PRIVACY STATEMENT – DIVESSI.COM
The website, www.divessi.com, including its subdomains and micro-sites, databases and webshops (“website”) and the MySSI area at my.diveSSI.com, are operated by SSI International GmbH – Johann-Hoellfritsch-Straße 6 – 90530 Wendelstein – Germany – Tel: + 49-9129-909938-0 – Email: info@diveSSI.com (“SSI”, “we”, “us”). In addition to its headquarters in Germany, SSI has direct subsidiaries in Australia/New Zealand, USA/Canada, Japan, China and Italy/Europe, as well as service centres in many countries, which operate as licensees and are independent companies. All SSI Service Centres are responsible for service and material shipment in a specific territory. The laws and regulations regarding privacy and related rights and responsibilities vary across countries, but SSI has overall responsibility for protecting the privacy of its customers. We therefore observe the applicable legal provisions on the protection, legal scope and confidentiality of personal data as well as on data security.
This privacy agreement applies only to the www.divessi.com website, including its subdomains and micro-sites; a seperate data protection statement applies for the use and the MySSI section at my.diveSSI.com. If necessary, we must update this privacy statement in the course of the further development of the internet and the change in the legal situation or case law. We recommend that you periodically review this page to make sure that you have read the latest version.
CONTENT OF THE PRIVACY STATEMENT
The EU General Data Protection Regulation (GDPR) and the corresponding national data protection laws protect the fundamental rights and freedoms of individuals and their rights to the protection of personal data.
1.1. What is personal data?
Personal data is information about data subjects whose identity is determined or at least can be determinable. This includes, for example, name, address, telephone number, email address, user ID, credit card number, social media account ID, username, IP address etc.
1.2. What data do we collect from you, and how or why do we process your data?
We collect user data in the event of purely informational use of the website as explained under point 2 below. When contacting us via email or via the contact form, we collect the user data that you have provided us with (e.g. name, email address, etc.), as far as permitted by law or as part of the fulfillment of the contract or for the protection of our legitimate interests or you have given us your consent for this. The storage period for personal data is explained in detail under point 8.
2. HANDLING PERSONAL DATA FOR WEBSITES FOR PURELY INFORMATIONAL USE
In the event of merely informational use of the website, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data that is technically necessary for us to display our website and to ensure stability and security:
- IP address
- Date and time of the inquiry
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Transmitted amount of data in each case
- Website from which the request comes
- Operating system and its interface
- Language and version of the browser software.
- The legal basis for this processing is art. 6 para 1 sentence 1(f) GDPR.
2.1. Cookies used on retrieving the website
Like most websites, we use "cookies" as far as this is technically neccessary for the use of the website or you have given your consent. We use (i) functional cookies that are required to operate and provide our website, (ii) analytic cookies, and (iii) third party cookies to help us collect general inormation about website usage and interactions in order to analyze the use of our website.
Cookies are small text files that our server sends to your browser when you visit our websites and are stored on your device. Cookies are used to make the use of the website more comfortable for you. Furthermore, cookies optionally store selected settings of a previous visit to the website (e.g. region, language, interests etc.).
The legal basis for this processing is art. 6 para. 1 sentence 1 (a) or (f) GDPR.
2.2. Google Analytics and Universal Analytics
Use of Google Analytics
(1) This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that allow an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. We have activated IP anonymization on this website, so your IP address will be shortened beforehand by Google within member states of the European Union or other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website usage and internet usage to the website operator.
The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google information.
You can prevent the storage of cookies by setting your browser software accordingly; however, we point out that in this case you may not be able to use all the functions of this website in full. You may also prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading the browser plug-in available at the following link and installing it: HTTP://TOOLS.GOOGLE.COM/DLPAGE/GAOPTOUT?HL=DE. This website uses Google Analytics with the extension “_anonymizeIp ()”. As a result, IP addresses are processed in shortened form; reference to particular individuals can thus be excluded. Therefore, as far as the data collected about you contains a personal reference, it is immediately excluded and the personal data deleted immediately.
We use Google Analytics to analyze and regularly improve the use of our website. With the statistics we can improve our offer and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the US, Google has submitted to the EU-US Privacy Shield, HTTPS://WWW.PRIVACYSHIELD.GOV/EU-US-FRAMEWORK. The legal basis for the use of Google Analytics is art. 6 para. 1 sentence 1 (f) GDPR.2
Information of the third party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
HTTP://WWW.GOOGLE.COM/ANALYTICS/TERMS/DE.HTML, data protection overview:
HTTP://WWW.GOOGLE.COM/INTL/DE/ANALYTICS/LEARN/PRIVACY.HTML, as well as the data protection statement:
This website also uses Google Analytics for a cross-device analysis of visitor traffic conducted via a user ID. You can disable the cross-device analysis of your use in your customer account under “My Data”, “Personal Information”.
--> Universal Analytics enables cross-device tracking of users and leads to more refined information for those responsible (generally HTTPS://SUPPORT.GOOGLE.COM/ANALYTICS/ANSWER/2790010 ). The opinion of the supervisory authorities is not yet available. In any case, the data subject must be informed about the extended use and be shown the possibility to opt-out.
The legal basis for this processing is art. 6 para. 1 sentence 1 (a) or (f) GDPR.
2.3. Google Advertising Network, Remarketing and DoubleClick
2.3.1. Use of Google AdWords Conversion
We use the offer of Google Adwords, in order to draw attention to our attractive offers with the help of advertising (so-called Google Adwords) on external web pages. In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. We are interested in showing you advertisements that are of interest to you, to make our website more interesting to you and to achieve a fair calculation of advertising costs.
These advertising materials are supplied by Google via so-called “ad servers”. To do this, we use ad server cookies, from which certain performance metrics such as ads or user clicks can be measured. If you access our website through a Google ad, Google Adwords will store a cookie on your PC. These cookies usually lose their validity after 30 days and should not serve to personally identify you. As a rule, the unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wants to be addressed) are usually stored as analysis values for this cookie.
These cookies allow Google to recognize your internet browser. If a user visits certain pages of an Adwords customer’s website and the cookie stored on their computer has not yet expired, Google and the customer may discover that the user clicked on the advertisement and was redirected to that page. Each Adwords customer is assigned a different cookie. Thus cookies cannot be tracked via the websites of Adwords customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We receive only statistical evaluations provided by Google. On the basis of these evaluations, we can identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material; in particular, we cannot identify the users on the basis of this information.
Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no influence over the scope of the data collected by the employment of this tool by Google and the further use of such data, and inform you therefore according to our level of knowledge: By including AdWords Conversion, Google receives the information that you have accessed the relevant part of our website or have clicked on an advertisement from us. If you are registered with a service provided by Google, Google may associate the visit with your account. Even if you are not registered with Google or have not logged in, there is a chance that the provider will find out your IP address and store it.
You can prevent participation in this tracking process in several ways:
a) by adjusting your browser software accordingly, in particular, the suppression of third-party cookies results in you not receiving any third-party ads;
b) by disabling the cookies for conversion tracking by setting your browser to block cookies from the domain “www.googleadservices.com”, HTTPS://WWW.GOOGLE.DE/SETTINGS/ADS, although this setting will be deleted if you delete your cookies;
c) by deactivating the interest-based advertisements of the providers that are part of the “About Ads” self-regulation campaign via the link HTTP://WWW.ABOUTADS.INFO/CHOICES, although this setting will be deleted if you delete your cookies;
d) by permanent deactivation in your Firefox, Internet Explorer or Google Chrome browsers under the link HTTP://WWW.GOOGLE.COM/SETTINGS/ADS/PLUGIN. We point out that, in this case, you may not be able to use all features of this offer in full.
The legal basis for the processing of your data is art. 6 para. 1 sentence 1 (a) GDPR.
For more information about privacy at Google, see: HTTP://WWW.GOOGLE.COM/INTL/DE/POLICIES/PRIVACY and HTTPS://SERVICES.GOOGLE.COM/SITESTATS/DE.HTML. Alternatively, you can visit the Network Advertising Initiative (NAI) website at HTTP://WWW.NETWORKADVERTISING.ORG. Google has submitted to the EU-US Privacy Shield, HTTPS://WWW.PRIVACYSHIELD.GOV/EU-US-FRAMEWORK.
In addition to Adwords Conversion, we use the Google remarketing application. This is a process that we would like to raise with you again. Through this application, you can see our ads after visiting our website as you continue to use the internet. This is done by means of cookies stored in your browser, through which your usage behavior when visiting various websites is recorded and evaluated by Google. This is how Google determines your previous visit to our website. Consolidation of the data collected during the remarketing with your personal data, which may be stored by Google, does not occur by Google according to its own statements. In particular, according to Google, pseudonymization is used in remarketing.
With the use of remarketing, information about your browsing behavior is collected for marketing purposes in anonymous form and stored on your computer using cookies (targeting / retargeting). Based on an algorithm, we can then show you targeted product recommendations as personalized banner ads on other websites (so-called publishers). If you do not want this to occur, you can disable it via the Ads Preferences Manager (HTTPS://SUPPORT.GOOGLE.COM/ADS/ANSWER/2662922?HL=DE).
The legal basis for the processing of your data is art. 6 para. 1 sentence 1(a) GDPR.
2.3.3. DoubleClick by Google
Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no influence over the scope of the data collected by the employment of this tool by Google and the further use of such data, and inform you therefore according to our level of knowledge: By including DoubleClick, Google receives the information that you have accessed the relevant part of our website or have clicked on an advertisement from us. If you are registered with a service provided by Google, Google may associate the visit with your account. Even if you are not registered with Google or have not logged in, there is a chance that the provider will find out your IP address and store it.
You can prevent participation in this tracking process in several ways: a) by adjusting your browser software accordingly, in particular, the suppression of third-party cookies results in you not receiving any third-party ads; b) by disabling the cookies for conversion tracking by setting your browser to block cookies from the domain “www.googleadservices.com”, HTTPS://WWW.GOOGLE.DE/SETTINGS/ADS, although this setting will be deleted if you delete your cookies; c) by deactivating the interest-based advertisements of the providers that are part of the “About Ads” self-regulation campaign via the link HTTP://WWW.ABOUTADS.INFO/CHOICES, although this setting will be deleted if you delete your cookies; d) by permanent deactivation in your Firefox, Internet Explorer or Google Chrome browsers under the link HTTP://WWW.GOOGLE.COM/SETTINGS/ADS/PLUGIN. We point out that, in this case, you may not be able to use all features of this offer in full.
The legal basis for the processing of your data is art. 6 para. 1 sentence 1(a) GDPR.
Further information on DoubleClick by Google is available at HTTPS://WWW.GOOGLE.DE/DOUBLECLICK and HTTP://SUPPORT.GOOGLE.COM/ADSENSE/ANSWER/2839090, as well as on data protection generally at Google: HTTPS://WWW.GOOGLE.DE/INTL/DE/POLICIES/PRIVACY. Alternatively, you can visit the Network Advertising Initiative (NAI) website at HTTP://WWW.NETWORKADVERTISING.ORG. Google has submitted to the EU-US Privacy Shield, HTTPS://WWW.PRIVACYSHIELD.GOV/EU-US-FRAMEWORK.
For conversion measurement, our website uses the pixel visitor promotion of Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook“).
In this way, the behaviour of the site visitors can be tracked after they have been redirected by clicking on a Facebook ad on the website of the provider. As a result, the effectiveness of Facebook ads can be evaluated for statistical and market research purposes and future advertising measures optimized.
The data collected is anonymous to us as operators of this website; we cannot draw any conclusions about the identity of users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook data usage directive. As a result, Facebook can enable advertising to be displayed on Facebook sites and outside of Facebook. This use of the data cannot be influenced by us as a site operator.
See the data protection notice of Facebook for more information on how to protect your privacy: HTTPS://WWW.FACEBOOK.COM/ABOUT/PRIVACY/.
You can also disable the “Custom Audiences” remarketing feature in advertisement settings atHTTPS://WWW.FACEBOOK.COM/ADS/PREFERENCES/?ENTRY_PRODUCT=AD_SETTINGS_SCREEN. For this you have to be logged in to Facebook.
If you do not have a Facebook account, you can opt out of Facebook Commercial Advertising on the website of the European Interactive Digital Advertising Alliance: HTTP://WWW.YOURONLINECHOICES.COM/DE/PRAFERENZMANAGEMENT/.
3. HANDLING OF PERSONAL DATA IN CASE OF USE BY SOCIAL MEDIA PLUG-INS
We currently use social media plug-ins from the following providers: Facebook, Snapchat, Twitter, YouTube, Instagram, Pinterest.
We use the so-called two-click solution. In other words, when you visit our site, initially no personal data is passed on to the providers of the plug-ins. The provider of the plug-in can be recognized by the marking on the box above the first letter or the logo. We give you the opportunity to communicate directly with the provider of the plug-in via the button. Only if you click on the highlighted field and activate it does the plug-in provider receive the information that you have accessed the corresponding website of our online service. In addition, the data specified in this declaration will be transmitted. In the case of Facebook, according to the respective provider in Germany, the IP address is anonymized immediately after collection. By activating the plug-in, personal data will be transmitted by you to the respective plug-in provider and stored there (in the case of US providers, in the USA). Since the plug-in provider carries out the data collection, in particular via cookies, we recommend that you delete all cookies before clicking on the greyed box via the security settings of your browser.
We have no control over the collected data and data processing operations, nor are we aware of the full extent of the data collection, the purpose of the processing and the retention periods. We also have no information on the deletion of data collected by the plug-in provider. The plug-in provider stores the data collected about you as user profiles and uses them for purposes of advertising, market research and/or tailor-made website design. Such an evaluation is carried out in particular (also for non-logged-in users) for the presentation of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the formation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Through the plug-ins, we offer you the opportunity to interact with social networks and other users so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is art. 6 para. 1 sentence 1 (f) GDPR.
The data transfer takes place regardless of whether you own an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, the data we collect about you will be allocated directly to your existing account with the plug-in provider. If you press the activate button and, for example, link the page, the plug-in provider also stores this information in your user account and shares it with your contacts publicly. We recommend that you log out regularly after using a social network, but especially before activating the button, as this will prevent you from being assigned to your profile with the plug-in provider.
For more information on the purpose and scope of the data collection and its processing by the plug-in provider, refer to the following data protection statements of these providers. There you will also find further information about your rights regarding this and settings options for the protection of your privacy.
Addresses of the respective plug-in providers and URL with their data protection notices
- Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; HTTP://WWW.FACEBOOK.COM/POLICY.PHP; further information on data collection: HTTP://WWW.FACEBOOK.COM/HELP/186325668085084, HTTP://WWW.FACEBOOK.COM/ABOUT/PRIVACY/YOUR-INFO-ON-OTHER#APPLICATIONS as well as HTTP://WWW.FACEBOOK.COM/ABOUT/PRIVACY/YOUR-INFO#EVERYONEINFO. Facebook has submitted to the EU-US Privacy Shield, HTTPS://WWW.PRIVACYSHIELD.GOV/EU-US-FRAMEWORK.
- Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; HTTPS://TWITTER.COM/PRIVACY. Twitter has submitted to the EU-US Privacy Shield, HTTPS://WWW.PRIVACYSHIELD.GOV/EU-US-FRAMEWORK.
- Snap Inc. zeppHeadquarters, 63 Market Street, Venice, CA 90291, USA; HTTPS://WWW.SNAP.COM/DE-DE/PRIVACY/PRIVACY-POLICY/; Snap has submitted to the EU-US Privacy Shield, HTTPS://WWW.PRIVACYSHIELD.GOV/PARTICIPANT?ID=A2ZT0000000TNPXAAO&STATUS=ACTIVE.
- YouTube, LLC. 901 Cherry Ave. San Bruno, CA 94066, USA; HTTPS://POLICIES.GOOGLE.COM/PRIVACY?HL=DE&GL=DE; YouTube, LLC has submitted to the EU-US Privacy Shield, HTTPS://WWW.PRIVACYSHIELD.GOV/PARTICIPANT?ID=A2ZT000000001L5AAI.
- Instagram Instagram HQ, 200 Jefferson Dr Menlo Park, CA 94025, USA; HTTPS://HELP.INSTAGRAM.COM/519522125107875; Instagram has submitted to the EU-US Privacy Shield, HTTPS://WWW.PRIVACYSHIELD.GOV/PARTICIPANT?ID=A2ZT0000000GNYWAAC&STATUS=ACTIVE.
- Pinterest Headquarters 808 Brannan St. San Francisco, CA 94103, USA; HTTPS://POLICY.PINTEREST.COM/DE/PRIVACY-POLICY; Pinterest has submitted to the EU-US Privacy Shield, HTTPS://WWW.PRIVACYSHIELD.GOV/PARTICIPANT?ID=A2ZT00000008VVZAAM&STATUS=ACTIVE.
4. HANDLING OF PERSONAL DATA IN CASE OF PROACTIVE USE BY USER
In addition to the purely informational use of our website, we offer various services on our website, which you can use if you are interested and which we will present in the following sections. To do this, you will usually need to provide additional personal information that we use to provide the service.
In part, we use external service providers to process your data in relation to the various services. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored.
Furthermore, we can pass on your personal data to third parties, if campaigns, competitions, contracts or similar services are offered by us together with partners. You will receive more detailed information when entering your personal data or below in the description of the offer.
If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of the consequences.
4.1. Establishing contact
If the user actively contacts us (e.g. by email or by our) the data and information of the user will be stored for the purpose of processing the request as well as in the event that follow-up questions are stored and sent to the responsible clerk (e.g. IT department, legal department, logistics, etc.). The legal basis for the processing of your data in connection with your inquiries is art. 6 para. 1 sentence 1 (f) GDPR.
Depending on the position you are applying for, there is the option to send your documents either by email or by mail. On the basis of your consent, we process the following data:
If you are applying by email or by mail, please send us a cover letter, your CV and certificates relevant to the vacancy. All data provided by you (such as the personal data transmitted by email or mail or other personal data collected during the application process) (“DATA”) will be collected, stored and processed solely for the purpose of processing your application. Only employees of the HR department and the employees of the respective department to which you are applying have access to your DATA. All persons involved in the processing of your application are required to maintain data secrecy. You may revoke your voluntary consent to the processing of your DATA at any time, without stating any reasons and with future effect (for example, by email to the contact details specified in the invitation to tender). If your application is successful, all data will be processed further in the scope of the employment relationship with you; further information can be found in our employee information on data protection. If your application is unsuccessful, all of your DATA will be stored for a further 3 months (from the date of cancellation, including in the case of rejection, received before this deadline), in order to answer any questions related to your application and / or rejection, and subsequently deleted; applications submitted by mail will either be returned to you by mail or destroyed.
4.3. Processing personal data on the basis of our legitimate interests
We also process the personal data provided during registration and ordering (your name, email address, telephone number) in order to improve our products and services. In addition, we also process the named data categories for internal statistical and operational purposes, e.g. demographic, user, user interests. Furthermore, the mentioned categories of data shall also be processed for investigation, precaution, defense or other measures with regard to the non-compliance of this data protection statement, illegal actions, suspected fraud or to take measures in situations in which there is a risk of violation of our legal rights or the rights of other persons.
On the basis of your voluntarily given consent to receive the newsletter and after confirmation of the double-opt-in-mail by clicking on the button it contains, your e-mail address and your IP address, your first name and optionally your last name SSI, your date of birth, gender, country of residence and desired language will be processed for the purposes of sending (i) marketing and product information related to goods and services from the SSI range, (ii) personalized promotional information and news tailored to your interest categories and according to your website usage (e.g. frequent visits to products within your selected interest categories and geolocation), (iii) satisfaction surveys on SSI services and advice, (iv) needs analyses, (v) competitions, coupons, discounts and sweepstakes, and (vi) electronic greeting cards. After your confirmation of the registration, we will save your email address and, if applicable, the voluntarily provided data for the purpose of sending the newsletter. The legal basis for the data processing in connection with the registration and the receipt of our newsletter is art. 6 para. 1 sentence 1 (a) GDPR.
To register for our newsletter, we use the so-called double opt-in procedure. This means that after you have registered, we will send you an email to the provided email address, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within [24 hours], your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and the times of registration and confirmation. The purpose of the procedure is to prove your registration and, if necessary, to clarify possible misuse of your personal data. The legal basis for data processing in this context is art. 6 para. 1 sentence 1 (f) GDPR.
Personal data collected during the newsletter registration will not be passed on to third parties for marketing purposes.
You may revoke your consent to receiving newsletters at any time without stating reasons and for future effect (for example, via a link at the end of each newsletter or by emailing marketing@diveSSI.com) for all or individual purposes.
If you forward our newsletters to third parties, you are required to comply with legal requirements and seek the prior consent of the recipient. If a third party raises claims against us for the forwarding of a newsletter by you, you will indemnify and hold us harmless in respect of all related claims, including penalties and costs of legal defense.
We use Facebook lead ads on SSI Facebook websites, such as: SSI (@diveSSI), SSI Freediving (@SSIFreediving) SSI XR/TXR (@SSI.XR.TXR), so that you can sign up to our newsletter via Facebook. Registration via the form is not effective until you activate the confirmation link in the received confirmation email. When registering, only your personal data stored on Facebook or voluntarily entered by you on the form, such as the email address and your name, and optionally the city, address, age, etc. We exclusively use the personal data provided for the dispatch of our newsletter described specifically above by email to you, if you have expressly consented. You may revoke your consent to receive newsletters at any time, without stating reasons, and with future effect.
The legal basis for data processing in this context is art. 6 para. 1 sentence 1 (f) GDPR.
5. TRANSFER OF YOUR PERSONAL DATA TO THIRD PARTIES
We also transmit your personal data in the required and permissible scope to external vicarious agents or service providers. In the event of collaboration with third parties, SSI will enter into privacy agreements with these to ensure that user information is used in accordance with the SSI data protection guidelines:
- to IT service providers and / or providers of data hosting or data processing or similar services;
- to other service providers, suppliers of tools and software solutions, who also support us in the provision of our services and act on our behalf (including providers of marketing tools, marketing agencies, communications service providers and call centres);
- to group companies of the HEAD group (a list of our group companies to which personal data are transmitted can be found HERE) for performance of the contract due to an existing legitimate interest and fulfillment of legal obligations;
- to any third parties involved in fulfilling our obligations to you (payment service providers in payment processing in the online store, banks for payment processing);
- to other external third parties to the necessary extent (for example, auditors, insurance companies if an insured event occurs, legal representatives should the situation arise etc.);
- to public authorities and other public bodies to the extent required by law (such as tax authorities etc.);
- to industry partners, subject to user consent, user data may be shared with partners within the diving industry for the purpose of personalised advertising for diver education, products and services. These include, but are not limited to, dive insurance advertising, divers' memberships, travel, educational programs and events promotions that are conducted by dive centers or SSI partners, etc. In addition, users of MySSI Equipment can enter planned equipment purchases and specific equipment preferences, which may be passed oin as aggregated data to manufacturers of the equipment concerned, or the individual interests specified in the Dive Log and Dive Sites sections, may be used to provide personalised diving travel offers.
6. TRANSFER OF YOUR PERSONAL DATA TO THIRD PARTIES OUTSIDE THE EU/EEA
We transmit your personal information to SSI Service Center/contractual partners outside of the EU/EEA for the verification of your SSI education and certification, provision of our services, operation of the website, processing of your order, the maintenance of our IT systems and software, etc. However, such a transfer does not alter our obligation to protect your personal data under this data protection statement. If your personal information is transmitted outside of the EU/EEA, we will provide adequate security by transferring to countries that have an appropriate level of protection, as confirmed by the EU Commission, or other appropriate safeguards. You can see a copy of the appropriate safeguards online.
The SSI website www.divessi.com, including its subdomains and micro-sites, operates in encrypted https-format. We also take reasonable technical and organizational security measures to protect your personal data from unintentional or unauthorized deletion,alteration or loss, theft, and unauthorized viewing, disclosure, reproduction, use, modification or access. In addition, we and our employees are obliged to observe data secrecy and non-disclosure. Likewise, assistants agents and agents of the SSI and/or HEAD group, who need access to your personal information in order to perform their professional duties, will be granted access and will be subject to the same obligations to observe data secrecy and non-disclosure.
The personal data processed through our website will be deleted if it is no longer necessary for the purposes for which it was collected or otherwise processed. If the processing is based on your consent, we will retain this information as long as you do not revoke your consent.
Personal data shall be kept until the expiry of the guarantee, warranty, statute of limitations and statutory retention periods applicable to the responsible party, generally 10 years or beyond the termination of any legal disputes in which the data is required as evidence. If the processing is based on your consent, we will save this data as long as you do not revoke your consent.
The (restricted) processing of personal data for purposes of fulfilling the statutory archiving and retention obligations is based on art. 6 para. 1 sentence 1 (c) GDPR.
You have the follwing rights:
- You have the right to access and receive a copy of the personal data we process about you (art. 15 GDPR);
- If the personal data is incorrect or no longer up-to-date, you have the right to correct it (art. 16 GDPR);
- Furthermore, you also have the right to deletion (“right to be forgotten”) of your data (art. 17 GDPR);
- You may also revoke your consent to the processing of personal data with effect for the future if the processing is based on your consent (art. 7 para. 3 GDPR);
- In addition, you have the right to data portability (art. 20 GDPR). This only applies to data that has been made available on the basis of consent or if the processing of the data is required to fulfill a contract and if the processing is done using automated procedures;
- Ultimately, you have the right to demand that we restrict the processing of your data (art. 18 GDPR), but this only applies in the following situations:
- The accuracy of your personal information is disputed by you for a period of time that allows us to verify the accuracy of your personal data;
- The processing is unlawful and you decline the deletion of the personal data and instead request the restriction;
- We no longer need your personal information for processing, but you need it to assert, exercise or defend your rights;
- You objected to the processing based on our legitimate interests and we have not yet determined whether or not there are legitimate reasons on our part that supersede yours.
- You have the right not to be subjected to a decision based solely on automated processing – including profiling – that has legal effect on you or, in a similar manner, significantly affects you (art. 22 GDPR).
- You also have the right to lodge a complaint with your local data protection authority (HTTPS://WWW.LDA.BAYERN.DE/DE/BESCHWERDE.HTML), if you believe that the processing of personal data that concerns you violates the valid data protection laws (art. 77 GDPR).
Before you lodge a complaint with the data protection authorities, or if you have questions, you may also contact us:
SSI International GmbH
Tel.: +49 (0)9129 9099380
Data Protection Officer
Your right to object (art. 21 GDPR)
You have the right, at any time, to object to the processing of the personal data concerning you which is based on art. 6 para. 1 (e) or (f) on grounds relating your particular situation; this also applies to profiling based on these provisions. In this case, we ask you to explain the reasons why processing should be stopped in the future. The responsible party shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or the processing is for the purpose of enforcing, pursuing or defending legal claims. The data subject may at any time object to the use of their data if the processing is for direct marketing purposes.
In order to process your request for your above-mentioned rights and to ensure that personal data is not disclosed to unauthorized third parties, please direct the request in a way that clearly identifies you and with a short description of the scope of the exercise of your above listed rights.
APPENDIX – LIST OF SSI SERVICE CENTERS
An overview of the SSI Service Centers worldwide can be found here: HTTPS://MY.DIVESSI.COM/SSI