Privacy

Data protection

On this page you will find Information on data processing (obligations to provide information pursuant to Art. 13 of the GDPR) – thinXXS Microtechnology GmbH. The privacy policy is structured as follows:

Privacy Statement for all Website Visitors
Privacy Statement for Customers and Suppliers
Privacy Statement for Applicants

1. Privacy Statement for all Website Visitors

Personal data (usually referred to just as “data” below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents, and the services offered there.

The thinXXS Microtechnology GmbH Privacy Statement (“Statement”) explains how personal data is collected, used and disclosed by thinXXS Microtechnology GmbH when users access and use the services and features offered on our website https:\\www.thinxxs.com and any of our other websites or mobile applications that link to this Statement (the “Sites”).

This Statement is supplemented, and are incorporated herein, by the thinXXS Microtechnology GmbH Cookie Notice , the thinXXS Microtechnology GmbH Business Contact Privacy Notice (see 2., this page below) and the thinXXS Microtechnology GmbH Job Applicant Privacy Notice (see 3., this page below), the thinXXS Microtechnology GmbH GDPR Privacy Addendum, the thinXXS Microtechnology GmbH PIPL Privacy Addendum and the thinXXS Microtechnology GmbH California Privacy Addendum. International Users of the Sites – users from different countries and states may visit the Sites. Section 1 of this Statement applies to all users.Depending on your place of residence, further sections may apply to you.

I. Collection of Information

We collect the following information on our website:

a) Information We Collect Automatically:

When you access or use our Sites, we automatically collect the following information which is stored separate from other data that you may provide to us. We use this information to provide the Sites to you, deduce statistical and anonymous information about the users of the Sites and for the technical administration and the security of the Sites:

Log Information– We log information about each session and the use of the Sites, including the type of browser you use, access times, pages viewed, your IP address and the page you visited before navigating to our Sites.
Device Information– We collect information about the computer or mobile device you use to access our Sites, including the hardware model, operating system and version and mobile network information.
Information Collected by Cookies– We use various technologies to collect information, specifically cookies. Cookies are small text files that a website or its service provider transfers to your devices, such as mobile devices or computers, through your web browser (if allowed by you), that enables the websites or service providers’ systems to recognize your browser and capture and remember certain information. Please see our thinXXS Microtechnology GmbH Cookie Notice for more information on our use of cookies.

b) Information You Provide to Us:

We also collect information you provide directly to us when you contact us via contact form. The types of information we may collect include your name, company name, email address and your message. We collect this information for answering your enquiry.

II. Use of Information

We may use information about you for various purposes, including:

Providing and improving our customer service, including responding to your comments, questions and requests (e.g. product queries or technical questions);
Analyzing and managing our business;
Establishing and managing our business relationship, e.g. when you as a customer contact us via one of the Sites and we connect this request to your business account;
Improving our IT security;
Defending our legal interests, e.g. when claiming remedies of attacks on our website;
Processing employment inquiries;
Communicating with you about services, offers, promotions, rewards, and events offered by IDEX and others; and

III. Recipients and Categories of Recipients of Personal Data

We do not share, sell, or otherwise disclose information about you for purposes other than those outlined in this Statement. However, we may use and disclose aggregated information about our users and other information that does not reasonably identify any individual, without restriction. Possible recipients or categories of recipients of your personal data are:

Other IDEX group companies if such a transfer of personal data is required for the specific purpose (you can find a list of the IDEX group companies here);
Vendors and channel partners such as distributors and sales representatives for the Company’ products;
Service providers who process personal data on our behalf but have to follow our instructions on such processing; IDEX will undertake all reasonable efforts to ensure these service providers will not be allowed to use your personal data for purposes other than the purposes defined by us;
Authorities, who we are obliged to provide your personal data to, e.g., tax authorities or healthcare authorities;
Auditors or similar external consultants such as lawyers or tax advisors;
Authorized third parties in response to a request for information if disclosure is in accordance with any applicable law, regulation or legal process, or as otherwise required by any applicable law, rule or regulation;
External investigators, consultants or authorities as permitted by law in order to investigate, prevent or take action regarding illegal activities, suspected fraud, infringement of our intellectual property rights, situations involving potential threats to the physical safety of any person, violation of the terms of our agreements, or as otherwise required by law;
If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of IDEX, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Potential purchasers and their advisors in the context of mergers and acquisitions, to whom we may transfer your personal data subject to appropriate confidentiality obligations, in the event we decide to dispose of all or parts of our business; and
To other recipients with your consent or at your direction, including if we notify you through our Sites that the information you provide will be shared in a particular manner with particular people and you provide such information.

IV. Security

thinXXS takes reasonable measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. However, no security system is impenetrable and we cannot guarantee the security of our systems 100%. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.

V. Do Not Track Signals

Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your online activities. At this time, we do not honor such signals and we do not modify what information we collect or how we use that information based upon whether such a signal is broadcast or received by us.

VI. Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:

Cookies. Most web browsers are set to accept cookies by default. You can block cookies by activating the setting on your web browser that allows you to refuse the setting of all or some cookies. These settings are usually found in the ‘options’ or ‘preferences’ menu of your web browser. In order to understand these settings or get further information, refer to the documentation provided by the provider of the web browser you are using. For further information about deleting or blocking cookies, please visit: www.allaboutcookies.org. However, if you use your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our Sites or perform certain functionalities of the Sites. For additional details about the cookies used in our Sites, please visit our thinXXS Microtechnology GmbH Cookie Notice .

VII. Accessing and Correcting Your Information

General. You may at any time review or ask for the rectification or removal of your information by contacting us at the contact information shown below. However, note that we may retain certain information as required by law or for legitimate business purposes. We may also retain cached or archived copies of information about you for a certain period of time.

VIII. Jurisdiction Specific Privacy Rights

The law in some jurisdictions may provide you with additional rights regarding our use of Personal Data. To learn more about any additional rights that may be applicable to you as a resident of one of these jurisdictions, please see the privacy addendum that is attached to this Privacy Notice.

a) Your Rights under the General Data Protection Regulation (“GDPR”)

If you are a resident of the European Economic Area or the United Kingdom, you have the additional rights described in the thinXXS Microtechnology GmbH GDPR Privacy Addendum to this Statement

b) Your Rights under the Personal Information Protection Law (“PIPL”)

If you are a resident of the in the People’s Republic of China (“China”, which, solely for the purposes herein, is exclusive of Taiwan, Hong Kong and Macau), you have the additional rights described in the thinXXS Microtechnology GmbH PIPL Privacy Addendum to the Statement.

c)Your California Privacy Rights

If you are a resident of California, you have the additional rights described in the thinXXS Microtechnology GmbH California Privacy Addendum to the Statement.

IX. Contact Information

If you have any questions, concerns, complaints, or suggestions regarding this Statement, or have any requests related to the personal information we collect about you, you may contact us:

To Contact thinXXS Microtechnology GmbH:
Phone: 0049 (0) 6332 8002 0
E-Mail: thx-datenschutzteam@idexcorp.com (Data Protection Team at thinXXS)
E-Mail of the data protection officer: thx-datenschutz@idexcorp.com
Postal Address: Amerikastraße 21 66482 Zweibrücken

To Contact IDEX:
Phone: 1-847-498-7070
Email: privacy@IDEXcorp.com
Postal Address: IDEX Corporation
Attn: Legal Department: Compliance/Privacy
3100 Sanders Road, Suite 301
Northbrook, IL 60062, USA

2. Privacy Statement for Customers and Suppliers

We take the protection of your personal data very seriously. For that reason, we will be glad to inform you below about the rights you have in respect to us regarding the use of those data.

Who is responsible for the data processing?
The body responsible for the collection and use of your personal data is
thinXXS Microtechnology GmbH, Amerikastrasse 21, 66482 Zweibrücken

Telephone:       06332 – 8002 – 0
Telefax:            06332 – 8002 – 75
E-mail:             thx-info@idexcorp.com

Contact data of data protection officer
You can get in touch with our data protection officer by e-mail at: thx-datenschutz@idexcorp.com

Framework of processing
a) Categories of personal data which are processed
We process the following categories of data: address data, contact data, bank account data, invoicing data, contract data, customers’ interests.
b) Duration of storage
Three years after the termination of the contract we had with you, we check to see whether or not we still need your data. If the data are no longer needed and there are no statutory obligations to preserve them (under the German Commercial Code [HGB], the German Criminal Code [StGB] or the German Fiscal Code [AO]) such as contradict their erasure, the data will be erased.
c) Purposes and legal basis of data processing
We use your data for the negotiation and administration of the contractual relationship that exists with you, and for customer care. The processing of your data is necessary for the performance of a contract with you pursuant to Art. 6 1. (b) of the GDPR.
d) Mandatory provision of data
The provision of your data is required for the conclusion of the contract with you. If you do not make the data available, it will not be possible to conclude the contract.
e) Automated decision-making
No use will be made of fully automated decision-making as in Art. 22 of the GDPR in the establishment or performance of the contract.

Transmission of data, information relating to foreign countries
a) Recipients of data
We only transmit personal data to third parties if this is necessary in the context of the administration of the contract, if you have given us your express prior consent, if we are obliged to do so by law or on account of an order issued by a court or administrative authority, or if said transmission is necessary to the enforcement of our rights, in particular that of claims resulting from a contractual relationship with you.

We shall transmit the data to the following categories of recipients if this is necessary to the performance of the contract:

public bodies which receive data on the basis of statutory regulations (e.g. fiscal authorities)
internal bodies involved in the implementation of the respective business processes
external bodies such as affiliated enterprises of thinXXS Microtechnology AG and external contractors engaged for correct and proper business processing (e.g. transport companies, banks)
external bodies which function as processors.

b) Transmission to third states
To process a request or to fulfil a contract it may be necessary to transmit personal data outside the EU (to third states). In cases where personal data is transferred to third states, it will be transmitted only to those countries where national laws provide a level of protection for personal data which is comparable to those of EU law. There is no transmission to third states which do not fall under this category and no such transmission is planned unless written consent is given.

5. Rights of data subjects

a) Right to withdrawal of consent, information, rectification, erasure, restriction of processing and data portability

You have the right:

to withdraw the consent you have given us as in Art. 7 3. of the GDPR at any time. The consequence of such withdrawal will be that we are not allowed to continue the processing based on that consent in the future.
to request information about personal data that concern you and are processed by us as in Art. 15 of the GDPR. You may in particular request information about the purposes of the processing, the categories of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage duration, the existence of a right to rectification, erasure, restriction of processing or objection to such processing, the existence of a right to complain, the origin of your data if they were not collected by us, and information about the existence of automated decision-making including profiling and, if applicable, meaningful information regarding details thereof.
to request the rectification of inaccurate or completion of incomplete personal data that concern you and are stored by us without delay as in Art. 16 of the GDPR.
to request the erasure of personal data that concern you and are stored by us as in Art. 17 of the GDPR, unless the processing is necessary for exercising the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercising or defence of legal claims.
to request that the processing of your personal data be restricted as in Art. 18 of the GDPR, if the accuracy of the data is contested by you, if the processing is unlawful but you oppose the erasure of the data, if we no longer require the data but they are required by you for the assertion, exercising or defence of legal claims, or if you have lodged an objection to the processing pursuant to Art. 21 of the GDPR.
to request receipt of the personal data which you have provided to us in a structured, commonly used and machine-readable format, or to request that they be transmitted to another controller as in Art. 20 of the GDPR.
to lodge a complaint with a supervisory authority as in Art. 77 of the GDPR. As a rule, you can address yourself in such a case to the supervisory authority at your habitual residence or place of work or at our place of business.

The address of the supervisory authority responsible for our company is:
Rhineland-Palatinate

The State Officer for Data Protection and Freedom of Information in the Federal State of the Rhineland-Palatinate
Postfach 30 40
55020 Mainz

or:

Hintere Bleiche 34
55116 Mainz

Telephone: 061 31 – 208 – 24 49
Telefax: 061 31 – 208 – 24 97
E-mail: poststelle@datenschutz.rlp.de

For information about your personal data, to initiate their rectification or erasure, or to exercise any other rights that you have, please contact us as follows:

by letter: thinXXS Microtechnology GmbH, Amerikastrasse 21, 66482 Zweibrücken

by telephone: 06332 – 8002 – 0
by telefax: 06332 – 8002 – 75
by e-mail: thx-info@idexcorp.com

3. Privacy statement for Applicants

We are pleased that you are interested in us and that you have applied or are applying for a position in our company. In the following we would like to provide you with information on the processing of your personal data in connection with your application.

Who is responsible for data processing?

In accordance with the data protection law, the responsible party is

thinXXS Microtechnology GmbH
Amerikastraße 21
D-66482 Zweibrücken

You will find further information about our company, details of the persons authorized to represent us and also further contact details in our imprint on our website

Which of your data are processed by us? And for what purposes?

We process the data you have sent us in connection with your application in order to check your suitability for the position (or any other open positions in our companies) and to carry out the application procedure:

Contact and identity information, including name, marital status, gender, nationality, date of birth, residential address and contact details.
Your application documents and all information contained therein, including your resume, cover letter and certificates; other documents about your previous work experience, education or similar; and pictures.
Information about your employment history and work-related experience and skills, including hiring date, date and reason for termination, employment status, current salary level, other supporting data submitted by applicants or employees, information obtained through reference checks, previous applications, proof of your skills/qualifications and relocation information.
Information relating to character and professional interests, including job-related and personal interests; knowledge or skills; and awards or memberships.
Other personal information you provide to us during the recruitment process, including our notes from interviews with you or others about you; and any correspondence you have with us or a recruitment agency during the application process.
Information about your work permit status.
Sensitive data, in certain circumstances, including your racial or ethnic origin; trade union membership; religious beliefs; or information about your health, such as information about a disability for which the company may need to make reasonable adjustments during the recruitment process.

We may also obtain the above information about you from other sources, including recruitment agencies, the references you provide, websites and other publicly available information on the Internet. This includes, for example, personal information that you have published as part of an online profile. We may also receive information that you provide to us through third-party websites, such as LinkedIn.

Personal data that you provide us with in the context of your application will be stored and used exclusively for the purpose of processing your application and, if applicable, for the subsequent employment relationship.

If your application has convinced us, but we cannot consider you for a vacancy, we would be pleased to store your documents in our talent pool. In this case, we will ask you for your consent in a separate e-mail. You will then have the opportunity for us to contact you again in the event of suitable job advertisements that match your profile.

If we would like to send your application documents to other companies in the group of companies, we will also ask for your consent. You can also give this consent in your application. In such a case, your personal data will be forwarded to the responsible offices of other companies for the purpose of initiating the application procedure in the respective companies.

What is the legal basis?

The processing of your personal data in the context of the application procedure takes place on the basis of Art. 6 para. 1 lit. b GDPR (establishment and execution of a contract) as well as § 26 para. 1 sentence 1 BDSG.

The storage and processing of your data in the talent pool or the forwarding to other companies in the group of companies takes place on the basis of your consent in accordance with Art. 6 para. 1 letter a GDPR.

Should the data be necessary for legal prosecution after the application procedure has been completed, data processing may be carried out on the basis of the requirements of Art. 6 GDPR, in particular to safeguard legitimate interests in accordance with Art. 6 Para. 1 letter f) GDPR. Our interest then consists in the assertion or defense of claims.

How long is the data stored?

Data of applicants will be deleted after 6 months in the case of a cancellation. The legal basis for the storage of such data is Art. 6 para. 1 letter f GDPR. Our legal interest in this respect is to defend ourselves against any claims arising from the General Equal Treatment Act (“AGG”).

In the event that you have agreed to further storage of your personal data, we will transfer your data to our pool of applicants. There the data will be deleted after two years.

If you have been awarded a job during the application procedure, the data from the applicant data system will be transferred to our personnel information system.

To which recipients will the data be forwarded?

Your data will be made available to the responsible employees in the Human Resources Department and to the employees or managers of the department(s) responsible for the position for which you have applied. In the case of a speculative application, your documents will be made available to the relevant employees in the Human Resources department and to the relevant employees or superiors of the relevant departments for which your application might be of interest.

Due to our company structure, it can happen that there are several persons responsible for your application; this is evident from the application documents in individual cases. This transfer is protected by commitments set forth in intercompany agreements that we have entered into between the various legal entities of the IDEX group of companies. International transfers within the IDEX group of companies are governed by standard contractual clauses approved by the European Commission for data controllers and, where relevant, data processors. You can obtain a copy of these standard contractual clauses, which are used in our intra-group agreements, by contacting the company and requesting it.

Furthermore, we do not forward your applicant data to affiliated subsidiaries or parent companies unless your application also relates to these companies, is kept open for this purpose or you have given us your express consent.

We also use contract processors (e.g. IT service providers) for the application process. Your data will be passed on to them in strict compliance with the obligation of secrecy and the requirements of the GDPR. The processors commissioned by us may only process the data for us and not for their own purposes. The responsibility for data processing remains with us in these cases.

Data will also be passed on if we are obliged to do so by law and/or official or court orders.

Where is the data processed?

Our company is part of the IDEX group of companies, where personnel responsibilities can extend beyond national borders. For this reason, supervisors in other countries may also have access to your applicant data. This data processing is necessary to decide whether to establish an employment relationship. Data is also transferred to third countries when your data is included in the Talent Pool. This means that our affiliated foreign units also have access to your applicant data.

If data is transferred to a body in a third country, appropriate guarantees for the protection of your personal data will ensure that the data protection level of the European Union is observed.

Are you obliged to provide your data?

The data we collect is necessary for the decision on the establishment of an employment relationship. We cannot take you into account if the information provided is incomplete.

To what extent do automated individual case decisions or profiling measures take place?

We do not use automated processing to make a decision – including profiling – about the establishment of an employment relationship.

Your rights as a “data subject”

You have the right to be informed about the personal data we process about you. In the case of a request for information that is not made in writing, we ask for your understanding that we may then require you to provide evidence that proves that you are the person you claim to be.

Furthermore, you have a right to correction or deletion or to restriction of processing, as far as you are legally entitled to do so.

Our data protection officer

You can reach our data protection officer in the company by e-mail: THX-Datenschutz@idexcorp.com

Right of appeal

You have the right to complain about the processing of personal data by us to a data protection supervisory authority.

The data protection supervisory authority responsible for us is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz
Postfach 30 40
55020 Mainz

Or:

Hintere Bleiche 34
55116 Mainz

Telephone: 061 31 – 208 – 24 49
Telefax: 061 31 – 208 – 24 97

E-mail: poststelle@datenschutz.rlp.de