Privacy policy

Privacy Policy - Data protection policy

lapp.fi

1. Information on the collection of personal data

1.1. This Privacy Policy provides information on the collection and processing of your personal data when using our websites at www.lappconnecto.fi, www.lappconnecto.com and/or at www.lappconnecto.lappgroup.com (“Websites”) and any of our services. Personal data is defined as any information that refers to you personally, e.g. name, address, email addresses, user behavior. Any terms not defined in this Privacy Policy shall be given the meaning allocated to them in our Terms of Service for the Websites (“Terms”) or applicable data protection laws including the EU General Data Protection Regulation (EU 2016/679, “GDPR”). If you do not want us to collect, store, use or share your personal data in the ways described in this Privacy Policy, you may not use the Websites or Services.

1.2. The controllers of the personal data pursuant to Art. 4 (7) GDPR are

Lapp Connecto Oy (Business ID FI07073464)
Varastokatu 10
05800 Hyvinkää
tel. 020 764 6420
order.fi.lav(at)lapp.com

Lapp Automaatio Oy (Business ID 11072931)
Äyritie 18
01510 Vantaa
tel. 020 764 6420
order.fi.lav(at)lapp.com

1.3. Sometimes we need to refer to commissioned service providers or wish to use your data for commercial purposes. Below we will inform you in detail:

what personal data we collect, how we collect it, and why;
how we use such personal data;
what third party service providers we use and to whom we share your personal data;
the choices you can make about how we collect, use, and share your personal data;
how we protect your personal data.

2. Your rights

2.1. With regard to our company and your personal data, you have the following rights:

The right of information
The right to correction or deletion
The right to restriction or processing
The right to object against processing
The right to data portability

2.2. In addition, in case you suspect a breach of data protection legislation in processing of your personal data and the matter is not solved amicably between you and us by negotiating, you may contact the competent supervisory authority to lodge a complaint.

2.3. The supervisory authority you may lodge a complaint with is the authority of the Member State of your habitual residence, place of work or place of alleged infringement. The competent authority in Finland is The Office of the Data Protection Ombudsman, Ratapihantie 9, 6. krs, 00520 Helsinki, tietosuoja.fi/en/home.

2.4. The extent of your rights referred to in the first paragraph of this Sec. 2 is described in more detail in Sec.6 of this Privacy Policy.

3. What Personal Data do we collect and for what purposes?

3.1. Automated Information Collection (Collection of personal data on visiting our Websites and use of cookies)

3.1.1. If you use our Websites for merely informational purposes i.e. you do not register on the Websites or send us other information, we collect only those personal data that your browser transmits to our server. When you visit our Websites, we collect the following data which are technically required for us to display our Websites to you and to guarantee stability and security (legal basis is art. 6 (1) p. 1 lit. f GDPR):

IP address
Date and time of inquiry
Time zone difference compared to Greenwich Mean Time (GMT)
Request content (defined page)
Access status/http status code
Respective data volume transmitted
Website making the request
Browser
Operating system and its interface
Language and browser software version

3.1.2. When using our Websites, in addition to collecting the above-mentioned data, cookies are stored on your computer. Cookies are small text files, which are stored on your hard drive after being allocated to the browser you use and by which the site placing the cookie (i.e. us) has certain information sent back to it. Cookies cannot execute any programs nor transfer any viruses onto your computer. Their purpose is to make your online presence overall more user-friendly and more effective.

3.1.3. Use of cookies:

3.1.3.1. Our Websites use the following types of cookies whose size and functionalities are explained as follows:

Transient cookies (refer to b)
Persistent cookies (refer to c).

3.1.3.2. Transient cookies are automatically deleted as you close the browser. This includes especially session cookies which store a so-called session ID. Various requests of your browser may be allocated to the joint session by way of session IDs. This facilitates recognition of your computer on your return to our Websites. Session cookies are deleted as you log out or close the browser.

3.1.3.3. Persistent cookies are automatically deleted after a specified time, subject to the cookie in use. You may delete any cookies at any time in the security settings of your browser.

3.1.3.4. Your browser settings may be configured as you wish and can, for example, refuse acceptance of third party cookies or any cookies. We should like to point out that if you disable cookies you may not be able to use all functions of our Websites.

3.1.3.5. We make use of cookies to be able to identify you on any follow-up visits, if you have an account with us. Alternatively, you will have to log on anew every time you browse our Websites.

3.1.3.5. Flash cookies in use are not captured by your browser but by your flash plug-In. In addition, we use HTML5 storage objects that are filed on your terminal. These objects without automatic expiry dates store the required data irrespective of your browser in use. If you are not interested in the processing of flash cookies, you must install a corresponding add-on, e.g. „Better Privacy“ for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe flash killer cookie for Google Chrome. You may prevent the use of HTML5 storage objects by introducing the private mode into your browser. In addition, we recommend regular manual deletion of your cookies and browsing history.

3.2. Further website functions and offers, purposes of data use

3.2.1. In addition to the purely informational use of our Websites, we offer various services you may use if interested. As a rule, this requires you to state further personal data, which are used by us to provide our respective services. The aforesaid principles of data processing shall apply to such personal data.

3.2.2. In addition to the data already mentioned above in this Sec. 3, we collect and store certain data, which our clients key into the Websites or transmit to us in other ways. Examples of such data are:

Company/organisation
VAT ID no.
tittle
position in organisation
first and last name of customer
department
address
email
telephone number
contact log

3.2.3. We use these data to communicate with customers about products, services and orders, to operate and develop Services; monitor and analyze Services and Website usage; understand you and your preferences to enhance your experience and enjoyment using our Service; provide and deliver Services you request; send you related information, including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages; send direct marketing; provide technical support and customer service; and conduct research and analytics.

3.2.4. We also use the data to enhance our Websites, e-shop and online presence, to prevent any abuse and fraud or to reveal them, or to enable third parties to execute any technical, logistic or other services on behalf of us. Data are also used to store shopping baskets or order templates, placing them at the customers’ disposal for any new use.

3.2.5. Only if customers have previously granted their consent or, as far as this is legally permissible, if no objection was raised, we also use these data for product related surveys and marketing purpose

3.3. Legal or contractual rules on the provision of personal data

The provision of personal data is partly prescribed by law, e.g. tax regulations, or may be the result of contractual arrangements (e.g. statements concerning a contractual party). When signing a contract it may sometimes be necessary for data subjects to place their personal data at our disposal which, at a later stage, need to be processed by us. For example, the data subject may be under obligation to make personal data available to us when we sign a contract with them. A consequence of non-provision of personal data would be that no contract might be signed with the data subject. Data subjects must contact a member of our staff prior to such person making personal data available. In every individual case, our employee will advise data subjects if the provision of personal data is legally or contractually prescribed or required for signing a contract.

He will also inform on possibly existing obligations to provide personal data and possible consequences of not providing personal data.

4 How we share your Personal Data with third parties?

4.1. Personal data may be disclosed to third parties if required under any applicable law or regulation or order by competent authorities, or in order to enforce the Terms and to investigate possible infringing use of our services.

4.2. We partly use external service providers (“Data Processors”) for the processing of your data. Those providers are carefully selected and commissioned by us. They are bound to our directions regarding the processing of the personal data and are regularly monitored.

4.3. We may, moreover, transmit your personal data to third parties for the purpose of sales actions, winning games, signing of contracts or similar services we offer jointly with our partners. These partners shall process your personal data as data controller in accordance with their own privacy policy.

4.3.1. Service providers: hosting and operation of the Websites, technical service providers

4.3.1.1. In the context of contract processing, the data is stored either on the servers of the Data Processors, Lapp Service GmbH and SETU GmbH, Königsturmstr. 28 73525 Schwäbisch Gmünd.

5. Do we transfer your Personal Data outside of the EU and the EEA?

5.1. We have partners, Data Processors and servers located in various countries around the world. Therefore we, our Data Processors or partners may transfer your personal data outside the country where you use Services, including to countries outside the EU and EEA that do not have laws providing specific protection for personal data or that have different legal rules on data protection.

5.2. We ensure that a legal basis for such a transfer exists and that adequate protection for the personal data is provided as required by applicable law. We use standard contractual clauses approved by the European Commission and require that the receiving party uses appropriate technical and organizational information security measures. We also cooperate with companies that have committed to Privacy Shield.

6. Your Rights: How to Access, Update and Manage Your Information?

6.1. General rights

6.1.1. You have a right to access, update and manage your own personal data under the applicable data protection laws. If you wish to exercise any of the rights defined below, please send an email request thereof to us via the contact details defined in Sec. 1.2. above.

6.1.2. We may ask you to provide further information in order to identify you. We will respond to your requests within 30 days.

6.1.3. If you want to review, delete, or change the personal data processed by our partner, please contact the relevant partner directly.

6.2. Right to Access Your Data

You are entitled to obtain confirmation on whether or not we process personal data about you. You may also have information on our means of processing as well as a copy of the personal data undergoing processing. We may charge a reasonable fee based on our administrative costs if you request further copies.

6.3. Right to Rectify Your Data

You shall have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. You may have your incomplete data completed if you provide us with additional information or statement.

6.4. Right to Erasure

If you no longer want us to actively process your personal data, you can have us delete your personal data if:

6.4.1. your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed defined in Sec. 3;

6.4.2. ) if you withdraw your consent as defined in Sec.7.1.;

6.4.3. if you object to the processing and there are no overriding legitimate grounds for the processing;

6.4.4. the personal data have been unlawfully processed; or

6.4.5. the personal data have to be erased for compliance with a legal obligation in applicable law.

6.4. Right to Restriction of Processing

You have the right to obtain from us restriction of processing where one of the following applies:

6.4.1. the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data;

6.4.2. the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;

6.4.3. we no longer need the personal data for the purposes of the processing, but it is required that we store your data for the establishment, exercise or defence of legal claims; or

6.4.4. you have objected to processing pursuant to Sec. 6.6. below and we have verified whether our legitimate grounds override your rights and freedoms.

6.5. Right to Data Portability

You have the right to receive the personal data concerning you which you have provided to us (for example by making a purchase or submitting your email address for direct marketing purposes) in a structured, commonly used and machine-readable format. You have the right to have the data transmitted to another controller if:

6.5.1. the processing is based on consent or on a contract; and

6.5.2. the processing is carried out by automated means.

6.6. Right to Object Processing

6.6.1. You have the right to object at any time processing of your personal data on grounds relating to your particular situation, when the processing is is based on legitimate interest defined in Sec. 7.4., including profiling.

6.6.2. We shall no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms.

6.6.3. On objecting, we request a statement of reasons as to why we may not process your personal data as usual. In the event of your justified objection, we shall look into the matter and will either terminate or adjust data processing, or explain to you our compelling and legitimate grounds as to why processing will be continued.

6.6.4. You have always right to object direct marketing and processing of personal data for such purposes. You do not have to state reasons for such objection.

7. What is the legal basis for the processing?

7.1. Art. 6 (I) lit. a GDPR is our legal basis for processing procedures that require us to obtain consent for specific processing purposes, especially registrations with newsletters.

7.2. In the event that processing of personal data is required for contract compliance involving the data subject as the contractual partner, the processing of data is based on art. 6 (I) lit. b GDPR. As an example, this is the case with processing procedures that are necessary for the delivery of goods or the performance of our service or return service. The same legal basis also covers processing procedures needed to carry out pre-contractual measures, e.g. upon queries concerning our products or services.

7.3. If our company is subject to a legal obligation requiring the processing of personal data, e.g. compliance with tax-related duties, processing shall be based on art. 6 (I) lit. c GDPR.

7.4. Processing procedures may ultimately be based on art. 6 (I) lit. f GDPR. Processing procedures not captured by any of the legal principles stated in Sec.7 rest on this legal basis, if the processing is required to protect a legitimate interest of our company or of a third party, providing the interest, fundamental rights and freedoms of data subjects do not prevail. A legitimate interest is assumed, if the data subject is our customer. We may for example develop, monitor and analyze services as well as send communication and marketing for you based on our legitimate interest. If the processing of any personal data takes place on the basis of art. 6 (1) lit. f GDPR, our legitimate interest will be the performance of our business activity.

7.5 You may reach us using the contact information defined in Sec.1.2 if you consider that your interests or fundamental rights and freedoms override our legitimate interest and require protection of your personal data.

8. Contact form and e-mail contact

8.1. There are contact forms on our Websites, which can be used for electronic contact. If a user takes advantage of this possibility, the data entered in the input mask will be transmitted to us and stored. This data is: Title, first name, last name, company, department, customer number, address (street, house number, postcode, city, country), e-mail address, telephone, subject and message.

8.2. At the time the message is sent, the user's IP address and the date and time of transmission are also stored.

8.3. Alternatively, you can contact us via the e-mail address provided. In this case, the user's personal data transmitted by e-mail will be stored.

8.4. In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.

8.5. The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by e-mail, this is the case when the respective conversation with the user is finished. The conversation is terminated when it can be inferred from the circumstances that the facts in question have been finally clarified.

8.6. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

9. Newsletter

9.1. If customers wish to receive the newsletter as offered on the Websites, we require their email address and information to the effect that examination is agreed to that respective email address owners approve receipt of the newsletter (Double Opt-In procedure).

9.2. Upon your newsletter registration we also store your computer system’s IP address as provided by the internet service provider (ISP) of the data subject at the time of registering together with date and time.

9.3. Personal data collected within the scope of newsletter registration are used exclusively for the dispatch of our newsletter. Newsletter subscribers may be informed via email how this is operated in case of changes in the newsletter offer or concerning technical matters, if this should be necessary for newsletter registration or running the newsletter service.

9.4. Data subjects may cancel their newsletter subscription at any time. As far as the newsletter dispatch is concerned the persons may equally, at any time, revoke their consent to the storage of any personal data by using the pertinent link in the newsletter. In addition, subscribers have the option to inform us through other means of communication.

10. Customer Portal

10.1. We store the information you enter into the text fields during registration. Such information includes: first name, last name, company, company ID, customer number, address (street address, postal code, city, country), email address, telephone number.

10.2. You can cancel your Customer Portal at any time by notifying our customer service. You can also withdraw your consent to the storage of your personal data at any time by notifying our customer service.

11. Website optimization

11.1. Econda

To design our website tailored to needs and for the optimisation of this website, solutions and technologies of Econda GmbH, Zimmerstr. 6, 76137 Karlsruhe, Germany, collect and store pseudonymised data and use this data to create usage profiles from pseudonyms created.

Econda anonymises the data when it is recorded by truncating the IP address, meaning that it is not possible to assign it to a specific user when used according to its intended purpose. The anonymised data remains on the Econda servers and can only be accessed there by us. This aggregated data enables us to analyse visitor flows and click paths, for example, without being able to assign them to a specific user. The servers are exclusively located in Germany.

For this purpose, cookies can be used, cf. Chapter 5, which enable the recognition of a browser. However, user profiles are not compiled with data of the person behind the pseudonym without the express permission of the visitor. IP addresses in particular are made unrecognisable immediately after the user has accessed the website, making it impossible to assign user profiles to IP addresses. Visitors to this website can object to the recording and storage of this data for the future at any time, here.

The data is stored for a period of ten (10) years.

11.2. Google Tag Manager

We use Google Tag Manager on our website. Google Tag Manager is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Google).

With Google Tag Manager, we can integrate various codes and services on our website in an orderly and simplified manner. Google Tag Manager implements the tags or 'triggers' the integrated tags. When a tag is triggered, Google may collect information (including personal data) and process it. It cannot be ruled out that Google will also transmit the information to a server in a third country.

In particular, the following personal data is processed by Google Tag Manager:

online identifiers (including cookie identifiers);
IP address.

The legal basis for using Google Tag Manager is Art. 6 (1) (a) GDPR, provided you have consented to its use via the cookie consent tool or the cookie settings.

You can find more detailed information about Google Tag Manager on the websites https://www.google.de/tagmanager/use-policy.htmland under https://www.google.com/intl/de/policies/privacy/index.html the section 'Data that we receive as a result of your use of our services'.

Furthermore, we have concluded an order processing contract with Google for the use of Google Tag Manager pursuant to Art. 28 GDPR. Google processes the data on our behalf in order to trigger the stored tags and to display the services on our website. Google may transmit this information to third parties if this is legally required or if third parties process this data on behalf of Google.

By integrating Google Tag Manager, we are pursuing the purpose of being able to integrate various services in a simplified and clear manner. In addition, the integration of Google Tag Manager optimises the loading times of the various services.

11.3. Google Ads

We have integrated Google Ads on our website. The operator of the Google Ads services is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Google).

This means that we turn on Google Ads advertisements and use Google Remarketing and Conversion Tracking as part of this. The advertisements are displayed after making a search on websites in the Google advertising network. We also use Ads Remarketing Lists for search ads. We use these services to tailor search ad campaigns to users who have already visited our website. These services allow us to combine our advertisements with certain search terms and to display advertisements to previous visitors, which, for example, advertise services that visitors have viewed on our website. This allows us to display interest-based advertising to users of our website on other websites that are part of the Google Search and Display network (as "Google Ads" in a Google Search or on other Google partner websites).

Data shall only be collected and stored after express consent has been given pursuant to Article 6 (1) lit. a of the GDPR, provided that you have consented to its use via the cookie consent tool or the cookie settings.

An analysis of online user behaviour is necessary for receiving offers based on your interests. Google uses cookies to carry out this analysis. Clicking on an advertisement or visiting our website enables Google to set a cookie on the user's computer. The duration of these cookies is 90 days. The information collected with each cookie is used to target the visitor in a subsequent search request. Further information on the cookie technology used can also be found in Google's notes on website statistics and in the data protection regulations. We use this technology together with Google to receive information about the fact that a user has clicked on an advertisement and has been redirected to our websites. The information gathered in this way is used exclusively for statistical analysis in order to optimise advertisements. None of the information received can be used to personally identify visitors. Your IP address is transmitted to Google in an anonymised form. The statistics that Google provides to us include the total number of users who clicked on one of our advertisements and, if applicable, whether they were redirected to a page on our website by a conversion tag. These statistics give us insights into which search terms were used most often to click on our advertisement and which advertisements lead to the user establishing contact with us through the contact form.

You can find additional information on data protection in Google Ads at: https://policies.google.com/technologies/ads/

If you do not wish your visit to be included in the user statistics, you can prevent this by blocking the cookie required for these technologies, e.g. via the settings in your browser. You can also use the Advertising Settings to select the types of Google Ads you see or to deactivate interest-based ads on Google.

However, both ourselves and Google continue to receive statistical information on how many users visited this page and when they did so. If you do not wish to be included in these statistics, you can stop this from occurring with the help of additional programs for your browser.

11.4. Microsoft Advertising

We use the Microsoft Advertising service on our website from the provider Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland (Microsoft).

This means that our advertisements are displayed using Microsoft Advertising. The advertisements are displayed after making a search on websites and services which use the Microsoft Search Network such as Bing. We also use retargeting and conversion tracking. We use these services to tailor search ad campaigns to users who have already visited our website. These services allow us to combine our advertisements with certain search terms and to display advertisements to previous visitors, which, for example, advertise services that visitors have viewed on our website. This enables us to display interest-based advertising to users of our website on other websites within the Microsoft Search Network.

An analysis of online user behaviour is necessary for receiving offers based on your interests. Microsoft uses Universal Event Tracking to carry out this analysis. This is why cookies are set. Clicking on an advertisement or visiting our website enables Microsoft to set a cookie on the user's computer. The duration of these cookies is 13 months. The information collected with each cookie is used to target the visitor in a subsequent search request. None of the information received can be used to personally identify any individual visitor. Further information on the cookie technology used can also be found in Microsoft's notes on website statistics and in the data protection regulations. We use this technology together with Microsoft to receive information about the fact that a user has clicked on an advertisement and has been redirected to our websites. The information gathered in this way is used exclusively for statistical analysis in order to optimise advertisements. The statistics that Microsoft provides us with include the total number of users who clicked on one of our advertisements and, if applicable, whether they were redirected to a page on our website by a conversion tag. These statistics give us insights into which search terms were used most often to click on our advertisement and which advertisements lead to the user establishing contact with us through the contact form.

You can find additional information on data protection in Microsoft Advertising at: https://privacy.microsoft.com/privacystatement/

11.5. LinkedIn Marketing Solutions

On our website, we use LinkedIn Marketing Solutions, a service provided by the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (LinkedIn).

This makes it possible to refer visitors to our website which hosts our own additional content that is likely to correspond to the particular user's interest, based on their usage behaviour on the LinkedIn social network. This content is displayed depending on a cookie-based analysis of previous usage behaviour and no personal data is stored.

In order to identify interest-oriented content, cookies, i.e. small text files, are stored on your computer or mobile device in order to record pseudonymised data about your surfing behaviour and then individually adapt the content to the stored information.

If the information collected and analysed is personally relevant, the data will be processed in accordance with Article 6 (1) lit. f of the GDPR on the basis of our legitimate interests in displaying personalised page content and in market research. If you have given us consent via the cookie consent tool or the cookie settings, then we have thereby obtained your consent in accordance with Article 6 (1) lit. a of the GDPR.

The information can be assigned to the user's identity using additional information that LinkedIn has stored about the user, e.g. due to the ownership of an account on the social network LinkedIn. LinkedIn uses an algorithm to analyse surfing behaviour and can then display targeted product recommendations in the form of personalised advertising banners on the user's LinkedIn account. LinkedIn can also combine the information collected via the cookies with other information collected by LinkedIn via other websites and/or in connection with the use of the social network "LinkedIn", thus creating pseudonymised user profiles. However, under no circumstances can the information collected be used to personally identify visitors to this website.

You can find further information on data protection concerning LinkedIn Marketing Solutions at: https://www.linkedin.com/legal/privacy-policy/

You can prevent LinkedIn from collecting the above-mentioned information by setting an opt-out cookie on one of the websites linked below: https://www.linkedin.com/psettings/guest-controls/

11.6. Visitor Intelligence

We use the Visitor Intelligence service of Dun & Bradstreet Deutschland GmbH, Brüsseler Straße 1–3, 60327 Frankfurt am Main (D&B) on our website.

Visitor Intelligence helps us analyse visitor behaviour on our website so we can identify potential business visitors and optimise our marketing and sales measures. This analysis is carried out on the basis of the collected IP addresses, which can be assigned to an organisation by D&B. Processing is carried out exclusively at company level – no personal identification of individual users takes place.

Cookies may be used for this purpose (see Sec 16), which enable the browser to be recognised. The legal basis for processing this data is your consent pursuant to Art. 6(1)(a) of the GDPR, provided that you have agreed to its use via the cookie consent tool or the cookie settings. Furthermore, processing is carried out on the basis of Art. 6(1)(f) of the GDPR, as we have a legitimate interest in optimising our offer for business customers and in making our marketing and sales measures more efficient.

D&B anonymises or pseudonymises the IP addresses during processing so that they cannot be traced back to a natural person. The data is used exclusively for the aggregated evaluation of company visits. No personal user profiles are created or stored.

It cannot be ruled out that data may be transferred to countries outside the European Union, in particular to the USA. Dun & Bradstreet is committed to maintaining an adequate level of data protection, including by concluding EU standard contractual clauses in accordance with Art. 46 of the GDPR.

Further information on data processing by Dun & Bradstreet can be found at: www.dnb.com/

12. How long do we store personal data?

12.1. We will not retain your personal data for longer than is necessary for the defined purpose of the processing of personal data or for legal requirements. Unless stated to the contrary, the criterion decisive for our stipulating of storage periods is the respective statutory safekeeping period. Data are deleted after such period has expired, provided they are no longer needed for contract performance or contract initiation.

12.2. If you have given your consent to electronic marketing we will process your personal data and send you marketing until you withdraw your consent.

13. Automated decision-making

There will be no automated decision-making or profiling.

14. Security of your information

14.1. We implement technical and organizational security measures to help protect the security of your personal data both online and offline. We take steps to ensure that your personal data is treated securely and in accordance with this Privacy Policy and applicable laws. These measures vary based upon the sensitivity of your data.

14.2. Please note that in light of the current state of technology, no full data protection can yet be guaranteed in data transmissions via internet. We will take every possible care that any data sent over the internet to us by our clients is safe. However, data subjects are also at liberty to transmit their data to us via alternative options considered more data secure, e.g. per telephone.