Privacy

Last updated: 16 September 2021

Your privacy and personal data are very important to us. We strive to protect the personal data of visitors to our web site in accordance with the applicable provisions of data protection legislation worldwide. The present Privacy Policy governs the use of the the MAUSER Packaging Solutions website we operate under the main domain MauserPackaging.com, and additional domains that are operated by us and to which users are redirected (hereinafter referred to as "Web Site") and explains how we collect, process, and use your personal data on the Web Site, how we protect this data, and your rights with respect to the collection, processing, and use of this data. Please read this Privacy Policy carefully.

We have the right to change this Privacy Policy at any time; any changes made will be announced on the Web Site. Therefore, please read through this Privacy Policy on a regular basis and look out for relevant notifications concerning changes. By using the Web Site, you automatically agree with the provisions of this Privacy Policy in its currently valid version.

Please keep in mind that this Privacy Policy only applies to data that are collected on the Web Site. We do not assume any liability for data privacy on web sites that are operated by third parties.

Our Web Site is only directed to adult users. We therefore request individuals under the age of 18 not to provide Personal Data through the Web Site.


I. Name and address of the controller

The controller within the meaning of the EU General Data Protection Regulation (GDPR) and other national data protection laws of EU member states as well as other data protection provisions is:

 

 

MAUSER Corporate GmbH
Schildgesstr. 71-163
50321 Bruehl, Germany
Telefax: +49 - 2232 - 78 - 1000
E-Mail: [email protected]

MAUSER Corporate GmbH is represented by: Michael Steubing, Bart Lorrez, Ron Kropp.

 

MAUSER do BRASIL Embalagens Industriais S.A
Av. Lavandisca, 777 – Cj 71 e 72 - Indianópolis
04515-011 – São Paulo, Brazil
Telefax: +55 11 2168-0364
E-Mail: [email protected]

 

MAUSER do Brasil Embalagens Industriais S.A is represented by: Edson Rossi, Evandro Souza, Luiz Cantero, Roberto Gallego


Whenever the terms "we", "us", and "our" are used in this Privacy Policy, the reference is to BWAY Corporation, and all affiliated companies (together "MAUSER Packaging Solutions" or "MPS").

II. Contact details of the data protection officer


Contact details of the data protection officer:

 

Mauser Corporate GmbH
Schildgesstraße 71-163
50321 Brühl, Germany

 

E-mail: [email protected]

 

MAUSER do BRASIL Embalagens Industriais S.A
Av. Lavandisca, 777 – Cj 71 e 72 - Indianópolis
04515-011 – São Paulo, Brazil

E-mail: [email protected]


If you have any questions regarding this Privacy Policy or if you believe that we are not complying with the conditions of our Privacy Policy or if you wish to assert your data privacy rights, please contact our data protection officer.

III. General information about data processing

 

1. Extent of the processing of personal data


What is personal data? 


Personal data are personal and factual information that directly or indirectly reveal your identity or can be used to identify or contact you (hereinafter "Personal Data"). Examples of such Personal Data include your name, address, email address, IP address, telephone number, date of birth. We collect such Personal Data when you complete our contact form, contact us via the email address provided.

We collect and use Personal Data of our users only where this data is necessary for the provision of a functional web site as well as our content and services. The regular collection and use of Personal Data of our users takes place only with the consent of the user. An exception applies in cases where prior consent cannot be obtained for practical reasons and the processing of the data is permitted by law. We always treat this data confidentially and in accordance with applicable data protection law. We will not transfer your Personal Data for purposes other than those indicated in this Privacy Policy without your explicit consent.

You are not obligated to provide Personal Data to us in order to use the Web Site. However, if you do not provide Personal Data, you may not be able to visit all of the areas of the Web Site and may not be able to use all of our online services. In addition, we may not be able to offer you services that build on Personal Data or require us to contact you personally; in particular, we may not be able to provide a homepage that is tailored to your individual needs.

Anonymous Data:

When you visit our Web Site, we collect statistically relevant information pertaining to the use of the Web Site. We process and use data for statistical purposes separately from your other Personal Data. These data can therefore not be used to identify or contact you. Such data include, for example, demographic information (age, profession, or gender) and other information about you as an individual or metrics related to the use of the Web Site ("Anonymous Data"). We use Anonymous Data to obtain an overview of the users of the Web Site as well as to improve the Web Site.


No Collection of Special Categories of Personal Data:

 

We do not collect particularly sensitive categories of data about you as an individual, such as health data, genetic or biometric data, your ethnic background, religious or political convictions, or details about your sexual life, via the Web Site.

2. Legal basis for the processing of personal data

Where we obtain the consent of the data subject for the processing of Personal Data, Article 6(1)(a) GDPR in conjunction with Art. 7 GDPR/§ 51 BDSG serves as the legal basis for the processing of Personal Data. For the processing of Personal Data necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR serves as legal basis. This also applies to processing operations required to carry out pre-contractual actions. Where processing of Personal Data is required to fulfil a legal obligation to which our company is subject, Article 6(1)(c) GDPR serves as legal basis. In the event that the vital interests of the data subject or of another natural person require the processing of Personal Data, Article 6(1)(d) GDPR serves as legal basis. If the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, where such interests are not overridden by the interests or fundamental rights and freedoms of the data subject, then Article 6(1)(f) GDPR serves as the legal basis for processing. 

For information on the legal basis under Brazilian data protection law, please refer to Section X below. 

3. Data deletion and storage

 

We only store your Personal Data for as long as necessary for the purposes described in this Privacy Policy or until you have sent us a justified request to delete your data. In addition, such storage may take place if provided for by the European or national legislature in EU regulations, laws or other provisions to which the controller is subject (e.g., due to statutory retention obligations). The data is also blocked or deleted when a storage period prescribed by such legal obligation expires, unless there is a need for further storage of the data for the establishment, exercise or defense of legal claims. 

IV. Provision of the Web Site and creation of log files


1. Description and scope of data processing

 

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • IP address
  • browser
  • operating system
  • referrer URL
  • hostname of the accessing computer
  • date and time of the server request
  • location data

 

2. Purpose of data processing

 

The temporary storage of the IP address by the system is necessary to provide the Web Site to the user's computer. For this purpose, the IP address of the user must be stored for the duration of the use of the Web Site. Storage in log files is carried out to ensure website functionality. In addition, the data is used to optimize the Web Site and to ensure the security of our information technology systems. No evaluation of the data for marketing purposes takes place in this regard. 

Our legitimate interest in the processing of data pursuant to Article 6(1)(f) GDPR exists in connection with these purposes. 

3. Duration of storage

 

The data will be deleted as soon as it is no longer required for the purpose for which it was collected. Where the data was collected to provide the Web Site, it will be deleted once the respective session has ended.

Where the data is stored in log files, it will be deleted after seven days at the latest, unless we are legally obligated to retain your Personal Data (e.g., due to statutory retention obligations). Anonymized Data may be stored for a longer period. In that case, the IP addresses of the users are deleted or altered, so that a reference can no longer be made to the calling client. 

4. Opposition and removal option

 

The collection of data for the provision of the Web Site and the storage of the data in log files for the duration of the visit of the Web Site are essential for the operation of the Web Site. Consequently, the user has no opposition possibility. If you do not want your data to be collected in log files, please refrain from using our Web Site.

V. Use of cookies 


Details regarding the use of cookies can be found at </Cookie-Policy>.

VI. Contact form and e-mail contact


1. Description and scope of data processing 

Our Web Site contains a contact form that can be used for electronic contact. If a user exercises this option, the data, including Personal Data, entered in the input mask will be transmitted to us and saved for the purpose of processing your inquiry and contacting you. This data is:

  • Name (first name, last name)
  • Business/company
  • Country
  • Postal code
  • City
  • Street and street no.
  • State – US Only
  • House number
  • Phone number
  • Email address
  • Personal Data that may be contained in the subject
  • Personal Data that may be contained in the message
  • Personal Data that may be contained in the request for a quote

For the processing of your Personal Data, your consent will be obtained  during the registration process and reference made to this Privacy Policy. 

Alternatively, contact may be made via the e-mail address provided. In that case, the user's Personal Data transmitted by email will be stored. 

In this context, no Personal Data is disclosed to third parties. Your Personal Data is used exclusively for processing the conversation.

2. Legal basis for data processing 

The legal basis for the processing of the data, where the user has granted his/her consent, is Article 6(1)(a) GDPR.

The legal basis for the processing of the data transmitted in connection with the sending of an e-mail is Article 6(1)(f) GDPR. If the e-mail contact is made with a view to concluding a contract, then Article 6(1)(b) GDPR constitutes an additional legal basis for the processing.

3. Purpose of data processing

The Personal Data from the input mask is processed solely to allow us to process the contact and answer your request. In the case of contact via email, there must be a legitimate interest in the processing of the data. The Web Site will only collect form data to fulfill your request to be contacted by MPS, whether this is a general contact, sales contact, investor contact, product order request, or recycling pickup request.

Other Personal Data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Duration of storage

The Personal Data will be deleted as soon as it is no longer required for the purpose for which it was collected. This is the case for the Personal Data from the input mask of the contact form and the data sent by e-mail, when the conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been conclusively clarified. 

Any additional Personal Data collected during the sending process will be deleted after a period of seven days at the latest. 

However, if we are legally obligated to retain your Personal Data (e.g., due to statutory retention obligations), we will designate them accordingly to exclude the possibility of any further processing that is not related to the purpose of the retention obligation.

5. Opposition and removal option

 

Users may revoke their consent to the processing of Personal Data at any time. If users contact us by e-mail, they may object to the storage of their Personal Data at any time. In such a case, the conversation cannot continue. All Personal Data stored during contact will be deleted in that case, unless we are legally obligated to retain your Personal Data (see above). For a detailed summary of your rights with regard to your Personal Data, please see below.

VII. Job application

For information concerning the handling of applicant data, please refer to our recruiting guidelines.

VIII. Transfer to third parties

To provide the best possible online service, we employ various services from third parties. Your Personal Data that is collected via the Web Site will only be transferred to third parties to the extent absolutely necessary for the purposes mentioned in this Privacy Policy. Any transfer of data is subject to our right of instruction and the confidentiality obligations of the third party as stipulated by applicable data protection legislation. Furthermore, the receiving third parties are obligated to process and use your Personal Data in strict compliance with the provisions of this Privacy Policy. Your data will not be transferred for other purposes without your explicit consent unless we are obligated to transfer your data under the law or by direction of a court.

1. Affiliated Companies

 

In certain circumstances, we may transfer your data (including Personal Data) to our affiliated companies. For the purposes of this Privacy Policy, an affiliated company is defined as any legal entity that is either directly or indirectly controlled by us or itself controls one of the companies mentioned.

2. Statutory Obligations

 

If we are forced to disclose your data (including Personal Data) by law or by court order, we will comply with such a request. Please note that we will also disclose your data if we are convinced in good faith of the validity of a corresponding legal obligation that later proves to be invalid. Likewise, we will transfer your data when this is necessary for revealing or prosecuting a violation of our terms of use or for ensuring the safety of our users, of the Web Site, or of the public. In this case, it may be necessary to transfer your data to third parties that specialize in the prevention of fraud. However, we will never transfer your Personal Data to third parties for marketing purposes without your consent.

3. Independent Contractors

 

We also commission independent contractors to provide certain services for our company in general (auditors, consultants, insurers, administrators, etc.) and in connection with the Web Site in particular (programmers, analysts, security services, etc.). Oftentimes, it is necessary to grant these independent contractors limited access to the information collected via the Web Site; this may also include your Personal Data. However, in accordance with the relevant provisions of applicable data protection legislation, we will limit the access of these independent contractors to the absolute minimum that is necessary to enable them to fulfill their contractual duties.

In particular, independent contractors are prohibited from disclosing or transferring your Personal Data, unless this is unavoidable in performing the contractual services that are owed to us.

4. Corporate events

 

We may further transfer your Personal Data to third parties in connection with a corporate event affecting MPS or one of our affiliates, e.g. the sale of assets or shares or a merger of one of our group companies, where this is necessary for the preparation or transaction of the corporate event.

IX. Data security

We want your data (including your Personal Data) to be as secure as possible. We therefore strive to ensure a secure transfer of your information from your computer to our servers and to prevent abuse, disruptions, loss of data, and unauthorized access, modification, or transmission; our efforts comply with the physical and electronic standards of the industry. As such, we use Secured Socket Layer encryption technology (SSL) to ensure the confidentiality of the Personal Data that you provide to us via the Internet and that we, likewise, transmit via the Internet to our servers. These servers are located at secure sites that are also constantly monitored to prevent unauthorized access. In addition, we limit access to employees and third parties who require access in order to fulfill the purposes described in this Privacy Policy, and all employees and contractual third parties who have access to your data are subject to this Privacy Policy and to a duty of confidentiality, and we conduct regular training in data security. 

 

However, please note that, despite these security measures, the transmission of data via the Internet always entails a certain amount of risk. We cannot exclude the possibility that third parties will find a way to bypass our security measures. If you notice any indications of a possible security breach, please inform us immediately.

X. Your rights

You have the following rights with respect to your personal data.

1. Right to information
2. Right to rectification, erasure and blocking
3. Right to restriction of processing
4. Right to object to processing
5. Right to access and data portability


We make every effort to respect your wishes concerning your data privacy. If, nonetheless, we have not responded to a request to your satisfaction, you have the right to submit a complaint about our processing of your Personal Data to a data protection supervisory authority. 

You also have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of any consent-based processing that took place prior to the withdrawal. 

1. Right to information

 

You can contact us at any time to find out which of your Personal Data we have stored. Aside from your stored Personal Data, this includes information concerning the origin of these Personal Data. You can also request information regarding the recipients or categories of recipients to which your Personal Data have been transferred and the purpose for which the data have been stored by us. Upon request, we will also clarify how long your data will be stored by us and/or the criteria by which we determine the storage period.

You must provide a specific description of the type of Personal Data for which you would like to obtain the information mentioned above. We will deliver this information to you in writing unless another form of communication would be appropriate. If requested, we will also create a copy of your Personal Data for you. This information is provided free of charge.
You are not entitled to the provision of information when the confidentiality of the Personal Data must be maintained according to a legal regulation or due to the nature of the data, specifically due to the prevailing legal interest of a third party.

2. Right to rectification, erasure and blocking

 

You can contact us at any time to:

• update, supplement, or correct your Personal Data, and
• request that we block or delete the Personal Data that we have stored in relation to you or that we order such data to be blocked or deleted, in accordance with applicable data protection legislation.

 

To do so, please submit a request at the following email address: [email protected] or use the contact information provided above. However, any updated, supplemented, or corrected information will only have effect for the future.

3. Right to restriction and opposition of processing

 

You can further contact us at any time to change the settings you have selected with respect to notifications and other information you receive from us or limit the processing of your data in accordance with applicable data protection legislation.

To do so, please submit a request at the following email address: [email protected] or use the contact information provided above. However, any change or restriction relating to your settings will only have effect for the future.

4. Right to object to processing

 

If you want to oppose a processing of your data, please also submit a request at the following email address: [email protected] or use the contact information provided above. However, any objection will only have effect for the future.

5. Right to access and data portability

 

You can request access to your data that is being stored by us or by a third party on our behalf at any time. Furthermore, you have the right to obtain the Personal Data you have provided to us with your consent, in an organized, machine-readable, and conventional format, and to transfer this data to a third party.
You are not entitled to the transfer of data if such a transfer would negatively affect the rights and liberties of other persons or the public interest.

XI. Special provisions in the European Union

If you are in the European Union or your Personal Data is processed by an MPS establishment within the European Union, we will further comply with the European General Data Protection Regulation (GDPR) and national data protection laws of the member states implementing the GDPR (together the "Data Protection Law").

All of our servers are located in the USA. However, we may also transfer your data (including your Personal Data) to servers or third party service providers in countries outside of the European Union (EU) and process your data there. Please note that it is possible that not all of these countries have a level of data protection comparable to that of the EU (e.g., the USA). In such a case, we will implement appropriate measures and reach appropriate contractual agreements with these third parties to protect your interests in accordance with Data Protection Law.

 

Privacy Statement for Business Relations of Mauser Benelux B.V

XII. Special provisions under Californian Privacy Law

If you are a California resident, you may have certain additional rights. California Civil Code Section 1798.83 may permit you to request information regarding the disclosure of your Personal Information by MPS to third parties for the third parties’ direct marketing purposes. California Business and Professions Code Section 22581 permits registered users who are minors to request and obtain deletion of certain posted content. For additional information or to make a request, please contact [email protected].
XIII. Special provisions in Brazil

For users that are residents in Brazil, the following additional provisions shall apply:

1. General provisions

Processing of Personal Data of persons located in Brazil or data that is collected in Brazil is subject to the recently enacted Law No. 13,709 of August 14, 218 that provides for the protection of personal data (the "Brazilian Privacy Law", LGPD). 

Legal provisions on the basis of data processing corresponding to those outlined in Section III.2 above can be found in Art. 7 LGPD. If it becomes necessary to amend this Privacy Policy, we will announce the changes by means of a clear notification on the Web Site. Where we rely on your consent according to Art. 7(1) in conjunction with Art. 8 LGPD, we will also inform you via email of important changes to this Privacy Policy that relate to the handling of your Personal Data to put you in a position to consider revocation of your consent. We will not personally inform you of changes to this Privacy Policy that are of minor importance, particularly changes that do not concern the handling of your Personal Data. By using the Web Site after changes to this Privacy Policy have been announced, you are declaring that you agree to the changes that have been implemented.

2. Additional rights

In addition to your rights set out in Section VIII above, you have the right to demand confirmation of the existence of the processing. Access to your data will be provided to you upon your choice either in a simplified printed or safe and discrete electronic form or by means of a clear and complete declaration that indicates the origin of the data, the nonexistence of record, the criteria used and the purpose of the processing, subject to commercial and industrial secrecy, within a period of fifteen days as from the date of your request. To request confirmation or access to your data, please submit a request at the following email address: [email protected] or use the contact information provided above and indicate in which form you want to receive the requested information. 

You further have the right to request anonymization of unnecessary or excessive data or data processed in non-compliance with the provisions of the LGPD, unless we are legally obligated to retain your Personal Data (see Art. 16 LGPD). To do so, please submit a request at the following email address: [email protected] use the contact information provided above. 

In case of a fully automated processing of Personal Data you have the right to demand review by a natural person, if the automatic decision affects your interests. We will therefore provide clear and adequate criteria and procedures used for the automated decision, subject to commercial and industrial secrecy.

3. Data security

 

We use technical and administrative measures to protect your Personal Data from unauthorized accesses and accidental or unlawful destruction, loss, alteration, communication or dissemination as well as to prevent the occurrence of damages due to the processing of personal data. Please be aware that, despite our efforts, no security measures are perfect or impenetrable. If nevertheless a security incident occurs, we will inform you in accordance with applicable law.