The controller according to the General Data Protection Regulation (GDPR) and other national data protection laws and regulations is:
SAMSON REGELTECHNIEK B.V.
2718 SH ZOETERMEER (Netherlands)
Phone: +31 (0)79 361 05 01
The data protection officer of SAMSON REGELTECHNIEK B.V. is:
Mr H. Zwart OR Mr P. van Vliet
1. General information on data processing
1.1 Processing of personal data and its purpose
SAMSON REGELTECHNIEK B.V. (“SAMSON” or "we" in the following) processes personal user data only as far as it is necessary for providing a functioning website, our contents and services. Site activity, demographics and data server health are processed when visiting our website, e.g.
- User's IP address
- Information on the web browser used (type, version, language)
- Operating system used
- User's Internet service provider
- Date and time the user accessed our website
- Files retrieved from our website
- Web page from where the user got to our website
- Web page(s) that the user retrieves on our website
- Object (image, page) to be opened
- Protocol (http/https)
- Return codes (access successful/not successful)
- Referrer (which link was opened)
The IP address needs to be processed and temporarily saved to supply the web page to the user's computer. This means that the user's IP address must be saved for the session. The log files created contain IP addresses or other data that make it possible to identify the user. The log files are saved to ensure the proper functioning of the web pages. Additionally, we use the data to optimize our site and ensure the security of our IT systems. Personal data are exclusively processed for the mentioned purposes and to the extent necessary for fulfilling these purposes. The data are not used for marketing, customer assistance or market research purposes.
1.2 Legal grounds for the processing of personal data
As a rule, personal user data are processed after users haven given their consent. An exception applies in such cases where prior consent cannot be requested for factual reasons and where laws and regulations permit the processing of personal data. The storage of personal data and log files is governed by Article 6(1) lit. f) GDPR.
1.3 Data erasure and period for which the data are saved
We delete or block the personal data of the data subjects as soon as the purpose for storage has become void. When data are processed to provide web pages, the data are erased at the end of the session. Personal data saved in log files are deleted as soon as possible. Any further storage is possible if the user's IP address has been deleted or depersonalized beforehand so that the accessing client cannot be identified any longer.
- Language settings
- Logon information
3. Web analytics
4. Google Maps
5. Leaflet Open Street Maps
We use Leaflet Open Street Maps (https://leafletjs.com) to illustrate map information on our website. Using Leaflet involves the processing of usage data by website users who utilize the map functions. The processing of personal data is governed by Article 6(1) lit. f) of GDPR. We have a legitimate interest in presenting attractive web pages and in making the locations specified on our pages easy to find. For further information refer to the Leaflet website available at https://leafletjs.com.
We offer free newsletters on our website (Newsletter, events, press). We process the following personal data when users subscribe to it:
- E-mail address
- Last name
- Company (optional)
- Job (optional)
- Name trade magazine (only for press mailings)
7. Contact forms and e-mail contact
Our website includes several contact forms so that users can get in touch with us by electronic mail. If users choose to use this form of communication, the data entered in the form are transmitted to SAMSON AG, where they are saved. This applies to the following data:
- Form of address
- First name, last name
- E-mail address
- Phone number
- User's IP address
- Date and time of sending
Depending on the contact form, it may be possible to enter additional data. Also depending on the contract form, data may be transferred to our subsidiaries located in third countries. In such cases, we ensure that appropriate safeguards pursuant to Art. 46 GDPR are observed. Alternatively, users can make first contact with us at the e-mail address provided on the website. In this case, we save the user's personal data included in the e-mail. The processing of personal data is governed by Article 6(1) lit. f) of GDPR. The data are only used to handle the first communication and the resulting communication. If we use the personal data for other purposes, we will request the user's consent beforehand.
8. Data security
If SAMSON processes your personal data, you are a data subject as defined in Article 4(1) GDPR and have the following rights towards SAMSON:
8.1 Right of access
Pursuant to Article 15 GDPR, you have the right to obtain from us a confirmation as to whether or not we process personal data concerning you. Where that is the case, you are entitled to obtain access to the personal data and the following information:
- The purposes of the processing;
- The categories of personal data we process;
- The recipients or categories of recipients to whom your personal data have been or will be disclosed by us;
- Where possible, the envisaged period for which your personal data will be stored, or, if not possible, the criteria used to determine that period;
- The existence of the right to request from us rectification or erasure of personal data or restriction of processing of your personal data or to object to such processing;
- The right to lodge a complaint with a supervisory authority;
- Where the personal data are not collected from the data subject him- or herself, any available information as to their source;
- The existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.
You have the right to obtain access as to whether we have been, are or will be disclosing your personal data to recipients in third countries or international organizations. Where personal data are transferred to a third country or to an international organization, you have the right to be informed of the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer.
8.2 Right to rectification
Pursuant to Article 16 of GDPR, you have the right to obtain from us the rectification of inaccurate personal data concerning yourself and/or to have incomplete personal data completed.
8.3 Right to erasure
Pursuant to Article 17 of GDPR, you have the right to obtain from us the erasure of personal data concerning yourself without undue delay. Your right to erasure depends on certain factors, including whether we still need your processed personal data to fulfill our tasks.
8.4 Right to restriction of processing
Pursuant to Article 18 of GDPR, you have the right to obtain from us restriction of processing of your personal data.
8.5 Right of information
If you have requested from us the rectification or erasure of personal data or restriction of processing, we are obliged according to Article 19 GDPR to inform each recipient to whom we have disclosed your personal data of this request, unless this proves impossible or involves disproportionate effort. You are entitled to request information about those recipients from us.
8.6 Right to data portability
Pursuant to Article 20 of GDPR, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format to have them forwarded to a different officer, if applicable.
8.7 Right to object
Pursuant to Article 21 of GDPR, you have the right, on grounds relating to your particular situation, to object to the processing of personal data concerning yourself at any time. We no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
8.8 Right to withdraw the declaration of consent on privacy and data protection
You have the right to withdraw your declaration of consent on privacy and data protection at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before the withdrawal.
8.9 Automated individual decision-making, including profiling
Pursuant to Article 22 of GDPR, you have the right to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to yourself infringes the GDPR.
Last update: February 2020