1. Who We Are
This Privacy Policy explains how Marubeni-Itochu Steel Europe GmbH (“we”, “us”, “our”), located at Fritz-Vomfelde-Straße 20, 40547 Düsseldorf, Germany, processes personal data when you use our website www.benichu.de.
Contact: privacy@benichu.de
2. Scope
This notice applies to personal data collected through:
- Our contact form
- Cookies and similar technologies (including Matomo Analytics)
3. What Personal Data We Collect and Why
3.1 Contact Form
- Categories of data: name, email address, phone number, company, your message, and any information you choose to include.
- Purpose: to respond to your inquiry, provide customer support, and manage our relationship with you.
- Legal basis: Art. 6(1)(b) GDPR (pre-contract/contract) and/or Art. 6(1)(f) GDPR (our legitimate interest in handling inquiries). Where we ask for consent for specific follow-up communications, Art. 6(1)(a) GDPR applies.
- Retention: 12 months after the last interaction, unless longer is required by law or necessary to establish, exercise, or defend legal claims.
3.2 Cookies and Matomo Analytics
We use cookies to operate the Website and, with your consent, to understand how visitors use it. We use Matomo Analytics with privacy-centric settings: IP anonymization enabled and data retention set to 14 months. Analytics cookies will not be placed unless you provide prior consent via our cookie banner (Art. 6(1)(a) GDPR; TTDSG §25(1)). Strictly necessary cookies are used to ensure core site functionality (Art. 6(1)(f) GDPR; TTDSG §25(2)). You can change or withdraw your consent at any time via the “Cookie Settings” link on our Website.
4. Recipients and Processors
- Hosting and IT service provider: Amazon Web Service (processor pursuant to Art. 28 GDPR)
- Matomo org (provider of Matomo Analytics)
5. International Data Transfers
In this context, data may also be transmitted to countries outside the European Economic Area (EEA), in particular to other MISI Group companies. If data is transmitted to countries outside the EEA, this will only be done if the EU Commission has decided that this country, this area or the specific sector provides an adequate level of protection (this is currently the case, for instance, in Andorra, Argentina, Canada (with restrictions), Faroe Islands, Guernsey, Israel (with restrictions), Isle of Man, Japan, Jersey, New Zealand, Switzerland, United Kingdom and Uruguay), and if suitable guarantees are provided for and enforceable rights and effective remedies are available to you (e.g. after conclusion of the EU Standard Contractual Clauses) or if there is an exemption according to Art. 49 GDPR (e.g. if you have consented to such a transfer or if this is necessary to fulfil the employment contract with us).
6. Data Security
We apply appropriate technical and organizational measures (e.g., TLS encryption, access controls, least-privilege, secure backups) to protect personal data. No system is perfectly secure, and we continually assess and improve our safeguards.
7. Your Rights under GDPR
You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data which is carried out pursuant to Article 6(1)(f) of the GDPR. The controller shall then no longer process the personal data unless they can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves the establishment, exercise or defence of legal claims. The collection of data for the provision of the website and the storage of log files are strictly necessary for the operation of the website.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to establish, exercise or defend legal claims.
We also process your personal data in individual cases for direct marketing purposes. If you do not wish to receive advertising, you have the right to object to this at any time; this also includes profiling, insofar to the extent that this is related to such direct marketing. We will keep this objection in mind for the future.
We will no longer process your data for direct marketing purposes if you object to processing for these purposes.
Such objection can be made without any formality and should, if possible, be addressed to the address mentioned under Clause I.
To exercise your rights, contact privacy@benichu.de.
8. Supervisory Authority
You have the right to lodge a complaint with a data protection supervisory authority. Our local authority is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW)
Kavalleriestraße 2–4, 40213 Düsseldorf, Germany
Website: https://www.ldi.nrw.de/
Phone: +49 211 38424-0
Email: poststelle@ldi.nrw.de
9. Changes to this Policy
We may update this Privacy Policy from time to time. The latest version is available on this page and is effective from the “Effective date” stated above.
Disclaimer: This template is provided for general informational purposes and does not constitute legal advice. Please adapt it to your specific processing activities and consult a qualified attorney if needed.