隐私政策

Manroland Sheetfed Printing Co., Ltd.

Update: 18/04/2023

1. Overview
1.1. The Company takes the security and privacy of your data very seriously. As part of our business, we collect and use information about you, or “data”, and to manage, develop and enhance our relationship with you. We intend to comply with our legal obligations under the Data Protection Act 2018 (“the 2018 Act”) and the EU General Data Protection Regulation (“GDPR”) in relation to data privacy and security. We are obliged to inform you of the information contained in this policy.
1.2. This general policy applies to all personal data we may hold.
1.3. The Company has taken steps to keep your data secure, as described in this policy.
1.4. The Company will retain data for the purposes for which it was collected, or until a subject access request for its deletion is received (see Section 7).
1.5. This policy explains how the Company will hold and process your information and explains your rights in relation to the data we hold.

2. Data Protection Principles
2.1. Personal data must be processed in accordance with the six “Data Protection Principles” It must:

Processed fairly, lawfully and transparently;
collected and processed only for specific, explicit and legitimate purposes;
adequate, relevant and limited to what is necessary for the purposes of the processing;
accurate and kept up to date. Any inaccurate data must be deleted or corrected immediately;
kept for no longer than is necessary for the purposes of the processing;
processed securely.

We are accountable to these principles and must be able to demonstrate that we adhere to them.

3. How we define personal data
3.1. ‘Personal data’ means information relating to a living person who can be identified from that data (a ‘data subject’) either alone or together with other information we may have.
3.2. This policy applies to all personal data whether stored electronically, on paper or in other material form.
3.3. If you visit our website, it is a standard procedure for our web servers to store your internet service provider details, the website you visit, details of your visit to our website and the date and duration of your visit.
3.4. The personal data we hold will come into our possession in the normal course of business.
3.5. The personal data we hold may include some or all of the following categories of information:

Name
Email address;
Company name;
Company address
Your gender;
Skype address;
Mobile number;
Job title;

3.6. Our employee data is more extensive but a separate policy applies.
3.7. We do not hold any information that would be considered special category data under the GDPR.
3.8. You may also be invited to access videos through our website. This facility is provided by You-Tube, for details of their policy please visit https://policies.google.com/privacy?hl=en

4. How we define processing
4.1. ‘Processing’ means any operation that is performed on personal data, such as:

collection, recording, organization, structuring or storage;
adaptation or alteration;
retrieval, consultation or use;
disclosure by transmission, dissemination or otherwise making available;
alignment or combination; and
restriction, destruction or erasure.

This includes processing of personal data forming part of a filing system and any automated processing.

5. How will we process your personal data?
5.1. The Company will process your personal data in accordance with our obligations under the 2018 Act.
5.2. We will protect your data by implementing technical and organizational security measures to prevent accidental or intentional manipulation, loss, damage or access by unauthorized persons. Our processing includes data encryption, pass wording and secure storage of backup media.
5.3. We may use personal data:

To fulfill contractual obligations (sales contracts including quotations); or
we believe we have a legitimate interest in keeping you informed of developments in our products or in evaluating the activities of your company or group of companies.
This is our legal obligation.

We will not use your personal data for any other unrelated purposes unless we inform you of the circumstances and the legal basis on which we process it.

6. Sharing your personal data
6.1. Sometimes we share your personal data with group companies or our contractors and agents in order to perform our obligations under our contract with you or to safeguard our legitimate interests.
6.2. We require these companies to keep your personal data confidential and to protect it in accordance with the law and our policies. They are only allowed to process your data for the lawful purpose for which it was shared and in accordance with our instructions.
6.3. We do not provide personal data to third parties except as provided in clauses 6.1 and 6.6 of this policy.
6.4. We do not send your personal data outside the European Economic Area. If this changes, you will be notified and the safeguards in place to keep your data secure will be explained. 6.5
. Our specific GDPR employee policy sets out some of the measures used to protect employee data.
6.6 Google reCAPTCHA
This service (e.g. for contact forms and newsletter registration) is used to identify and prevent the misuse of the services provided by machines. The “captchas” are generated and verified by the Langley Group on the application server. No data is transmitted to third parties during this process.

Processed Data:

IP address
Click path
Time spent on
site Site visitor behavior
Browser language
User input
Javascript objects
Browser plugins

The legal basis for the use of reCAPTCHA is Art. 1 para. 1 lit. GDPR.
The privacy policy of the data processor can be found here. https://policies.google.com/privacy?hl=en
Below you can find an overview of the cookies set by reCAPTCHA, including the storage period:
Name: _grepatcha
Provider: Google reCAPTCHA
Description: Used to provide spam protection
Expiration: Session cookie

6.7 Meta Pixel (formerly Facebook Pixel)
Our website uses a pixel from Facebook/Meta to measure conversions of visitor behavior. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. As the operator of this website, the data we collect is anonymous and we cannot draw any conclusions about the identity of the users. Facebook additionally processes the data for its own purposes in accordance with the Facebook data use policy. The use of this service is subject to your consent pursuant to Art. 1 lit. a DSGVO and § 25 para. 1 TTDSG. The consent may be revoked at any time. https://de-de.facebook.com/about/privacy/) https://www.facebook.com/legal/controller_addendum.

6.8. Where third party organisations have access to personal data, we ensure that they have adequate policies in place to protect the data in accordance with the requirements and principles of the GDPR.

7. Subject Access Requests
7.1. People who want to know what personal information we hold about them can make a Subject Access Request (SAR) in relation to their own personal data. The contact person is set out in clause 8.2 below. We must respond within one month, unless the requests are complex or numerous, in which case the period within which we must respond may be extended by a further two months.
7.2. There is usually no fee for making a Subject Access Request.

8. Your Data Subject Rights
8.1. You have the right to obtain information about what personal data we process, how we process it and on what basis, as set out in this Policy.
8.2. Matters arising under clause 7.1 and clauses 8.3 to 8.8 should be submitted in writing to privacy@manrolandsheetfed.com
8.3. You have the right to access your own personal data through a subject access request (see section 7 above).
8.4. You can ask us to correct any inaccuracies in your personal data.
8.5. You have the right to ask us to delete your personal data where we are not entitled to process it under the law.
8.6. Where you request rectification or erasure of your personal data, or contest the lawfulness of our processing, you may request restriction of its use at the time of your request.
8.7. You have the right to object to data processing where we rely on a legitimate interest and you believe your interests outweigh ours and you want us to stop.
8.8. If we process your personal data for direct marketing purposes, you have the right to object. You will be given the opportunity to unsubscribe from future direct email campaigns, but we may retain your personal data for legitimate business reasons where we deem it appropriate to do so.
8.9. You have the right to be notified of a data security breach involving your personal data.
8.10. You have the right to lodge a complaint with our Data Protection Officer (see 8.2) or our data security supervisory authority.

Full contact details, including helpline numbers, are available on the Information Commissioner’s Office website (www.ico.org/uk). This website provides further information about your rights and our obligations.

1. Facebook: https://www.facebook.com/about/privacy/update

2. Twitter: https://twitter.com/en/privacy#update

3. LinkedIn: https://www.linkedin.com/legal/privacy-policy

4. Youtube/Google: https://policies.google.com/privacy?hl=en

9. Newsletters/News/Promotions

We may use your email address to send you newsletters, promotional offers, and other updates related to our products and services, as well as those of our subsidiaries, based on your consent or our legitimate interest to keep you informed. If you prefer not to receive these communications, you can opt out at any time by clicking the ‘unsubscribe’ link in any email you receive from us or our subsidiaries. Your request will be processed promptly in accordance with applicable data protection laws, including the GDPR, and you will no longer receive such communications unless you re-subscribe