Notes on Data Security
New Version DSGVO (EU) 2016-679 (Status 28.04.2021)
PM-International’s Data Protection Declaration
Notes on data protection
The following privacy statement applies to the website accessible under www.pm-international.com
The protection of your personal data and your privacy are important to us.
Name and contact details of those responsible and their representatives, if any:
An der Hofweide 17, D-67346 Speyer
Represented by the Board of Directors: Patrick Bacher, Sven Palla
Telephone +49 (0)6232 / 296 -0
Telefax +49 (0)6232 / 296 -100
Data Protection Officer:
Dr. Raimund Abele, PM-International AG
Purposes for which the personal data will be processed:
We process your data for the following purposes:
– Contract processing
– Making contact (inquiries via our contact form)
– Quality control
Legal basis for the processing
The processing of your data is completed on the following legal basis:
– Your consent, Art. 6 para. 1 lit. a) DSGVO (EU) 2016-679.
– Fulfillment of a contract and pre-contractual measures, Art. 6 para. 1, lit. b) DSGVO (EU) 2016-679.
– Legitimate interests, Art. 6 para. 1 lit. f) DSGVO (EU) 2016-679 (see below).
Whilst processing your data, we pursue the following legitimate interests:
– Improving our offers
– Protection against abuse
– Direct advertising
Recipients or categories of the recipients of personal data
Whilst processing your data, we cooperate with the following service providers who also have access to your data:
– Web hosting providers
– Providers of social media platforms
– Advertising networks (for commercials)
– Where appropriate for payment and shipping providers
– Providers of web analytics tools
Duration for which the personal data is stored:
We store your data
– If you have consented to the processing or until you withdraw your consent.
– If we need the data to perform a contract or as long as the contractual relationship with you exists or statutory retention periods are running.
– If we use the data on the basis of a legitimate interest or as long as your interest in a deletion or anonymization is not predominant.
We receive the data from you (inclusively via the equipment you are using).
Data transfer to third countries
There is a data transfer to third countries outside the European Union. This is done on the basis of legally envisaged contractual arrangements which are intended to ensure an adequate protection of your data and which you can look at upon request.
Right of information including correction, cancellation or restriction of processing or a right of objection against processing including the right of data portability:
You have the right
– To request, information on the processing of your data.
– For your data to be corrected.
– To request for your data to be blocked or deleted.
– To restrict the processing.
– To object to the processing of your data.
– To receive your data in a portable format and to transmit it to a third party.
– To revoke your consent to the processing of your data in the future and
– To complain to the responsible authorities about any illegal data processing. The responsible supervisory authority is the State Commissioner for Data Protection and Freedom of Information of Rhineland-Palatinate.
The requirement or obligation to provide data
As far as this is not expressly stated in the survey, the provision of data is not required or mandatory.
Learn more about data protection
Data processing through third parties
Insofar as PM-International passes on data to service providers as part of the distribution management (such as e.g. parcel services, payment service providers and others), PM-International thus closes an order processing contract each time. As a result, distributors are committed to data privacy not only by law but also by contract with PM-International.
Personal and transaction-related data is transferred to the “EU standard contractual clauses” laid down by the European Commission.
Data protection for goods orders, personal user profiles
In regards to ordering goods, PM-International collects the personal data of customers in order to carry out and complete the order. Here, the following data about the customer is collected, stored, and used: name, address, e-mail address, date of birth, telephone number, payment information, as well as account details in the case of payment by bank transfer and, if necessary, further bank details for credit card payments. The information you provide here is solely used to facilitate the ordering process, for administrative purposes and for internal analysis.
We obtain information in order to verify your address (check for deliverability) from infoscore Consumer Data GmbH, Rheinstrasse 99, 76532 Baden-Baden. For this purpose, we provide the necessary information (your full name, your address and if necessary your date of birth) to the aforementioned company. This company will use this information in the future for address verification purposes or identity tests for other companies, as well as for the appropriate scoring applications. Scoring calculates probability values for a specific future behavior based on mathematical and statistical techniques and uses the appropriate data for this purpose.
For credit checks, we also transmit data to the infoscore Consumer Data GmbH. infoscore Consumer Data GmbH is a consumer reporting agency. It operates a database which stores credit information on individuals. On this basis, infoscore issues credit checks on their customers. Customers include, for example, credit institutions, leasing companies, insurance companies, telecommunications companies, companies for receivables management, shipping, wholesale and retail companies, as well as other companies, which deliver or provide goods or other services. In the context of legal provisions, a part of the data in the database will be used among other things for delivery to other company databases, including for address commercial purposes.
The infoscore Consumer Data GmbH database retains information about the name, address, date of birth, email address, payment history and the ownership structure of persons. The purpose of processing this data is the provision of information about the creditworthiness of the person concerned. The legal basis for processing is Art. 6 para. 1f EU-DSGVO (EU) 2016-679. Information on this data may only be granted if a customer has a legitimate interest in knowing this information. Data transmitted to States outside the EU is to be done on the basis of the so-called “standard contractual clauses”.
The data will be retained for as long as the knowledge gained from it is necessary for the purpose of storage. It is necessary to know that the data will usually be stored for a period of three years. After expiry, it will be checked whether storage is still necessary, otherwise the data will be deleted to the day. Upon completion, the data will be deleted three years after the day of registration. Entries in the record of debtors are deleted daily in accordance with § 882e ZPO after a period of three years to the day of the registration order.
Legitimate interests within Art. 6 para. 1f EU-DSGVO (EU) 2016-679 are: loan decisions, initiating business deals, ownership structure, demand, credit checks, enforcement information.
You have a right to information about the data stored about your person at infoscore Consumer Data GmbH. If the data stored about you should be incorrect, then you have a right to correction or deletion. If it cannot be immediately established, whether the data stored about you is wrong or right, then you have a right to revocation until clarification has been made. If your data is incomplete, then you may request for it to be completed. If you have given your consent to the processing of data stored at infoscore Consumer Data GmbH, then you have the right to revoke this consent at any time. The lawfulness of the processing of data carried out on the basis of your consent to a possible withdrawal is not affected by the withdrawal.
If you have any objections, requests or complaints about the data protection, you can contact the infoscore Consumer Data GmbH data protection officer at anytime. They will help you quickly and with confidence in all aspects of data protection. You can also complain about the processing of data by infoscore with the state commissioner who is responsible for data protection in your region.
The data which has been saved about you at infoscore Consumer Data GmbH comes from publicly available sources, debt collection companies and their customers.
infoscore creates a score value of your data in order to describe your credit rating. Data on age and gender, address and at times details on payment experience is incorporated into the score value. This data flows with different weighting in the calculation of the score value. infoscore customers use the score values as an aid in carrying out their own credit decisions.
Right of objection:
The processing of data stored at infoscore Consumer Data GmbH occurs out of compelling reasons by the creditors and credit protection, which regularly outweigh your interests, rights and freedoms or are used to assert, exercise or defend legal claims. You can only object to the processing of your data for reasons, which arise from a particular situation involving you and which can be proven by you. If such special reasons exist and are proven, then the data will no longer be processed. If you object to the processing of your data for advertising and marketing purposes, then the data for these purposes will no longer be processed. infoscore Consumer Data GmbH is responsible within the meaning of Art. 4 No. 7 EU-DSGVO (EU) 2016-679.
PM-International uses your information for the following operations:
To offer the possibility of an individual service, as well as the optimal use of our website by using the information stored in your user profile.
To send individual offers and information to you which could be of personal interest. Of course, you have the option of informing us that you do not want or no longer want such offers or information to be sent to you. We will of course respect your wishes. Contact us by email: email@example.com
In order to meet contractual obligations for the delivery of goods via external agents (Art. 6 para. 1 b DSGVO (EU) 2016-679), PM-International passes the necessary information (recipient, delivery address and any authorized persons) on to these companies as well as to members of the PM Group. PM-International does not perform address marketing. PM-International closes contracts with all external service providers about the order processing, which meet the requirements found under the articles 28, 29 DSGVO (EU) 2016-679.
When dispatching goods, the German service provider parcelLab GmbH from Munich is used to take over the dispatch notifications in the direction of our customers and to provide them with the dispatch status and tracking number of their shipment. For this purpose, the personal data required for tracking the shipment (name, street, postcode, city, country, telephone number and e-mail, order number, product number and shipment number) are transmitted to parcelLab in encrypted form. Your data is automatically deleted by the service provider after 90 days.
You can withdraw your consent at any time by sending a message to “unsubscribe here” at the end of the packet information. After revocation, we will delete the data you have provided for this purpose, unless you have expressly consented to further use of your data or we reserve the right to use your data for other purposes which are permitted by law and about which we inform you in this declaration.
The data of each client’s individual orders remain available in the password-protected user account for this website, in order to enable easy reorders of the purchased products. The customer can view and change the inventory data as well as the selected password saved in their account – in the section “My data” – at any time on this site.
A customer can request by mail, phone or e-mail to firstname.lastname@example.org for their customer account and all related data to be deleted at any time. In this case PM-International will delete all customer data immediately, as long as it is not needed to process a purchase order or PM-International is required to store it due to tax regulations (§ 147 AO). In both cases, the data will be blocked and deleted as soon as possible.
Special versions for Distributors
In the case that you are a Distributor at PM-International or want to be one, we refer to the purposes for which your personal data will be processed:
We also process your data in addition to the above named purposes
- For paying out commissions.
We also refer to the aforementioned for the legal basis of the processing and the legitimate interests!
Recipients or categories of recipients of personal data:
Whilst processing your data we work with the above named recipients of data (service providers). In addition, we transmit your data for the purposes of fulfilling contractual obligations to other members of the PM Group.
If you have subscribed to the PM-International newsletter, PM-International processes the personal data, which you have submitted to us in order to inform you about news. You agree to a regular newsletter being sent to your e-mail address. It will be checked beforehand that the recipient of the specified email address agrees to receiving the newsletter.
PM-International uses a processor to manage the address data and the sending of the newsletter. The service provider only has access to personal information needed to fulfil the order. The address data will not be used by the service provider or PM-International for other purposes. PM-International closes an order processing contract with the service provider which meet the requirements of the articles 28, 29 DSGVO (EU) 2016-679.
If you want to withdraw your consent to receive newsletters, you can disable the newsletter function as a Distributor in the personal area of your E-business. All other customers should send us an email to the following address: email@example.com
The contact form on our website is an easy way to quickly get in contact with us. So that getting in contact is possible, some fields are marked as mandatory fields. If you fill in the fields and select “Submit”, you agree to your data being sent to us by e-mail. The data will not be stored on the web server. The data will be stored with us for 10 years and then deleted.
Automatic storage of access data
Access data of the procedure is automatically saved in a log file each time a user accesses PM-International’s websites. This is general information, for example, the page from which the file was requested, the name of the accessed file, date and time when the information was requested, the amount of data transmitted, the protocol used, the specifications sent by the web browser, and if necessary, the operating systems.
This general information is anonymized, so will not be stored together with your personal data existing at PM-International and will also not be otherwise merged with your data. The information collected will be used for statistical purposes only and will also be used to improve the content and functionality of the website. A transfer of this data to third parties for other non-commercial or commercial purposes will not take place. The access data in the log file will be stored for a maximum of 4 weeks.
In addition, this site uses so-called cookies. A cookie is a text file with an identification number, which is transmitted and stored to the user’s computer upon use of the website along with the other requested data. The file will be available for later access and is used for the authentication of the user.
We use the following Cookies on our website, name (description) and expiration time:
GoogleAnalytics-Cookies: _ga (used to distinguish users) – Expiration time: 2 years
_gid (used to distinguish users) – Expiration time: 24 hours
_gat (used to throttle request rate) – Expiration time: 1 min
Telemetry-Cookies: ai_user (performance cookie for telemetry) – Exp. time: 1 year
ai_session (session cookie for telemetry) – Exp. time: 30 min
PHPSESSID: (session cookie, keep track on sessions) – Expiration time: session time
SERVERID: (session cookie, used for load-balancing) – Expiration time: session time
TP: (used to distinguish registered users) – Expiration time: 1 year
Furthermore, we have cookies to suggest what language and country is best suited for your visit. This is based on the URL you’re using and does not store personal information:
wp-wpml_current_language (WPML cookie for the selected language) – Exp. time: 1 day
language_preference_options (custom cookie for current language and country) – 365 days
language_redirect (custom cookie for info if the user has been redirected) – Exp. time: 1 day
If you do not wish for your access device to be recognized through the storage of cookies, then you can set the browser you used to block cookies, delete them from the hard drive, or warn you before a cookie is stored. Most browsers have an option that restricts the storage of cookies or completely prevents it. However, we would like to point out that in this case not all features of our website can be used to their full extent.
We use plugins from various social networks on our websites.
This website uses the following social plugins of the social network Facebook:
Plugins by Youtube.de/Youtube.com are used on this website and are operated by the YouTube, LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA. When a user visits a website that contains such a plugin, their browser connects directly with YouTube’s servers. Through this the YouTube servers are informed of the websites which the user has visited. If you are logged in as a member of YouTube, YouTube assigns this information to the platforms of your respective personal accounts. When you use these plug-ins, such as clicking/start buttons of a video or sending a comment, this information will be assigned to your YouTube account, which can only be prevented by you logging out before using the plugin. More information can be found under the data protection declaration under www.google.de/intl/de/policies/privacy
This website uses the buttons of the service Twitter, which is provided by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA. These plugins are, for example, indicated by terms such as “Tweet” or the Twitter logo. This enables people to share a post or a page from this website on Twitter. If a user visits a website containing such a button, their browser connects directly to Twitter’s servers. The content of the Twitter buttons is delivered directly by Twitter to the user’s browser. We have therefore no effect on the amount of data, which Twitter collects with the help of this plugin and can only inform the user through the knowledge available to us: afterwards the log data, such as the user’s IP address or previous websites visited, will be transmitted. More information can be found under Twitter’s data protection declaration twitter.com/privacy
Plugins of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States (hereinafter referred to as “LinkedIn”) are integrated in this website. The LinkedIn plug-in can be recognized by the LinkedIn logo or the “share button” (“recommended”) on this website. When visiting this website, a direct connection is made between your browser and the LinkedIn server via the plugin. As a result, LinkedIn receives the information that you have visited this website using your IP address. If you click on the LinkedIn “share button” while you are logged in to your LinkedIn account, you can link the contents of this website to your LinkedIn profile. As a result, LinkedIn can associate the visit to this website with your user account. We would like to point out that as website operators we receive no information of the content in the transmitted data or their use through LinkedIn. Details for data collection (purpose, scope, further processing, use), as well as your rights and options can be found under LinkedIn’s data protection information. LinkedIn provides this information under www.linkedin.com/legal/privacy-policy.
We use – like almost every website operator – analysis tools in the form of tracking software to determine the frequency of use and the number of users to our website.
Using the analysis tool “Google Analytics”
PM-International uses the service of Google Analytics of the Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. This service provides an analysis of this website’s use using cookies. For this purpose the information generated by the cookie, such as your anonymized IP address, is transmitted, stored and evaluated on behalf of PM-International to a server of the Google LLC in the United States. Google Analytics has been expanded with the code “GAT._anonymizeip();” on this website. As a result, an anonymous collection of IP addresses is guaranteed. Your IP address anonymization takes place usually by reducing your IP address through Google LLC within the European Union or in another signatories of the European Economic Area (EEA). In exceptional cases, your IP address is transmitted to a server of Google LLC in the United States and anonymized there. Your transmitted IP-address will not be merged with other data of Google LLC. Within the framework of the Google Analytics advertising function, remarketing and reports on performance will be used according to demographic characteristics and interests. These procedures serve the purpose of aligning advertising more with the interests of individual users through the help of information about user behavior. In the context of remarketing, personalized advertising measures can be switched to other websites based on your surfing behavior on PM-International’s website. Thus the advertising materials can contain products, which you have previously looked at on PM-International’s website. If you have agreed to your web and app browser being connected with Google through your Google account and that the information from your Google account can be used to personalize ads, then Google will use this data for comprehensive remarketing. You can object to the acquisition of your data through Google Analytics at any time. The following options are available to you:
You can also prevent the collection and the processing of this data by Google LLC by downloading and installing the browser-ad-on which is available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de
This can be done alternatively or within browsers on mobile devices by clicking on the following link:
An opt-out cookie will be placed on the user’s device for PM-International’s internet pages with effect for the currently used browser. If the cookies are deleted in this browser, then the link must be clicked on again.
Caution: If you delete your cookies in your browser, then even the stored opt-out cookie can be deleted as a result and the objection must be carried out again in the aforementioned manner.
We are using Microsoft application insights for telemetry reasons. Insights supports distributed telemetry correlation, which can be used to detect which component is responsible for failures or performance degradation.
(More information can be found under https://docs.microsoft.com/en-us/azure/azure-monitor/app/data-retention-privacy)
The SSL (Secure Socket Layer) security software used by PM-International is currently one of the best available technologies.
Upon payment of the respective services, you have the possibility to choose different payment options. The payment information for each variant is encrypted for the transmission. Thus, you can be sure that your data cannot be read by a third party. This transfer is even safer than transmitting your personal data over the phone.
More than tens of thousands of customers have so far purchased online at PM-International in Germany. As a result, you need not worry about your safety when using PM-International’s website. Everything possible is done to protect your data through the technology used by PM-International.
At PM-International, security is not only something to do with the protection of your data for the payment methods you choose. PM-International makes every effort to ensure that your order documents, goods or other documents arrive at the exact time we have provided you with.