Privacy Policy

1. Introduction

LX Hausys Europe GmbH (“LXHSEG”, “we”, “us”, “our”) is a German subsidiary of LX Hausys, Ltd., a global company in the business of manufacturing, buying, selling and providing services for interior and decorative products around the world.

As the data controller, LXHSEG determines the purposes and the means of processing your personal data in accordance with the applicable laws and regulations, specifically the EU General Data Protection Regulation 2016/679 (“GDPR”) and the German Privacy Act (German Bundesdatenschutzgesetz, “BDSG”).

We ensure to take all necessary measures to protect the privacy of your personal information as set forth under this Privacy Policy.

This Privacy Policy applies to www.himacs.eu (“Website”) on how we process and handle any personal information we collect from you, or you provide to us during your visits to the Website.

Please be advised that this Privacy Policy does not apply to any information that is collected in any off-line settings or to information that is posted or provided by third parties.

What is personal data?

"Personal data" means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier; or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. [GDPR Clause 1, Article 4]

2. Contact Details

Data Controller - LX Hausys Europe GmbH

Address: Lyoner Str. 15, 60528 Frankfurt am Main, Germany

Phone: +49-69-583-029-469

E-mail: gdprweb@lxhausys.com

Data Protection Officer for LXHSEG

Name: IBS data protection services and consulting GmbH, Dr. Michael Foth

Address: Zirkusweg 1, 20359 Hamburg, Germany

Phone: +49-(0)40-540-90-97-80

E-mail: dsb@ibs-data-protection.de

If you have any questions about our Privacy Policy, the personal information we hold about you, or you would like to exercise your data protection rights stated below, please do not hesitate to contact us at: gdprweb@lxhausys.com

2. Cookies

Cookies are small text files placed on your computer or mobile device when you visit a website.

2.1 Purposes for the use of cookies

Cookies collect standard Internet log information (technically required purposes) and visitor behavior information (analytical purposes). When you visit our Website, we may collect information from you automatically through cookies to improve your experience on our Website. If cookies are used automatically, the cookies are essential to the proper functioning and display on the website. To ensure security measures, legal obligations or necessary functions so called “essential cookies” are used. The website will not function properly without these cookies or only in parts.

For purposes beyond technically required means, such as statistics or analytical purposes, we ask you for your consent before processing takes place via the consent manager..

For more information on cookies used on the Website, how we use them and how to manage or delete them, please refer to our Cookie Policy for more details.

2.2 Legal Basis for the use of cookies

The essential cookies are set by default on basis to protect overridden legitimate interests pursued to LX Hausys Europe or any third party (Art. 6 para. 1 f GDPR). The legitimate interests are to ensure security measures or legal obligations to demonstrate compliance with the data protection laws. There is no right to object pursuant to Art. 21 GDPR due to the necessity of processing and overridden legitimate interests of security and compliance.

Non-essential cookies are set after your explicit consent, given by accepting all cookies on the “cookie banner respective consent manager”, or making your choice at the “cookie settings”. You can withdraw your consent at any time by changing the choice you made under “cookie settings”, reachable via the following link.

Independently of the website-based cookie control, you may choose whether to install cookies or not. In other words, you can allow all cookies, go through confirmation whenever cookies are to be stored, or reject storage of any cookies by means of the settings in your web browser. Please be aware, that a ban of all cookies in your web browser may have an effect of the website functionality. Without essential cookies it may not be possible to make full use of our website.

For more information on cookies used on the Website, how we use them and how to manage or delete them, please refer to our Cookie Policy for more details.

3. Use and legal basis for Processing

3.1 How We Use your information

We process the data we collect for the following purposes:

• To provide information on our products and services;

• To deliver products samples or services upon your request;

• To complete a transaction or service requested by you;

• To fulfil a warranty or repair request you have submitted;

• To ensure the sites are relevant to your needs and that you experience user-friendly navigation;

• To contact you in response to inquiry forms such as Contact Us, Media Alerts, Request for Newsletter or other enquiries;

• To protect and defend our rights and property, including by way of legal proceedings;

• To ensure compliance with legal obligations and regulatory requirements;

• as well as for any operational purpose, corporate management, public relations or safeguarding security measures based on our legitimate interests.

3.2 Lawfulness of Processing

We process personal data for the purposes described above. LXHSEG's legal basis for processing personal data is based on the data subject´s given consent (Art. 6 para. 1 lit. a GDPR), to perform a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6 para. 1 lit. b GDPR), to comply with a legal obligation to which LX Hausys Europe is subject (Art. 6 para. 1 lit. c GDPR) or to protect overridden legitimate interests pursued to LX Hausys Europe or any third party (Art. 6 para. 1 lit. f GDPR). The legitimate interests could be either the performance of a legal obligation laid down by Non-EU-Law or contractual performances in case of a contract with a third party as well as any operational purpose, corporate management, public relations or safeguarding security measures.

If you give your consent, you can revoke it at any time; the revocation of the consent does not affect the legality of the data processing before the revocation. If you give your consent, we explain how you can revoke it just as easily.

3.3 Newsletter / Media Alerts / Contact form

If you use the contact form, the form to receive media alerts or newsletters, we process your personal data based on your consent as in Art. 6 para. 1 lit. a GDPR. If you wish to withdraw from either media alerts or the newsletter, you may do so with effect for the future, as laid out in Art. 7 GDPR.

When you subscribe to the newsletter service via the "Contact Us" page, via the media alerts page or by other means in combination with another commercial request, your data provided therein will be excepted from the deletion. If you unsubscribe from the newsletter service, such service will immediately stop. Thereon, your remaining personal data obtained from the "Contact Us" page will be deleted in accordance with the Company's internal policy as stated above, absent a separate request made by you to immediately delete.

If you only subscribed to the newsletter service (using the Newsletter tab and not through ‘Contact Us’) and you choose to unsubscribe, the newsletter service will immediately stop, and your personal data provided therein will be deleted within 30 days.

If you made a request to only receive applicable media alerts (using the Website's "Newsroom" or via direct request to the Company’s marketing manager) and you choose to no longer receive such alerts, the media alerts will immediately stop, and your personal data provided therein will be all deleted within 30 days.

To avoid any doubt, if you made any other type of request, then your duplicate personal information may be excepted for the purpose provided therein.

If you use the contact form or the form for media alerts and/ or the newsletter, we may ask you for authentication for technical security reasons.

3.4 Virtual Showroom

When you access our virtual showroom (HI-MACS® Showroom), you have the option to start a live session if available. By clicking on the "Join Session" button, you start a WebRTC connection between your browser and the regional LX Hausys representative. This corresponds to the function of a call via the browser, without the parties needing a telephone. To communicate via audio after the call has been successfully established, you need to activate your microphone. You also have the option to transmit your camera image and make a video call this way. After you have established a connection with the regional LX Hausys representative, you can control the microphone and camera at any time and terminate the session if desired. During your connection, other website visitors will not be able to connect to your call on their own, but the LX Hausys representative can invite additional participants with your permission (conference). The processing of your personal data (IP address, audio/video communication) is carried out for the purpose of establishing the connection and communication via web session, with your prior, explicit consent pursuant to Art. 6 (1) lit. a GDPR. You give your consent by starting the live session and you can withdraw it at any time with effect for the future by leaving the live session. Your data will only be stored for the duration of the connection.

There is no contractual or legal obligation to provide your data, but without the IP address and at least the transmission of audio data, no communication via the Live Session may be established.

4. Disclosing your Personal Information to third parties

Disclosing your personal data is only made in case we have a sufficient legal basis, such as your consent or by means of contractual obligations, and appropriate safeguards can be ensured to protect your personal data. If your personal data is transferred to a third country, we will make sure that technical as well as legal requirements for this transfer are met in order to ensure an adequate level of data protection.

(1) Affiliated Companies

We may share your personal information with LX Hausys, Ltd., our parent company located in the Republic of Korea, in order to enhance our services if you madea request on our Website.

(2) Business Partners

Partners whom we work with, to provide you with the services you have requested on the Website. For example, we may share your information with our contractors located in your area to expeditiously process your request.

(3) Service Providers

Carefully selected service providers who help us operate the Website and provide services on our behalf, including without limitation, customer service, maintenance and analysis on data and customer communications.

For example, our periodic e-Mail newsletter is delivered and serviced by a service provider.

(4) Other parties, as required by law or to protect our services

It may be necessary to disclose your data due to a law or to pursue legal claims or by means of a legally binding as well as lawful order from a public authority.

(5) Other parties, based on your explicit consent

In addition to the disclosures described in this data protection declaration, we may pass on data about you to third parties if you separately consented to such disclosure .

5. Retention of Personal Data

Your personal information will be retained for as long as it is reasonably necessary for the purposes listed in this Privacy Policy, if it does not underlie a retention period required by law

Please note that as catch-all-scheme, any unused personal information for a period of 3 years shall be deleted unless there are other deletion periods defined by law or reasonable grounds for different retention periods.

For statistical purposes, in the interest of commercial objectives, the LXHSG may safely archive expired or terminated personal data by anonymizing such data (meaning no one will be able to identify the data subject).

Please contact us for further details of applicable retention periods.

6. Google Analytics

Provided that consent is given by selecting the non-essential cookies “Statistics” in the “cookie settings” or by allowing all cookies, the Website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies, which are text files placed on your computer, to help the Website analyze how users use the site. The information generated by the cookie about your use of the Website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for Website operators and providing other services related to website activity and Internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.

7. Your Rights under EU GDPR & German BDSG

LXHSEG ensures that you are fully aware of all of your data subject’srights.

As the data subject, and depending on the circumstances, you may be entitled to some or all of the following rights under GDPR:

The right to access – You have the right to request access to your personal data. We will provide a copy of your personal information that we process in a commonly used electronic form.
The right to rectification – You have the right to request that we correct any personal information we hold about you. You also have the right to request us to complete the information you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal information we hold about you under certain conditions.
The right to restriction of processing – You have the right to request that we restrict the processing of your personal data under certain circumstances: i) when the accuracy of your information is being contested, processing may be restricted while its accuracy is being verified; ii) when the processing is unlawful, but you chose not to erase the information; iii) where we no longer use your information but it is still required by you for establishment, exercise or defense of legal claims. The right to withdraw your consent previously granted to us.
The right to data portability – Where the lawful basis for the processing is (i) (a) a contract or (b) your consent and (ii) by automated means, you have the right to request that we transfer your personal information that we have collected in a commonly used electronic form to another organization, or directly to you.
The right to object to the processing – You have the right to object to the processing of your personal data under certain circumstances on grounds relating your particular situation, at any time to processing of your personal data which is based on our legitimate interest (Art 6 para. 1 lit. f GDPR). When we process your personal information for any direct marketing purposes, you also have the right to object at any time, and free of charge, to such processing for such marketing. Only if LXHSEG demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
The right to lodge a complaint - If you regard processing of your personal data as unlawful, you also have the right to lodge a complaint with a data protection authority or a Court of competent jurisdiction. If you reside within the European Union, a list of national data protection authorities can be found here: https://edpb.europa.eu/about-edpb/board/members_en.
Matters Regarding Automated Decision-Making and Profiling

LXHSEG currently does not use any type of automated decision-making such as profiling or others having similar or substantial effects on a data subject.

Please be advised that your rights will apply to any personal information relating to you.

If you wish to exercise your data protection rights, please contact us: gdprweb@lxhausys.com

Depending on the circumstances, we will process your request and respond within 30 days upon its receipt. We reserve the right to request verification of your identity for this purpose as permitted under the relevant law and should any specific issue arise, we will inform you accordingly.

“If you want to make a request as mentioned above, you can download the respective form from https://himacs.eu/en/rights-data-subject and submit such a request to gdprweb@lxhausys.com. In order for us to process your request, you must fill-in all required information and are strongly encouraged to fill-in additional information reasonably related to your request.”

7. Transfer outside the EU

We may transfer your personal data to our affiliates, subsidiaries or to other third parties and store it at destination outside the European Economic Area (“EEA”).

Your personal information may also be processed outside the EEA, such as the Republic of Korea and United States in order to fulfill your request on our products and services made via the Website.

To ensure an adequate level of data protection when we transfer your personal information outside the EEA, we will either enter into the European Commission’s Standard Contractual Clauses or implement other make use of other adequate safeguards as described in Art. 46 GDPR.

8. Security & Technical Protection Measures

LXHSEG undertakes continuous efforts to enhance security and operate security solutions to safely protect the privacy of your personal information. In this regard, we run vaccine programs to prevent the devices that are processing your personal information from being infected with a virus. We also grant access to only a limited number of authorized employees on your personal information for proper management and protection the data. In addition, we operate security systems to transmit personal data safely on the network, control incoming/outgoing communications based on predetermined security rules, and block any malicious or unauthorized communications, only to name a few of our security measures.

Despite the foregoing, we cannot guarantee perfect security due to constant evolving technologies. However, we will act diligently to prevent further damages when there is an actual or suspicion of personal data breach. In the event of such an incident and in accordance with the applicable regulations, we will internally document any and all personal data breaches and, as mandated under applicable law, will notify any relevant breaches to the data protection authority and/or the data subjects concerned.

9. Links to third-parties’ sites or applications

This Website may contain links to third-party sites or applications that are operated by companies outside of our control. Your activities on those third-party sites or applications will be solely governed by the privacy policies and procedures of those third parties. LXHSEG takes no responsibility whatsoever for the content or information practices of such third parties and encourage you to review the privacy polices of these third parties before disclosing any information on their sites or applications.

10. Changes to this Privacy Policy

We reserve the right to amend the terms of this Privacy Policy from time to time. We will upload the updated version on the Website for your reference.

Where such changes to our Privacy Policy are substantial, we will also notify you by other means prior to the changes taking effect, such as by sending you an email notification.

11. Contact Us

If you have any questions about our Privacy Policy, the personal information we hold about you, or you would like to exercise your data protection rights stated above, please do not hesitate to contact us at: gdprweb@lxhausys.com

Never Miss Out Again!