Data Protection Information

We are delighted that you are visiting our website and would like to thank you for your interest. We will take all steps as are reasonable in the circumstances to implement practices, procedures and systems relating to our functions or activities that will ensure that we comply with the Australian Privacy Principles (APP) and the EU General Data Protection Regulation (GDPR). In the following, we would like to inform you about the handling of your personal data when using our website. Personal data means all data which can be used to personally identify you and includes all personal information as defined in section 6 of the Privacy Act 1988 (Cth).

1. Information on the collection of personal data and contact details of the APP entity and controller

The APP entity as defined in sections 6 and 6C of the Privacy Act 1988 (Cth) and the controller responsible for data processing on this website as defined by the GDPR is

BLANCO Australia Pty Ltd
C/- Schweizer Kobras
Level 5, 23-25 O'Connell Street
SYDNEY, NSW 2000
Australia

Tel. 02 9356 4642
Email: customerservice.au@blanco.com
Website: www.blanco.com.au.

The controller is the natural person or legal entity who decides on the purposes and means of personal data processing, be it alone or in cooperation with others.

This website uses SSL or TLS encryption for security reasons and to protect the transfer of personal data and other confidential content (e.g. orders or inquiries to the controller). You can identify an encrypted connection by the character sequence "https://" and the lock symbol in your browser line.

2. Data collection when visiting our website

If you use our website for information purposes only, i.e. if you do not register or otherwise transfer information to us, we only collect data that your browser transmits to our server (known as "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

  • Our website visited
  • Date and time of access
  • Volume of data sent in bytes
  • Source/reference from which you accessed the site
  • Browser used
  • Operating system used
  • IP address used (in anonymised form, if applicable)

Collecting and processing is carried out in accordance with APP 3.2 and Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files at a later date if there are concrete indications of unlawful use.

3. Contact

Personal data is collected when contact is made with us (e.g. via contact form, e-mail or telephone). The data collected via a contact form can be seen in the respective contact form. This data will only be stored and used for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in answering your request in accordance with APP 3.2 and Art. 6(1)(f) GDPR. If you contact us with the intent to conclude a contract, an additional legal basis for the processing is APP 3.3 (a) (ii) and Art. 6(1)(b) GDPR. Your data will be deleted once your request has been processed. This is the case if circumstances indicate that the matter in question has been conclusively clarified and if no statutory retention obligations stand in the way.

3.1 ReCaptcha:

We use the Google ReCaptcha function of the provider Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland on our website in order to prevent misuse of the content we offer. This system helps us to identify whether the user is an actual person or an Internet bot. This helps us prevent the automatic use of our contact forms and the sending of spam messages to our presented e-mail account.

When the Google ReCaptcha function is used, cookies are set that can store different data, such as IP address, referrer URL, information about the operating system, mouse movements, keystrokes, dwell time or settings on the user's device. This information is saved and passed on to Google. It cannot be ruled out that the data will be transferred to a Google server in the USA and saved there. We have no influence on data transfer.

In accordance with APP 5.1 and 5.2 (i) and (j), we notify you that there is no adequacy decision or other suitable guarantees that ensure an adequate level of data protection for the USA. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you being entitled to legal remedies.

The legal basis for the processing of personal data at Google ReCaptcha is your voluntary consent pursuant to Art. 6(1)(1)(a) GDPR. At the same time, you also consent to your data being transmitted to the USA in accordance with APP 8.2 (b) and Art. 49 (1)(a) GDPR.

Your consent is voluntary and can be withdrawn at any time with effect for the future. To do so, change your cookie settings under “Privacy settings ” under the section Google ReCaptcha.

We process your personal data for as long as necessary to achieve its purpose. If you withdraw your consent by making changes to your settings under "Privacy settings ", we will delete your data, unless statutory retention obligations prevent us from doing so.

You can find further information on how Google handles the use of Google ReCaptcha in Google’s privacy policy, which you can view under the following link: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/about/

4. Data processing upon opening a customer account and during product registration

When you register for a personal customer account, we process the registration data shown on the respective input forms for setting up and managing your customer account and for processing future orders. As a registered customer, you have access to your personal customer account (using your e-mail address and the password you have chosen yourself), where you can view your order history and save and change your personal settings (e.g. password settings, newsletter settings, billing and delivery settings).

If you also register your purchased product, we will collect and use your data to document the benefits granted to you with the product registration (such as vouchers). We also reserve the right to make use of the data in the new and further development of our innovative products.

The legal basis for the processing is our legitimate interest in accordance with APP 3.2 and Art. 6(1)(f) GDPR, to render the "product registration" service described above or "customer account" to you or or to fulfil a licence agreement with you (APP 3.2/Art. 6(1)(b) GDPR).

You may raise an objection to the processing of your data on the basis of APP 3.2 and Article 6(1)(f) GDPR (in accordance with Art. 21(1) GDPR). In principle, we will then have the opportunity to present compelling reasons for the processing in order to continue doing so. However, we will not do this for a customer account and the following will apply: The customer account will then have to be deleted and will no longer be available to you.

This data will be deleted if the registration on our website is cancelled or amended or the customer account is terminated. If deletion is not possible for legal reasons, the respective data will be blocked instead. Please note that we may store the data about orders visible in your customer account for a longer period of time (see 5.).

5. Your orders

When you order goods via our online shop, the content-related data entered by you and generated about you will be processed (such as the information from your order, delivery and billing address, telephone number, e-mail address, payment methods, delivery terms, order information and, in the case of commercial customers, company names). In addition, we collect information on the time, volume and, if applicable, place of your order.

We process your order data for the purposes of fulfilling the order and delivering the ordered goods as well as for the customer service which the order requires.

The legal basis for the processing is the conclusion and fulfilment of the purchase contract for the ordered goods, APP 3.2 and Art. 6(1)(b) GDPR.

This data will be deleted if it is no longer required for the performance of the contract (including customer service and warranty), unless we are legally obliged to save it, e.g. due to retention obligations under commercial or tax law.

6. Signing up for newsletter and promotional e-mails when placing orders

You can subscribe to a free newsletter about our products on our website. The data collected when you sign up is processed (the data displayed as mandatory fields is absolutely necessary for receipt, data in voluntary fields is only used for enhanced personal contact and selection of the displayed information).

We will contact you via e-mail or post with information, offers and special benefits for BLANCO products tailored to you and your interests or use, either on the basis of your express consent or – if you purchase similar goods or services from us and enter your e-mail address – without separate consent.

You may object to the use of your personal data for the purposes of advertising and product development as well as the contact made for this purpose via a certain form at any time in whole or in part or, if necessary, revoke your consent given. Please use the relevant functions provided to you (e.g. the unsubscribe function in the newsletter e-mails or in the customer account) or send a message to that effect in written form (subject: data protection) or by e-mail to the contact details provided under Section 1.

The legal basis for the processing is your consent (APP 6.1 (a) and Art. 6(1)(a) GDPR) and our legitimate interests (APP 3.2/Art. 6(1)(f) GDPR).

After your objection or revocation of any consent you have given, we will delete this data after the end of its use at the latest, or it will only be stored in an aggregated, anonymised form. If necessary, we will store the fact that you have raised an objection so as to prevent you from being contacted further. See clause 9.2 for more information.

7. Data transfer to third parties for order processing

7.1 We work with the following service providers, who support us in full or in part in the performance of concluded contracts, in order to process your order and transport the goods:

logistics companies (usually GLS, Transoflex, DPD). The personal data we collect is passed on to the transport company commissioned with the delivery as part of the contract processing, if doing so is necessary to deliver the goods. For a transport in Germany, this includes the name, name of company (if applicable), as well as the postal address/parcel station and any associated address extensions. Additional information (e.g. e-mail address or telephone number) may be required in other countries of delivery due to the type of delivery or the circumstances there, so that the delivery agent can find or reach you.

In individual cases, we will transfer your data (name, address, telephone number) to our partner Filltech GmbH, Anton-Böhlen-Strasse 25, 34414 Warburg, Germany , which ships certain products directly to you on our behalf.

The legal basis for the transfer of data to our service providers is APP 3.2 and Art. 6(1)(b) GDPR.

7.2 Use of payment providers (payment services)

  • PayPal:

    We will pass on your payment data to the credit institution commissioned as part of payment processing, if doing so is necessary for payment processing. For payment via PayPal, credit card via PayPal, direct debit via PayPal or, if offered, "purchase on account" or "instalment payment" via PayPal, we pass your payment data on to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. The transfer is conducted in accordance with APP 3.2 and Art. 6(1)(b) GDPR and is only carried out if necessary for payment processing. For the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "payment by instalments" via PayPal, PayPal reserves the right to carry out a credit check. For this purpose, your payment data will, if necessary, be transferred to credit agencies in accordance with APP 3.2 and Art. 6(1)(f) GDPR on the basis of the legitimate interest of PayPal in determining your ability to pay. Paypal uses the result of the credit check for the purpose of deciding on the provision of the respective payment method with regard to the statistical probability of default on payment. The credit report may contain probability values (known as scores). If scores are included in the result of the credit report, they are based on a scientifically recognised actuarial procedure. The calculation of the score values includes, but is not limited to, address data. Further data protection information, including information on the credit agencies used, can be found in the PayPal privacy policy. You may object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still remain entitled to process your personal data, if doing so is necessary for contractual payment processing.
8. Registration in the dealer portal

You have the option of registering on our website in the dealer portal. To do so, register using your customer number and postal code. In this dealer portal, you have the option of storing and updating your data and making purchases. You can also see an overview of your orders and deliveries or make changes to the consents you have granted here.

The legal basis for the processing is our legitimate interest in accordance with APP 3.2 and Art. 6(1)(f) GDPR, to be able to provide you with the service described above for registration in the dealer portal and creation of a dealer account or the performance of a licence agreement with you (APP 3.2/Art. 6(1)(b) GDPR). Our legitimate interest is to provide you with a dealer account at your request in which you have an overview of your data, settings and orders. However, registration in the dealer portal is voluntary, as you can also place orders without registering in the dealer portal.

You may raise an objection to the processing of your data on the basis of Article 6(1)(f) GDPR (in accordance with Art. 21(1) GDPR). In principle, we will then have the opportunity to present compelling reasons for the processing in order to continue doing so. However, we will not do this for a customer account and the following will apply: The customer account will then have to be deleted and will no longer be available to you.

We only store your personal data and other information entered in the dealer portal for as long as you maintain the dealer portal. You have the option of cancelling and deleting it in the dealer portal. We will then delete your access to the dealer portal. If deletion is not possible for legal reasons, the respective data will be blocked instead. Please note that we may store the data about orders visible in your dealer account for longer (see 5.).

We would like to point out that certain information in the dealer portal may be subject to statutory retention periods, requiring us to retain such information for longer due to legal commercial or tax laws. This information is then only used for the purpose of legal verification and is generally deleted after 10 years.

9. Cookies

In order to make the visit to our website attractive and to enable the use of certain functions, we use what are known as “cookies” on various website pages. These are small text files that are stored on your end device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (known as “session cookies”). Other cookies remain on your end device and allow your browser to be recognised on your next visit (known as “persistent cookies”). If cookies are set, they collect and process certain user information, such as browser and location data and IP address values, within an individual scope. Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie.

We use different categories of cookies on this website: Technically necessary cookies, without which the functionality of our website would be restricted, and also optional analysis, functional and marketing cookies, which usually come from third-party providers:

9.1 Technically necessary cookies ("essential cookies")

These cookies are essential to enable you to navigate our websites and use their features. They save such information as which products you have placed in your shopping cart, the progress of your order process, or whether or not you agree to the use of cookies and your selection in the cookie settings. These cookies are usually session-specific and expire after your visit to the website (session), unless the respective functionality requires storage beyond this (e.g. saving the cookie setting). Disabling this category of cookies would restrict all or part of the functionality of the website. The legal basis for the use of the essential cookies and the processing of your data by these cookies is our legitimate interest in showing you the functions of our website and making it available for use, Art. 6(1)(f) GDPR.

9.2 Analytics cookies

Analytics cookies collect information about how visitors use a website as a whole, for example which pages they visit most often and whether they receive error messages from websites. All information collected with the help of these cookies serves exclusively to understand and improve the functionality and service of the website.

The legal basis for the use of analytics cookies and the processing of your data by the providers of these cookies is your prior consent (APP 6.1 (a) and Art. 6(1)(a) GDPR). You can revoke your consent at any time in the Privacy settings , which you can access using the link at the bottom of the website.

9.3 Functional cookies

We use functional cookies to improve and simplify the use and performance of our website.

The legal basis for the use of the functional cookies and the processing of your data by the providers of these cookies is your prior consent (APP 6.1 (a) and Art. 6(1)(a) GDPR). You can revoke your consent at any time in the Privacy settings , which you can access using the link at the bottom of the website.

9.4 Marketing cookies

Marketing cookies are used to better tailor advertising to you and your interests. They also limit how often you see the same advertisement, measure the effectiveness of an advertising campaign, and understand people’s behaviour after viewing an advertisement. These cookies are usually placed on the website by advertising networks with the consent of the website operator (in this case, us). They recognise that a user has visited a website and pass on this information to other companies, e.g. companies that advertise, or adapt advertising accordingly. They are often linked to a website functionality provided by this company. This way, we intend to tailor the advertising on other websites to you and provide the advertising networks we use with information about your visit so that you can later be presented with exactly the advertising that you are potentially interested in based on your browsing behaviour.

The legal basis for the use of marketing cookies and the processing of your data by the providers of these cookies is your prior consent (APP 6.1 (a) and Art. 6(1)(a) GDPR). You can revoke your consent at any time in the Privacy settings , which you can access using the link at the bottom of the website.

9.5 List of analytics, functional and marketing cookies

You can access the list of cookies we use and the providers who receive personal data from you using the cookies in the cookie platform that you can reach with the "Privacy settings" link at the bottom of the page. There you will find further information on the individual providers and cookies.

If you would like to receive further information about these cookies from us instead, please contact us using the contact details described in Section 1.

9.6 How can I declare or revoke my consent to cookies?

If you visit our website for the first time, the information on data protection will be displayed on your landing page with the consent text in optional cookies. By clicking on the individual categories (analytics, functional and marketing cookies) and then confirming by clicking on "Accept", you agree to these cookies being placed. You can adjust and change these settings at any time in the cookie settings, which you can access using the "Privacy settings " link at the bottom of the website.

10. Rights of the data subject

10.1 The applicable data protection law grants you comprehensive data subject rights (rights to information and intervention) with respect to the controller with regard to the processing of your personal data, which we will inform you about below:

  • Right of access in accordance with APP 12.1 and Art. 15 GDPR:

In particular, you have the right to information about your personal data processed by us, the purposes of processing, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or the criteria for determining the storage period, the right to correction, deletion, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data, if not collected by us from you, the existence of automated decision-making including profiling and, where applicable, substantive information about the logic involved and the scope and intended effects of such processing, as well as your right to be informed of the guarantees in accordance with Art. 46 GDPR when forwarding your data to non-member states;

  • Right to correction in accordance with APP 13.1 and Art. 16 GDPR:

You have the right to immediate correction of incorrect data concerning you and/or completion of incomplete data stored by us;

  • Right to deletion in accordance with APP11.2 and Art. 17 GDPR:

You have the right to request the deletion of your personal data if the prerequisites of APP11.2 and Art. 17(1) GDPR are met. However, this right does not apply in particular if the processing is necessary for exercising the right to freedom of expression and information, for fulfilling a legal obligation, for reasons of public interest or for the establishment, assertion or defence of legal claims;

  • Right to restriction of processing in accordance with Art. 18 GDPR:

You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data disputed by you is verified, if you reject the deletion of your data due to impermissible data processing and instead request the restriction of the processing of your data, if you require your data for the establishment, assertion or defence of legal claims, once we no longer need this data after the purpose has been achieved or if you have lodged an objection for reasons of your particular situation, as long as it has not yet been determined whether our legitimate reasons prevail;

  • Right to information in accordance with APP 13.2 and Art. 19 GDPR:

If you have asserted the right to correction, deletion or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves impossible or involves a disproportionate amount of effort. You have the right to be informed of these recipients.

  • Right to data portability in accordance with Art. 20 GDPR:

You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request the transfer to another controller, if technically feasible;

  • Right to withdraw consent granted in accordance with Art. 7(3) GDPR:

You have the right to revoke your consent to the processing of data at any time with future effect. In the event of revocation, we will delete the data in question immediately if further processing cannot be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent prior to revocation;

  • Right to lodge a complaint in accordance with Art. 77 GDPR:

If you believe that the processing of personal data concerning you is in violation of the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, your place of work or the place of the alleged violation, without prejudice to any other administrative or judicial remedy.

10.2 Right to object in accordance with Art. 21 GDPR:

If we process your personal data on the basis of our overriding legitimate interest as part of a balancing of interests, you have the right to object to this processing at any time with future effect for reasons arising from your particular situation. If you exercise your right to object, we will terminate the processing of the data concerned. However, further processing is reserved if we can prove compelling legitimate grounds for processing that override your interests, fundamental rights and freedoms, or if the processing serves the establishment, assertion or defence of legal claims. If your personal data is processed by us for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising. You can exercise the objection as described above. If you exercise your right to object, we will terminate the processing of the data concerned for direct marketing purposes.

10.2 Right to object in accordance with Art. 21 GDPR:

If we process your personal data on the basis of our overriding legitimate interest as part of a balancing of interests, you have the right to object to this processing at any time with future effect for reasons arising from your particular situation. If you exercise your right to object, we will terminate the processing of the data concerned. However, further processing is reserved if we can prove compelling legitimate grounds for processing that override your interests, fundamental rights and freedoms, or if the processing serves the establishment, assertion or defence of legal claims. If your personal data is processed by us for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising. You can exercise the objection as described above. If you exercise your right to object, we will terminate the processing of the data concerned for direct marketing purposes.

11. Duration of storage of personal data

The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of the processing and – if applicable – on the basis of the respective statutory retention period as well (e.g. retention periods under commercial and tax law). In the case of processing personal data on the basis of express consent pursuant to APP 6.1 (a) and Art. 6(1)(a) GDPR, this data will be stored until the data subject revokes their consent. Should statutory retention periods exist for data that are required in the context of legal or similar obligations based on APP 3.2 and Art. 6(1)(b) GDPR, this data will be routinely deleted after the expiry of the retention periods, provided that it is no longer required for the fulfilment or initiation of the contract and/or no legitimate interest in continued storage exists on our part (APP11.2). When processing personal data on the basis of APP 3.2 and Article 6(1)(f) GDPR, this data will be stored until the data subject exercises their right to object in accordance with Art. 21(1) GDPR or the data is no longer needs the information in accordance with APP 11.2, unless we can demonstrate compelling legitimate grounds for processing that override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. When processing personal data for the purposes of direct marketing on the basis of Art. 6(1)(f) GDPR, this data will be stored until the data subject exercises their right to object in accordance with Art. 21(2) GDPR. Unless otherwise stated in the other information contained in this statement on specific processing situations, stored personal data will be deleted if it is no longer necessary for the purposes for which it was collected or otherwise processed.

We welcome feedback about privacy issues and will endeavour to attend to all questions and complaints promptly. You can contact us about any privacy issues as follows:

Data protection team: datenschutz-kt@blanco.de

If you are not satisfied with our response, a complaint can be lodged with the Australian Information Commissioner on http://www.oaic.gov.au/privacy/making-a-privacy-complaint or You can call the OAIC enquiries line on 1300 363 992.