Privacy Policy

Preliminary remark

ARGE (Arbeitsgemeinschaft der Verbände der Europäischen Schloss- und Beschlagindustrie) regards data protection as important and always strives to maintain the confidentiality of all personal data at its disposal. We respect and value the privacy of all our employees, members’ representatives, workgroup members and other associated persons and will collect and use their personal information only in the manner described below, which is legally consistent with our obligations under the General Data Protection Regulation (EU Regulation 2016/679, GDPR) and the rights of the individuals concerned.

1. responsible person

ARGE is an unregistered professional trade association and as such responsible for the processing of personal data of its members. ARGE is listed at the Finanzamt Velbert with its home address:

ARGE
Offerstraße 12
52559 Velbert, Germany.

The data protection officer is Joachim Kieker, Secretary General of ARGE with the same postal address as shown above and with the email address j.kieker@arge.org. The corresponding telephone number is +49 (2051) 950636.

2. What does this privacy policy cover?

This privacy statement explains in detail how we handle personal data. This policy covers

- the context of data collection,
- data storage and
- data processing.

The declaration also describes the rights of the persons concerned within the framework of the Data Protection Act.

3. What is personal data?

Personal data is defined in the General Data Protection Regulation (GDPR) as "any information about an identifiable person that can be identified directly or indirectly by reference to a data set, whether analogous or digital". Personal data is any information that enables identification. This includes names and contact details, but also less obvious information such as identification numbers, electronic location data and other online identifiers.

The personal data used by ARGE is listed in section 5 of this statement (see below). We understand that privacy is important and that our members and business partners have a right to information about the use of their personal information. We respect and value the privacy of all our employees, members, workgroup members and consultants. We will only collect and use personal information in the manner described herein if it is ensured that all our obligations and the rights of the individuals concerned as provided by law are complied with.

4. What rights do you have to your personal data?

Under the GDPR, you have the following rights, which we will always work to uphold:

a) The right to be informed about our collection and use of your personal data. This Privacy Notice should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details in Part 11.

b) The right to access the personal data we hold about you. Part 10 will tell you how to do this.

c) The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 11 to find out more.

d) The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we have. Please contact us using the details in Part 11 to find out more.

e) The right to restrict (i.e. prevent) the processing of your personal data.

f) The right to object to us using your personal data for a particular purpose or purposes.

g) The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.

h) Rights relating to automated decision-making and profiling. We do not use your personal data in this way.

For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 11. Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau. If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

5 What personal data can we collect from you?

Depending on the nature of our business relationship, we may collect some or all of the following personal information:

- Name;
- Address;
- E-mail address;
- Telephone number;
- Company name;
- Job title;
- Information about your preferences and interests;
- Membership of a particular workgroup;

6. How do we use your personal data?

According to the GDPR we must always have a legal basis for the use of personal data. This can lie in the fact that the data is necessary for the fulfilment of a contract with you or on basis of a cooperation with you. The basis can also be given if you have expressly agreed to the use of your personal data or because it is in our legitimate business interest to use them. Your personal data will be used by ARGE for the following purposes:

  • Provision and management of your membership, which may include contractual arrangements or mutual services
  • To communicate with you. This can include contact via e-mail, mail, social media or direct phone calls with you. This will be positive communications that will benefit members, informing members of developments which add value to their businesses

We may also use your personal information for marketing purposes with your consent and/or to the extent permitted by law. This includes contacting you by e-mail, telephone or SMS with information that may be relevant to you. You will not receive any unlawful marketing or spam mails. We will always take care to protect your rights comprehensively and to fulfil our obligations under the GDPR and the guidelines on data protection and electronic communications (EC Directive) 2003. You can unsubscribe from all notifications at any time.

7. How long do we keep your personal data?

We will not retain your personal information for longer than necessary for the original purpose. As a rule, your personal data will be kept for the following periods:

  • As long as you are a delegate of a member of ARGE, one of its working groups, recent or former Congress participant. We may retain your personal information for up to 7 years after the termination the membership of your association or company or the end of our business relationship. Due to our legal and/or accounting obligations, we may not be able to delete your information before that time;
  • The ARGE contact database is cleaned up after each use, at least once a year, to remove returns, cancellations, dead addresses, etc. We may retain your information for up to 7 years from the date of first use or longer if continued membership in the ARGE or any of its working groups, user statistics or other indicators demonstrate that you are still interested in our information.

8. Where and how do we store or transfer your personal information?

We will only store or transfer your personal data within the European Economic Area (the “EEA”). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your personal data will be fully protected under the GDPR or to equivalent standards by law. There is no foreseeable reason that would cause us to share or transfer your data to a third party based in the US. However, if we did this may be protected if they are part of the EU-US Privacy Shield. This requires that third party to provide data protection to standards similar levels of data protection to those in Europe. More information is available from the European Commission. Please contact us using the details below in Part 11 for further information about the data protection mechanism used by us when transferring your personal data to a third country.

The security of your personal data is essential to us, and to protect your data, we take several important measures, including the following:

  • Secure storage on local password protected and/or encrypted drives.
  • Secure storage in the cloud using industry standard service providers.
  • Secure transfer of data to third parties by password protected FTP connection or encrypted email.
  • Secure transfer of data to third parties by encrypted email.

9. Do we share your personal information?

ARGE may sometimes contract with the following third parties to supply products and/or services to you on our behalf. These may include payment processing, delivery, and marketing. In some cases, those third parties may require access to some or all of your personal data that we hold.

  • ARGE accountancy at MTB tax consulting and auditing company
    Friedrichstrasse 177, 42551 Velbert Germany
  • The ARGE Website host RheinSiteMedia GmbH,
    Theodor-Heuss-Ring 36, 50668 Cologne, Germany
  • The ARGE website provider Hullabaloo Visual Communications Limited
    21 The Office Village, North Road, Loughborough - Leicestershire, LE11 1QJ
  • The ARGE Marketing Agency Edson Evers,
    The Hollies 120 Newport Road, Stafford ST16 1ET, UK

If personal information is required from a third party as described above, we will take steps to ensure that your personal information is secure, protected and treated in accordance with your rights and our obligations and the third party's legal obligations as described in Section 8 above.

If personal information is transferred outside the EEA, we will take appropriate steps to ensure that your personal information is treated as securely as it is treated within Germany and under the GDPR. In certain circumstances, we may be required by law to disclose certain personal information when we are involved in legal proceedings or comply with legal obligations, a court order or the instructions of a government authority.

10. How can you get access to your personal information?

If you would like to know what personal information we have about you, you can ask us for details or request a copy. This request is referred to as a "subject access request".

All requests for subject access should be made in writing and sent to the e-mail or postal addresses listed in Section 11.  As a rule, an application for a subject access request is free of charge. If your request is "manifestly unfounded or excessive" (e.g. if you make repetitive requests), a fee may be charged to cover our administrative costs of responding. We will respond to your request within 21 days. Normally it should be possible to provide complete information within this period. This includes providing a copy of your complete record within this time.

11. How can you contact us?

To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details (for the attention of The Data Controller):

Postal address: ARGE, Offerstraße 12, 42551 Velbert, Germany
E-mail address: j.kieker@arge.org
Phone number: +49 (2051) 9506-36

12. changes to this privacy policy

This privacy policy may change from time to time. This may be necessary, for example, if a law changes or if we change our duties and services in a way that requires access to, or protection of, personal information. Changes will be announced either on our website www.arge.org or by a personal e-mail message.

No part of this publication may be reproduced in any form or by any means without the prior written permission of ARGE.