Data protection information regarding marketing
Data protection information marketing
We are committed to protect your personal data and comply with applicable data protection law, in particular the EU General Data Protection Directive ("GDPR") and, and we only process your personal data on the basis of a statutory provision or if the data subject has declared consent.
In this data protection information, we provide you with the mandatory information on the processing of your personal data. In relation to this processing, we comply with applicable data protection law, in particular the EU General Data Protection Regulation ("GDPR").
1. Who is responsible for the processing of personal data?
The controller responsible for the processing of personal data is URSA UK Ltd, Crest House, 102-104 Church Road, Teddington, TW11 8PY. Any reference to "we" or "us" in this data protection information is a reference to the aforementioned entity.
Our data protection coordinator may be contacted via the aforementioned means or via firstname.lastname@example.org.
2. Which data do we process? For which purposes and on which legal basis do we process your personal data?
We would like to inform you about products, services, offers and promotions. For this purpose, we offer you the opportunity to choose between different contact channels when you give your consent.
Depending on your choice of one or more contact channels, we will process the necessary data as provided by you in the contact form, at least your surname and first name and the details of the contact channel (post, e-mail, telephone, SMS) selected by you.
We process this personal data on the basis of your consent and according to Article 6 (1) a) DSGVO
3. Is there an obligation to provide personal data? Can I withdraw my consent?
You give your consent and choose your contact channel on a purely voluntary basis. You are therefore not obliged to provide personal data. In order that we can send you the information via the desired contact channel, we require the data marked as mandatory fields in the contact form.
You can revoke your consent at any time without giving reasons with effect for the future by simply contacting us. You will also find a link to unsubscribe in each e-mail.
4. Who has access to personal data?
We will never sell your email address of other contact data to third parties. The data will only be transferred if this is necessary to send you our information. In this context, we can also commission external service providers and other group companies, taking into account the applicable statutory regulations.
We will only share your information with the following categories of recipients to prepare and send our information to you;
- Service providers within our group of companies (e.g. to provide statistical analysis and technical maintenance for our systems).
- External service providers who provide services on our behalf and on a separate contractual basis, such as collecting your data, hosting our websites, maintaining our call center, sending e-mails or written information or providing personal advice.
In addition, we may transfer data to other recipients (e.g. public authorities) to the extent we are obliged to transfer your personal data on the basis of a legal obligation to which we are subject
5. Do we use automated decision-making?
In the course of our direct marketing activities we generally do not use automated decision-making (including profiling) within the meaning of Article 22 GDPR. If we apply such processes in the future, we will inform data subjects separately in accordance with the applicable statutory provisions.
6. Are data transferred to countries outside the EU/the EEA?
Personal data is processed only within the European Union or the European Economic Area; we do not intend to transfer personal data to other countries.
7. How long is your data stored?
- We generally store personal data as long as we have a justified interest in the retention of such data and there the interest of the data subject in refraining from the further processing do not prevail. Even without a justified interest, we may continue to store the data if there is a legal obligation (e.g. to comply with statutory retention obligations). We delete personal data even without an action by the data subject as soon as further retention is no longer necessary for the purposes for which the data were collected or otherwise processed or if further retention is not permitted by law otherwise.
- As far as the aforementioned processing is concerned, we will store your personal data as long as you have not withdrawn your consent or indicated otherwise that you do not want to be provided with further information from us. Also in this case, we store your contact data in order to ensure that you are not contacted following your withdrawal or objection (so called blacklist).
- If personal data need to be stored to comply with a legal obligation, such data is retained until the end of the respective retention period. If personal data are only processed to comply with a statutory retention obligation, the access to such data is usually restricted so that the data are only accessible if needed for the purpose of the retention obligation.
8. What are your rights as a data subject?
As a data subject you may;
- Request access to your personal data, Article 15 GDPR.
- Request the rectification of incorrect personal data, Article 16 GDPR.
- Request the erasure of your personal data, Article 17 GDPR.
- Request the restriction of the processing of your personal data, Article 18 GDPR.
- Exercise the right to data portability, Article 20 GDPR.
- Object the processing of your personal data, Article 21 DSGVO.
The aforementioned rights may be asserted against us, e.g. by providing notice to us via the contact details specified on the first page of this data protection information.
In case of further questions, you may also get in touch with our data protection coordinator by sending an e-mail to: email@example.com.
In addition, the data subject is entitled to lodge a complaint regarding the handling of personal data with the competent supervisory authority, Article 77 GDPR.