consent, you can revoke this consent to the use of your data at any time. Data processing remains lawful until the time of revocation.
Of course, we will respect your wishes if you do not want us to use your personal data to support the supplier relationship. We will never sell or otherwise market your personal data to third parties.
4.3. Use of customer portal
Meraxis maintains a customer portal that stores personal data (name and contact). We use your personal data in general, for the control of operational processes, quality assurance measures, management of customer relations, processing of contracts, risk management, use of information and communication systems, and for the administration of the customer portal.
To maintain the customer portal, your data is stored on an independent (secure AWS) cloud server. If you provide us with data as part of a consent, you can revoke this consent to use your data at any time.
Data processing and data transmission remains lawful until the time of revocation. Of course, we will respect your decision if you do not wish to provide us with your personal data to support the customer relationship or if you do not want it to be stored on our cloud server. We will neither sell your personal data to third parties nor otherwise market your data to third parties.
4.4. Application process (Art. 6 I b GDPR)
For the application procedure there are additional data protection notices which will be communicated separately within the application. We use this data exclusively for the application process. After 6 months all these data will be automatically deleted by us.
4.5. Participation in events and on-site visits (Art. 6 I f GDPR)
We are looking forward to meeting you personally during a visit on site or at one of our events. We process your personal data in order to organize and carry out events and to provide you with information material. In the case of events, we may forward the data to the speakers and participants. This is important to ensure the smooth running of the event. We also use the data collected in this process to evaluate and post-process our events.
For the documentation of the events as well as the press and public relations work picture and video recordings of the events can be provided. Personal (image) data will also be processed. You may object to this processing at any time for reasons arising from your particular situation. In this case we ask you to inform the photographers or organizers of these reasons in advance. They will take your objection into account and take the necessary measures.
4.6. Use of services (consulting)
In addition to our products and system solutions, Meraxis offers various services. This also includes consulting and services which we offer by telephone, e-mail, contact form and possibly also on site.
Within the context of this service, the necessary data that you provide in connection with the service request, such as contact data / personal master data (surname, first name, address, e-mail address, etc.) may be stored together with the products concerned and the problem. In this way, we want to ensure that we can provide you with targeted further advice in the event of any queries at a later date on the basis of the previous service history. The basis of this storage is the justified interest in an effective and consistent consulting activity, even over time. Your data will only be stored in direct connection with the service case. As far as the service data are relevant for the defense against claims of liability, especially product liability, Meraxis will also process them for this purpose. The data will be deleted if they are no longer required for this purpose, at the very latest after the end of the limitation periods existing for this liability.
If the data is only processed on the basis of Art. 6 I f GDPR, you have the right to object the processing on grounds relating to your particular situation.
4.7. Corporate communication and external image (Art. 6 I f GDPR)
As part of our participation in events, the visit to our trade fair presence and other events, images and video recordings of these events are made to document the event for press and public relations work and corporate communications. Personal (image) data is also processed in this process.
The publication of the image material takes place both electronically in social media such as Facebook and in print media. Legal basis for this processing is Art. 6 I f GDPR for corporate communication.
As far as factually possible and legally reasonable, reference will be made again to the photographs at each individual event. If the processing of the pictures takes place on the basis of Art. 6 I f GDPR, you can object to this use at any time on grounds relating to your particular situation. You can exercise this right by informing the photographer of these reasons in advance and he will take this into account in his work. We will be happy to provide you with details of the event in question.
4.8. Compliance, law enforcement and crime prevention (Art. 6 I f GDPR)
To the extent required by law, Meraxis uses personal data to assert legal claims and to defend legal disputes. Within the context of the company's compliance requirements, the data may also be used to prevent, clarify or prevent criminal offences. In addition to the previously mentioned data categories insofar as they are required for the purpose, creditworthiness data, visit data, account data as well as correspondence, purchasing and sales data are also used for this purpose. This data will be deleted or made completely anonymous in accordance with the applicable legislation or immediately after the respective case has been concluded.
Security is generally also served by systems for building and plant security as well as for securing our data processing systems, such as access controls or video surveillance. The mentioned controls only take place openly at our sites. You can find out more about them in detail on site.
We process your personal data further in connection with the usual checks of business partners within the framework of compliance requirements. Insofar as we have not requested your personal data directly from you, we have collected them from publicly accessible sources and databases as part of the due diligence. The data collected from these sources are processed exclusively for this purpose and deleted as soon as they are no longer required for this purpose. The processing is based on Art. 6 I c GDPR insofar as the due diligence is based on legal requirements or on Art. 6 I f GDPR the legitimate interest of the company in the evaluation of its business partners for the reduction of risks. If the processing is based on Art. 6 I f GDPR, you can object to this on grounds relating to your particular situation.
4.9. Advertising communication and market research (Art. 6 I f GDPR)
As far as legally permissible on the basis of Art. 6 I f GDPR or if you give us your consent (Art. 6 I a GDPR), we process your data in particular for advertising communication. In this way, we can further improve our range of products and services and act in a more targeted manner.
Within the context of these activities, the necessary data such as contact data / personal master data (surname, first name, address, e-mail address, etc.) can be processed.
Only as far as a permission is given further data which you provide to us for this purpose will be processed, e.g. interests, personal preferences, professional situation.
In the case of an existing customer relationship or if you have consented to this, you will generally receive the above information by electronic mail. For business partners who are not consumers, the information is provided by telephone or analogue.
For the purposes mentioned it may be necessary for us to pass on your personal data to companies of the Meraxis Group in order to better respond to your wishes or to continuously improve our products and services.
In each case you can disagree with the use of your data for purposes of direct advertising at any time according to Art. 21 Para. 2 GDPR or revoke a corresponding consent at any time according to Art. 7 Para. 3 GDPR with effect for the future.
For the further development of our products, services and business processes as well as for market research, we analyse the data available to us on business transactions, contracts and enquiries. It is in no way possible to draw conclusions about individual natural persons.
Of course we respect it if you do not want us to use your personal data to support our customer relationship - in particular for direct marketing or market research.
4.10. Compliance with legal obligations (Art. 6 I c GDPR)
Meraxis is subject to a number of legal obligations regarding the processing and storage of personal data. These relate, for example, to commercial and tax retention regulations in accordance with law.
In order to meet these obligations, we process your data to the required extent and, if necessary, pass them on to the responsible authorities within the framework of statutory reporting obligations.
4.11. Further processing purposes
Data processing also takes place within the context of quality management to determine and improve customer satisfaction, to further develop services, and to improve IT security and IT operations. The last point also includes processing to identify and prevent unauthorized access to personal data.
Legal basis for the processing of these data is art. 6 I f GDPR. Insofar as no consent is given, no conclusions can be drawn about individual natural people.
In individual cases this processing can be objected on grounds relating to your particular situation.
4.12. Transfer of data to third parties
For the aforementioned purposes, the data may be disclosed to third parties who assist the controller in the pursuit of the mentioned purposes. The passing on takes place in the context of an order processing with-in the sense of Art. 28 GDPR, a joint responsibility according to Art. 26 GDPR or as data transfer in the context of the order of professional services.
For data transfer to recipients in third countries (see point 7 below).
5. Duration of storage
We store your personal data only as long as it is necessary for the purposes for which it was collected or as long as storage is required by law or within the framework of official regulations. We delete or block your data as soon as they are no longer needed.
Furthermore, we will delete or block your data immediately in the event of a revocation of your consent and in the event of a justified objection to the processing.
6. Planned transfer of data to third countries
We may share your personal information with other Meraxis companies or companies of the REHAU Group for the purposes described in this privacy statement. The other companies may use your personal data in their own interest for the same purposes as we do. In particular, they may process your personal data for the above-mentioned purposes in their own interest.
Within the above mentioned group of companies, employees only have access to your personal data insofar as this is necessary for the performance of their duties.
Art. 6 of the Swiss Data Protection Act applies to data transfers to branches within the European Economic Area. Data is transferred to branches outside the European Economic Area either on the basis of an adequacy decision of the Commission (Art. 45 Para. 3 GDPR) or on the basis of standard data protection clauses (Art. 46 II c GDPR) which contain appropriate guarantees for the data subject.
The text of the standard data protection clauses is published at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.
We may also disclose your personal information to third parties to use technical or organizational services that we need to fulfill for the purposes mentioned above or for our other business activities. Our service providers are contractually obliged to process personal data exclusively on our behalf and according to our instructions. We also oblige our service providers to comply with technical and organizational measures that ensure the protection of personal data. If the service providers are located in countries where the applicable laws do not provide for the protection of personal data comparable to European law, we will contractually ensure that the relevant service providers comply with the statutory level of data protection (standard data protection clauses or EU-US Privacy Shield Framework).
7. Online data usage/ visit of our websites
In the following you will learn which information we may collect when you visit our websites and how we deal with it. Websites made by Meraxis may contain links to websites of other providers which are not covered by this data protection declaration.
When you visit our website, we store information about the browser and operating system you are using, the date and time of your visit and the IP address. However, this data cannot be assigned to you and is not personal. We do not collect any personal data via our websites without your knowledge. You alone decide whether or not you wish to disclose such data to us in the context of a registration, order or survey. We use this data to ensure a smooth connection and the comfortable use of our website.
In addition, we use the following technologies on our website:
7.1. Google Analytics - web analytics service
You can prevent Google Analytics from collecting data by clicking on the following link: Disable Google Analytics
An opt-out cookie is set to prevent your data from being collected in the future when you visit this website.
We would like to point out that on our website Google Analytics has been extended by the code "gat._anonymizeIp();" in order to guarantee an anonymous recording of IP addresses (so-called IP masking).
We use Facebook Inc.'s "visitor action pixel" on our website. This allows us to track users' behavior after they click on a Facebook ad to redirect them to the vendor's Web site. This process is used to evaluate the effectiveness of Facebook ads for statistical and market research purposes and may help optimize future advertising efforts. The data collected is anonymous to us and therefore does not provide us with any information about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage guideline: https://www.facebook.com/about/privacy/.
The information may enable Facebook and its partners to serve advertisements on and off Facebook. A cookie may also be stored on your computer for these purposes.
Automatically collected information that is not personal data
Cookies are small text files that are usually placed on the PC from a website. Cookies are used for a variety of purposes. However, they are never risky because they lack any "active" ability. They cannot therefore execute any malicious applications. They contain almost exclusively information which is necessary for a comfortable Internet use.
In addition, we have set ourselves a deadline for deleting cookies. Without your renewed permission these are stored maximally 12 months starting from the first collection. To this end, we take technical steps to ensure automatic deletion.
Classic examples of cookie tasks: login data, shopping cart storage, user analysis, form fields.
Information that can be stored in cookies: Lifetime, server name, Unique ID, content data.
- Session cookies
Session cookies are only technical cookies that are necessary for the proper functioning of our website.
- Tracking cookies
Tracking cookies are used - of course in a completely anonymous form - to evaluate user behavior when visiting our website. Meraxis and, if necessary, the responsible body receive valuable information on how the website is used, which helps Meraxis and, if necessary, the responsible body to better focus on the interests of visitors.
- Third-party cookies
The plugins used on our website also use their own cookies. You can find out about the types and purposes of cookies on the pages provided by the third party providers.
8. Data security
We have technical and organizational security procedures in place to protect the security of your personal data and to protect your personal data against unauthorized or unlawful processing and/or against accidental loss, alteration, disclosure or access.
9. Your rights
You have the possibility to check Meraxis’ compliance with data protection regulations yourself. You are entitled to the following rights:
- Information Law
- Right to access your processed data
- Right to object
For all processing operations based on Art. 6 I f GDPR (see above), you can object the processing on grounds relating to your particular situation.
- Right for disagreement against direct advertising
You have the right to object at any time against the processing of your data for the purpose of direct marketing. This also applies to profiling in connection with such direct marketing.
- Right of correction, deletion and limitation
- Right of data transferability
If you have any questions about these rights with regarding the processing of your personal data, you can contact the address mentioned in the imprint, which is also available in the event of requests for information suggestions or complaints. Upon request, Meraxis will inform you as soon as possible in writing if and which of your personal data we have stored in accordance with applicable law. Should incorrect information be stored despite our efforts to ensure that the data is correct and up-to-date, we will correct it at your request.