Data Protection @ SCHOTT ID
The SCHOTT AG is the controller of your personal data.
Our company has its own branches in individual countries; these companies can process your personal data in the role of processor or joint controller in accordance with this document. Our external partners may also process your personal data, but only based on a data protection agreement guaranteeing the protection of your privacy.
Our data protection officer is available to answer your questions about the processing of your personal information conducted by us.
1. Description and scope of data processing
With the SCHOTT ID, customers, partners, and suppliers can use all our digital services via a single access point. In order to use this service, you must open a personalized account. In the following, we describe the necessary use of your personal data.
As part of SCHOTT ID, we process the following categories of data:
- Contact details (e.g., name, e-mail address, company affiliation)
- Date of first activation to prove account registration
- Date of the last login in each case, to be able to delete inactive users and comply with our deletion obligations.
The recipients for the temporary storage of your personal data may be the following:
- Administrators of the SCHOTT ID
- Customer advisors of the divisions at SCHOTT whose services you use with the help of your SCHOTT ID account
- Service providers we engage to operate SCHOTT ID and to send information to you
We validate your registration for SCHOTT ID to ensure the integrity of our systems through a double opt-in process.
Following registration, we will store your personal data confidentially and use it to ensure access to the portal and to stay in contact with you regarding the portal and send you information on products from the specialty glass and glass-ceramics sector.
2. Legal basis and purpose of data processing
When processing personal data that is required for registration, Art. 6 para. 1 lit. b GDPR serves as the legal basis.
When processing personal data that is required for the general contact request, Art. 6 para. 1 lit. f GDPR serves as the legal basis.
3. Duration of storage
We have developed a deletion concept to remove personal data systematically from our systems. Your personal data is deleted automatically as soon as no interaction or no change to the data records has taken place for 6 years. The deletion check runs recurrently every 6 months.
In the event of a refusal to register with SCHOTT ID, we will delete all personal data stored as part of the registration process immediately.
SCHOTT is a corporation operating on a global scale, which has cross-border legally independent companies, business processes, management structures, and technical systems.
The data collected on these websites is always collected and processed by SCHOTT AG. If necessary for business processes, your data will be shared with affiliates.
As part of the provision of our services, your information may under certain circumstances also be transferred to third parties who we have included in order processing, e.g., IT service providers. When transferring personal information to these third parties, we restrict ourselves to the information, which is necessary for the provision of the service in question, and we ensure that this transfer is carried out in compliance with required data security measures. SCHOTT will only transfer your personal information to third parties which have committed themselves to data protection and to the processing of your information in compliance with the applicable laws.
In addition, SCHOTT may be forced by a court or an official order to reveal your data and associated information. Likewise, we reserve the right to use your information for the assertion of or defense against legal claims. In the event of a takeover or merger with another company, it may be necessary to disclose or transfer your information to actual or potential buyers. In this case, SCHOTT will endeavor to achieve the highest possible level of data protection and will comply with the legal stipulations.
In addition to the rights mentioned above, here is a list of general rights you enjoy under the GDPR.
1. Right to information
You always have it in your own hands which of your personal data you provide to us. Of course, beyond that, you may also make use of your right under Art. 15 GDPR and by written request with proof of your identity by SCHOTT demand confirmation as to whether and which personal data concerning you are processed by us.
2. Right to rectification
You have a right to rectification and / or completion to SCHOTT, if your personal data processed is incorrect or incomplete. We have to correct this immediately.
3. Right to restriction of processing
Likewise, under the conditions of Art. 18 GDPR you have the right to demand a restriction of the processing of your personal data.
4. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of the European Union where you reside, work, or the place of the alleged infringement, if you believe that the processing of the personal data concerning you violates the GDPR.