Contact
GERMANY
Palmer Hargreaves GmbH
Vogelsanger Strasse 66
50823 Cologne
t +49 221 933 22 – 0
e cologne@palmerhargreaves.com
UNITED KINGDOM
Palmer Hargreaves Ltd.
19 Waterloo Place
Leamington Spa, Warwickshire, CV32 5LA
t +44 (0) 1926 452525
e leamington@palmerhargreaves.com
ASIA
OneMagnify Asia Pacific Pte. Ltd.
9 Raffles Place
#26-01
Republic Plaza
Singapore 048619
t +86 176 2119 5079
e ygao@ph-onemagnify.com
Imprint
Palmer Hargreaves Holdings Limited
Registered office: 19 Waterloo Place, Leamington Spa, CV32 5LA
Registered in England and Wales number 06668219
Data protection statement
Thank you for visiting our website! It is highly important to us to comply with the provisions under data protection law. This data protection statement is intended to inform you, as the user of our website, of the nature, scope and purpose of the processing of personal data and the rights you have, if you are a data subject as defined in article 4 no. 1, of the General Data Protection Regulation. The data protection statement below already includes the alterations under the General Data Protection Regulation (GDPR), which has applied since 25th May 2018.
1. Controller
This website and the services offered are operated by
Palmer Hargreaves Holdings Limited
19 Waterloo Place
Leamington Spa, CV32 5LA
UK
w palmerhargreaves.com
Managing director: Jörn Langensiepen
(hereinafter “Palmer Hargreaves“).
2. General
When developing this website, we have designed it with the intention of collecting as little data from you as possible. In principle, it is possible to visit our website without providing personal data. It is only necessary to process data if you decide to use certain services. When doing so, we always ensure that we only process your personal data in line with a legal basis or the consent you have given. We comply with the provisions of the General Data Protection Regulation (GDPR) applicable since 25th March 2018 and the applicable national provisions, or any other more specialised laws on data protection.
3. Definition
The terms used in this data protection statement refer to the meaning below in line with the GDPR.
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Restriction of processing” means the marking of stored personal data with the aim of limiting their processing in the future.
“Pseudonymisation” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
“Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
4. Purpose of use and legal basis for processing personal data
Personal data that are necessary in order to constitute, execute or carry out our service offers are processed on the legal basis of article 6 (1) (b) of the GDPR. Processing of personal data that is necessary for the purposes of our pursued legitimate interests is carried out in line with article 6 (1) (f) of the GDPR. If your personal data are processed for the stated purpose with your consent, then this is based on article 6 (1) (a) of the GDPR. Where we use external service providers within the scope of commissioned processing, the processing is carried out on the legal basis of article 28 of the GDPR. We will process and use the collected personal data for the purposes listed here.
5. Collected and processed personal data
We collect and process your personal data only if you provide us with them voluntarily and knowingly, for instance by contacting us or sending us an email.
The personal data provided by you and their contents will exclusively stay with our affiliated companies and us. We will store and process your data only for the purposes stated in item 4 above. Any use for any purpose other than that stated requires your explicit consent. This also applies to the transfer and transmission of your data to third parties.
6. General log files
The webserver temporarily records the connection data of the inquiring computer (IP address), the pages you visit on our website, the data and the duration of your visit, the identification data of the used browser and operating system type and the website you have visited before as well as the successful retrieval in log files. The technical administration of the website and anonymous statistical measures facilitate an evaluation of the accesses to the Palmer Hargreaves offers and an evaluation, the aim of which is to enhance data protection and data security in our company in order to ensure an optimum level of security for the personal data that we process. The data of the server log files will be stored separately from the personal data that you provide. Unless there are any potential obligations of retention provided by law, we will delete or render anonymous your IP address 28 days after you have left our website.
7. Cookies
Use of cookies
Our website collects and stores information by using what are called browser cookies.
What are cookies?
They are small text files that are stored on your data carrier and that store specific settings and data about your browser for exchange with our system. In general, a cookie contains the name of the domain that sent the cookie data as well as information on the age of the cookie and an alphanumeric identifier.
Why do we use cookies?
Cookies facilitate our systems to recognize the user's device and to make any potential presettings available immediately. As soon as a user accesses the platform, a cookie will be transmitted to the hard disk of the user’s computer. Cookies help us to improve our website and to offer you an even better and customised service. This enables us to recognize your computer or your (mobile) device when you return to our website and therefore, we can
- store information about your preferred activities on the website and customise our website for you to suit your particular interests and
- accelerate the speed of handling your enquiries.
We cooperate with third party services, which support us in making the Internet offer and the website more interesting for you. Therefore, cookies of these partner companies (third-party providers) are also stored on your hard disk when you visit our website. These cookies are deleted automatically after the predetermined time.
You will find a list of the cookies set by us here.
May I decide about the use of cookies?
If you do not wish cookies to be used, then you can set your browser to not accept any storage of cookies. Please keep in mind that in this case the use of our website might be restricted or not possible at all, as the case may be. If you wish to accept only our own cookies, but not the cookies of our service providers and partners, then you may select the “block third-party cookies” setting in your browser. We assume no responsibility for the use of third-party cookies.
8. Integration of third-party services and contents
Our website uses contents and services of other suppliers. The provider (hereinafter “third-party”) is therefore aware of the user’s IP address.
Even if we try to use only third-party providers who need the IP address only in order to provide content, we do not have any influence on whether the IP address is stored, as the case may be. In this case, this process serves, among others, statistical purposes. As soon as we become aware that the IP address is stored, we will point it out to you.
Use of the Google Tag Manager
Our website uses the Google Tag Manager. Through this service, website tags may be managed via an interface. The Google Tool Manager merely implements tags. This means: No cookies are used and no personal data are collected. The Google Tool Manager triggers other tags, which, in turn collect data, as the case may be. However, the Google Tag Manager does not access these data. If, at domain or cookie level, a deactivation was made, then they remain for all tracking tags, provided those tracking tags have been implemented with the Google Tag Manager. The deactivation at domain or cookie level remains for all tracking tags that have been implemented with the Google Tag Manager. You will find Google’s data protection statement at: https://policies.google.com/technologies/partner-sites?hl=en-GB
The company Google is certified for the EU-US data protection framework “Privacy Shield“. This data protection framework shall guarantee compliance with the data protection level that is applicable in the EU.
Use of Google Analytics
Our website uses features of the web analysis service Google Analytics. The supplier of this web analysis service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A.
Google Analytics uses cookies. Cookies are small text files that your web browser stores on your end device and that facilitate an analysis of the use of the website. Information about your use of our website generated by means of cookies are transmitted to a Google server and stored there. The server is generally located in the U.S.A.
Setting of Google Analytics cookies is based on article 6 (1) (f) of the GDPR. As the owner of this website, we have a legitimate interest in analysing the user behaviour in order to optimize our website, and advertising as well, as the case may be.
We use Google Analytics in connection with the IP anonymization feature. It ensures that Google shortens your IP address within the member states of the European Union or in the other contracting states of the agreement on the European Economic Area before transmitting it to the U.S.A. There may be exceptions, where Google transfers the full IP address to a server in the U.S.A. and shortens it there. Google will use this information on our behalf in order to analyse your use of the website, to create reports about website activities and to render other services for us associated with the website use and Internet use. The IP address transmitted by Google Analytics will not be combined with other data of Google.
You may prevent your web browser to set cookies. Some functionalities of our website might then be limited. You may also prevent the collection of data about your use of the website including your IP address and the subsequent processing by Google. This is possible if you download and install the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en
You will find details on handling user data at Google Analytics in the data protection statement of Google at: https://support.google.com/analytics/answer/6004245?hl=en
Our website uses the “Demographics and Interests” function of Google Analytics. It may be used to create reports that contain information about age, gender and interests of the website visitors. These data have been obtained from interest-related advertising of Google and visitor data of third-parties. It is not possible to attribute the data to a specific person. You may deactivate this function at any time. You can do this by using the display settings in your Google account or by prohibiting the collection of your data through Google Analytics in general as described in the item “Objection against data collection”.
Alternatively, you may prevent the collection through Google Analytics by setting a so-called “opt-out cookie“ by clicking here. If you delete the cookies in your browser, you must click this link again afterwards.
You will find Google’s data protection statement at: https://policies.google.com/technologies/partner-sites?hl=en-GB
9. Data security
Unfortunately, transferring information via the Internet is never 100 % secure, and that is why we cannot guarantee the security of the data transmitted via the Internet to our website.
However, we protect our website from loss, destruction, access, modification or dissemination of your data by unauthorized persons through technical and organisational measures.
In particular, your personal data are transferred in encrypted form. We use the coding system SSL/TLS (Secure Sockets Layer/Transport Layer Security) for this purpose. Our security measures are continuously improved in line with technological development.
10. Rights of the data subjects
If you are a data subject as defined in article 4 (1) of the GDPR, then you have the following rights regarding processing of your personal data according to the GDPR.
Right to confirmation and access
Under the conditions of article 15 of the GDPR, you have the right to obtain confirmation as to whether or not personal data concerning you are being processed and to obtain access from the controller to the personal data stored about you and to obtain a copy of such information free of charge.
Right to correction
Under the conditions of article 16 of the GDPR, you have the right to request the rectification of inaccurate personal data concerning you without undue delay. Taking into account the purposes of the processing, you also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to deletion
Under the conditions of article 17 of the GDPR, you have the right to demand from us the erasure of personal data concerning you without undue delay, provided that one of the reasons stated in article 17 of the GDPR applies and the processing is not required.
Right to restriction of processing
Under the conditions of article 18 of the GDPR, you have the right to demand restriction of processing where one of the conditions stated in article 18 of the GPDR applies.
Right to data portability
Under the conditions of article 20 of the GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit those data to another controller without hindrance from us provided that the other conditions of article 20 of the GDPR are fulfilled.
Right to withdraw any given consent
You have the right to revoke consent for processing personal data given to us with effect for the future at any time. Please send the revocation to the following email address: dataprotection@palmerhargreaves.com
Right to object
Under the conditions of article 21 of the GDPR, you have the right to object at any time the processing of personal data concerning you. If the conditions for an effective objection are met, then we may no longer process your personal data.
Right to lodge a complaint with a supervisory authority
Regardless of any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.
11. Forwarding your personal data
Your personal data will be forwarded as described below:
The website is hosted by a third-party service provider in the EU. We make sure that the data are only processed in Germany. This is necessary to operate the website as well as for constituting, executing and carrying out the existing licence agreement and possible even without your consent.
Your personal data will also be forwarded if we have the right or are obliged to forward data due to legal provisions and/or official or court order. In particular, this may refer to the provision of information for law enforcement, prevention of threats or enforcement of intellectual property rights.
Where your data are forwarded to service providers to the extent required, such service providers will only have access to your personal data to the extent that this is necessary to perform their tasks. These service providers are obliged to treat your personal data according to the applicable data protection laws, including, but not limited to the GDPR.
Other than described above, we, as a rule, do not transmit your data to third-parties without your consent. In particular, we do not forward personal data to a body in a third country or to an international organisation.
12. Storage period for personal data
As regards the storage period, we delete personal data as soon as their storage is no longer required to fulfil the initial purpose and there are no statutory retention periods. The statutory retention periods are basically the criterion for the final period of storage of personal data. After expiry of this period, the relevant data will be routinely deleted. If there are retention periods, the processing will be restricted by blocking the data.
13. References and Links
When you visit Internet sites that are referred to from our website, you may again be asked for details, such as name, address, email address, browser features etc. This data protection statement does not lay down the processing, forwarding or handling of personal data by third-parties.
Third-party service providers may have diverging and their own rules on handling the collection, processing, and use of personal data. Therefore, we would like to recommend to reading up on how third-parties deal with personal data on their websites before entering personal data.
14. Modification of the data protection statement
We continuously further develop our website to offer you a service that is becoming better and better. We will continuously keep this data protection statement up-to-date and revise it accordingly whenever and where this becomes necessary.
Of course we will inform you of any changes of this data protection statement in good time. We will do so by sending you an email to the email address you have provided to us. Where it is necessary that you give us further consent for handling your data other than this, we will of course obtain such consent from you before any changes in this regard become effective.
Issued: September 2018