GDPR Privacy Policy Addendum

General Data Protection Regulation (GDPR) Privacy Policy Notice – 2023

1. Who is responsible for processing personal data?

The “Data Controller” is responsible for the purpose and way in which personal data (i.e data that can directly or indirectly identify a person) is processed under the GDPR. Meissner Corporation and its affiliates, Meissner Filtration Products Inc., Meissner Filtration Products Limited and Meissner Filtration Products GmbH (together referred to as “Meissner”) are all Data Controllers. From time to time, Meissner may use an authorized agent or Data Processor (in accordance with Art. 28 GDPR) to carry out defined data processing on our behalf.

Meissner Filtration Products, Inc.
1001 Flynn Road, Camarillo, CA  93012
U.S.A.
Phone:  +1.805.388.9911
Email:  info@meissner.com or PrivacyOffice@meissner.com
www.meissner.com

2. Who can I contact with questions or concerns about data processing?

You can contact our Privacy Officer at Meissner Corporation:

Karisa Koenig
Meissner Corporation
1001 Flynn Road
Camarillo, CA  93012
U.S.A.
Phone:  +1.805.388.9911
Email:  PrivacyOfficer@meissner.com
www.meissner.com

You may also contact our EU data privacy representatives at:

Meissner Filtration Products GmbH
Am Kuemmerling 24-26
55294 Bodenheim
Germany
Tel.:  +49-6135- 55499 0
Fax:  +49-6135 -55499 299
Email:  dpo-eu@meissner.com

or

Meissner Filtration Products Limited
Castlebar Business and Technology Park,
Drumconlon, Castlebar, County Mayo
Ireland F23 P961
Tel:+ 353 94 90 17516
Email: dpc-ire@meissner.com

3. Who am I in relation to Meissner, and what are my rights?

If you are located in the  EU, you have rights in relation to your personal data under the GDPR.  You have the right to view, amend, delete or restrict the processing of the personal data that we collect relating to you. To make a specific request, please contact our Privacy Officer or EU data privacy representatives as appropriate.

Your rights related to our collection, storage and processing of personal data under Articles 12-23 of the GDPR, are summarized below:

  • The right to transparency (Art. 12 GDPR): We must be clear about what personal data we collect, how we use pl data, and for how long we store the data. Our Privacy Policy is in place to ensure this transparency.
  • The right to access (Art. 15 GDPR): You have a general right to find out if we hold and process personal data relating to you and to obtain a copy of such personal information.
  • The right to data portability (Art. 20 GDPR): You can ask that we send you the personal data you have provided to us, in an easily accessible, standard format and to transmit such data to other Controllers at your direction.
  • The right to rectification (Art. 16 GDPR): You can request an update of inaccurate or incomplete information that we have stored about you which will be carried out by us without undue delay.
  • The right to erasure or the ‘right to be forgotten’ (Art. 17 GDPR): You can in certain cases  request that we delete all personal data that we have stored on you. Please be aware that requesting deletion of data, unlike unsubscribing or opting out of specific marketing programs, is total and irreversible.
  • The right to restriction of processing (Art. 18 GDPR) and the right to object (Art. 21): In some cases, where we may be required legally to maintain your personal data, you can request that it not be used or processed. We may, however, use such restricted data for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest. You can object to the use of personal data that is processed based on legitimate interest, and we shall no longer process the personal data unless we can show that there are compelling legitimate interest grounds for the processing to override the objection and you can also object to the processing of personal data for direct marketing purposes and the personal data will no longer be processed for such purposes.
  • The right to request information of third party recipients (Art. 19 GDPR): If you have exercised your right to correct, erase or restrict the processing of your personal data, we must inform all recipients to whom your personal data have been disclosed of this correction, erasure or restriction of processing of the personal data, unless this proves impossible or involves a disproportionate effort.
  • The right to withdraw consent (Art. 7  (3) GDPR): Where we process your personal data based upon your consent, you can withdraw that consent at any time. You can withdraw your consent either by sending an email to PrivacyOfficer@meissner.com or our EU data privacy representatives at the addresses given above, or visiting our Contact Preference Center at www.meissner.com/contact-preference-center.
  • The right not to be subject to a decision based solely on automated process, including profiling (Art. 22 GDPR): You have the right not to be subject to a decision based exclusively on automated processing – including profiling – that has legal effect against you or significantly impairs you in a similar manner Meissner does not use automated decision making when processing personal data on our website.
  • The right to lodge a complaint with a supervisory authority (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you feel that the processing of your Personal data interferes with your rights under the GDPR.

To exercise any of the rights highlighted above or to ask questions about your rights  under the GDPR, please email our Privacy Officer at Privacyofficer@meissner.com or our EU data privacy representatives at the addresses above.

4. What data does Meissner collect from you, and how is it collected?

We collect and process personal data that we receive from you when you engage with Meissner as part of our business relationship. This data can be collected from you at the start of our relationship, when you enter it on our website Contact Form, or call us in anticipation of receiving an answer(s) or product or service information, or when you opt-in to our email/marketing programs. It can also be collected from you as our business relationship progresses, when you request a quote for or place an order for Meissner products or services. We may also collect data from your personal contact with Meissner employees. The Personal Data we collect includes:

  • Your contact information. This includes your name, business address, business phone number, business email, job title/function, and any company information, including industry classification, so that we can contact you to answer your questions and provide you with the information that you seek to further our business relationship.
  • Registration information. If you are registering to use our customer portal, we will collect information such as name, email and password.
  • Account documentation. This includes notes from meetings with your company and Meissner, including visits, tours, and any test/comparative analysis performed during those interactions or off-site in our laboratories, regardless of whether the meetings are in person or by some other venue (e.g. phone/computer).
  • Correspondence. This includes all formats: email, phone, memos, notes, mail, and faxes.
  • Marketing and sales data. We make note of the products and services that you have an interest in and the products and services that you are currently using.
  • Information we collect through automatic data collection technology – when visitors browse our website, we may use automatic data collection technologies (e.g. Google Analytics, Click Dimensions) to collect information about your device and browsing actions. Please see our Cookies Policy at https://www.meissner.com/cookie-declaration for details of this.
  • Data necessary for initiating and continuing our business relationships.
  • Order information that is required to complete a business transaction.
  • Employment and background information for those interested in seeking employment with Meissner.

Analytics

5. What do we process your Personal Data for (“purpose of processing”) and what is the legal basis for processing your Personal Data?

Purpose of Processing

Website and Cookies: We use cookies on our website, including essential, analytical and marketing cookies. For more information, view our Cookie Policy – https://www.meissner.com/cookie-declaration. The legal basis for using essential cookies is to is the protection of our legitimate interests in ensuring network and information security and the sound functioning of our website. For all other cookies, your consent is required.

Correspondence: Your personal data is provided, stored and used exclusively for the purpose of replying to your correspondence, and/or information you have specifically requested, regardless of the format (e.g. email, mail, fax, phone). The legal basis for processing personal data is based on your consent to respond to your specific request, or as necessary to perform our contract with you.

Administrative and business purposes: We use your personal data to contact you to process orders, invoices, and payments, and to fulfil our business obligations to you. The legal basis for processing personal data is to perform a contract or to carry out preparatory actions for such contract with you.

Marketing and sales: With your consent, we use your personal data to promote our goods and services, and to further our business relationship. The legal basis for processing personal data is based on your consent. Meissner has established a Contact Preference Center so that your consent is clearly defined and can be adjusted to include the programs and Marketing communications that you would like to opt-in and/or opt-out of over the course of your relationship with Meissner. For example, you have the opportunity to opt into Meissner product updates, industry events and newsletters. You have the right to opt-out of this type of processing at any time.

Legal Obligations: We may also process your personal data as required by law or other regulations and this is based on our compliance with legal obligations.

6. Who receives my Personal Data and will it be shared with third parties?

Meissner does not sell or rent any information or Personal Data. Your personal data may be accessed by Meissner, and data processors acting under our explicit instruction and supervision with whom we have contracts which bind them to secure all data processed on our behalf. These data processors are fully vetted for their compliance with the GDPR, which is part of our compliance assessment and they are bound contractually by Meissner per the requirements of the GDPR. These data processors include companies that provide services for marketing, IT, and shipping/delivery. Data processing may be necessary for the purposes of customer service, order processing, accounting, sales, marketing and delivery of goods. We ensure data protection through secured servers and up-to-date encryption technologies.

Meissner utilises Standard Contractual Clauses approved by the European Commission to meet the adequacy and security requirements for those of you who operate in the European Union and other international transfers of Personal Data.

Meissner complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Meissner has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Meissner has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

We do not forward your Personal Data to third parties without your prior consent or a legal basis to do so.

7. How long will my data be stored?

We only process your personal data for the length of our business relationship. Our objective is to ensure timely answering of your question(s), regardless of the method used to submit the question (email, phone, fax, or our website contact form). Additionally, we may store some of this history where it makes sense to further our relationship (legitimate interest), or as required prior to entering or fulfilling a contract with Meissner. We may store your personal data for an extended period, if and to the extent permitted by EU or EU member state or other applicable legislation, that we are governed by, and where the legislation contains appropriate measures to safeguard your rights and freedoms and Meissner’s legitimate interests.

8. How do we protect your information/Personal Data?

Data security and protection is of utmost importance at Meissner. We practice “Privacy by Design,” meaning that we will include data protection at the onset of designing system that handles and processes this type of information, rather than include it as an afterthought or addition.

Additionally, only employees who need the information to perform a specific job or authorized data processors acting on our behalf (for example, to answer your direct question, to invoice for a product or service, or to provide customer service) or other third parties who were expressly approved by you to receive Personal Data, are granted access to your Personal Data or your Personally Identifiable Information.

We employ contemporary safeguards to protect personal data against loss, unauthorized access, use, disclosure, or modification, and to ensure the integrity of the personal data. The computers and servers that store Personal Data and Personally Identifiable Information are kept in a secure environment.

9. Social Media

On our website we utilize Social Media Plug-ins of the social networks Twitter, LinkedIn, and Facebook to publicize our company. The underlying legal basis for this is  legitimate interest within the meaning of article 6 (1) f  t of the GDPR. Responsibility for the operations of the Social Plug – in compliance with data protection requirements – is to be guaranteed by the respective providers.

Twitter
Our website includes plugins from short message network Twitter Inc. (1355 Market Street, Suite 900, San Francisco, CA 94103, USA; hereinafter referred to as “Twitter”).
You can recognize the Twitter plugins (tweet button) by the Twitter logo on our website. An overview of tweet buttons can be found here: https://publish.twitter.com/#. When you visit a page of our website that contains this type of plugin, a direct connection is established between your browser and the Twitter server. Twitter receives the information that you have visited our website with your IP address. If you click on the Twitter “tweet button” while logged in to your Twitter account, you can link the contents of our pages to your Twitter profile. This allows Twitter to associate your visit to our website with your user account. Please note that we, as the provider of the website are not aware of the content of the transmitted data and its use by Twitter. If you do not want Twitter to be able to associate your visit to our website, please log out of your Twitter account before visiting our website. More information can be found in the privacy policy of Twitter (https://twitter.com/privacy).

LinkedIn
Our website includes plugins from the social network LinkedIn / LinkedIn Corporation (2029 Stierlin Court, Mountain View, CA 94043, USA; hereinafter referred to as “LinkedIn”).
Please note that when you visit our website, the plugin establishes a connection between your browser and the LinkedIn server. LinkedIn is informed that our website has been visited with your IP address. If you click on the “Recommend-Button” of LinkedIn while logged into your account at LinkedIn, you have the option of linking content from our website to your LinkedIn profile page. Doing so allows LinkedIn to associate your visit to our website with you or your user account. We are not made aware of the content of the transmitted data and its use by LinkedIn. For details on the data collected and your legal options, as well as setting options, please visit LinkedIn. These can be found in the privacy policy (https://www.linkedin.com/legal/privacy-policy) of LinkedIn.

Facebook
Our website includes plugins from the social network Facebook / Facebook, Inc. (1601 Willow Road, Menlo Park, CA 94025, USA; hereinafter referred to as “Facebook”). At the bottom of our website you can find a link to our Facebook page. With a click on this link, you will leave our website and a direct connection between your browser and the servers of Facebook will be established. Information on data collected and processed by Facebook Inc. when visiting our Facebook page can be obtained under https://www.facebook.com/privacy/explanation.

10. Privacy Policy Updates

Meissner will post any changes to our Privacy Policy to our website in order to keep you informed on how we collect, use, manage, disclose and protect information, and your associated rights. If we seek to process your Personal Data for a new purpose that is inconsistent with this privacy policy, we will notify you by email and seek your consent for those specific purposes.

This Privacy Policy was last updated on 08-OCT-2023.