Never Miss Out Again!
Sign up for our newsletter to stay up to date with the latest HI-MACS® design trends and news.
LG Hausys Europe GmbH General Privacy Policy
LG Hausys Europe GmbH (“LG Hausys Europe” or the “Company”), a Germany subsidiary of LG Hausys, Ltd. (“LG Hausys”) in South Korea, collects, uses and is responsible for certain personal information about you. When we do so we are regulated by the General Data Protection Regulation (‘GDPR’) which applies across the European Union, and thereon, we may be responsible as controller of that personal information for the purposes of those laws.
LG Hausys is in the business of manufacturing, buying, selling and servicing of certain goods and services, and LG Hausys Europe is a sales subsidiary for some of those goods and services for Europe. LG Hausys Europe currently services for Solid Surface Materials (aka HI-MACS), Automotive and Deco Films. In response to the relevant laws and regulations and foremost, by furtherance of good business ethics, LG Hausys Europe is committed to safely protecting your personal data given to us, and we promise that we will only use your personal data for the purpose(s) accepted by you.
LG Hausys Europe collects and processes the minimum personal data required for the furtherance of its commercial interest only. Thereon, LG Hausys Europe will process all personal data only for the purpose specifically stated or otherwise permitted by law. All personal data entrusted with LG Hausys Europe will forever remain confidential to unrelated third parties.
What is personal data?
"Personal data" means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier; or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. [GDPR Clause 1, Article 4]
HIMACS.EU (the “Website”)
Types of Requests Available on the Website ("Contact Us"):
*To provide customers with excellent services, the Company may share certain customer information with its contracted distributor and other business partners. Rest assured, the Company has an internal policy of processing all personal data for the specific purpose as stated or permitted by law. For certain business cases or requests, the Company’s Country Manager or Project Manager will make reasonable business decisions to transfer relevant personal information to the distributors and other business partners for the furtherance of commercial objectives. To adequately comply with your request, the Company may ask you for more information as it becomes necessary.
Providing Newsletters to Subscribers ("Request for Newsletter")
SALESFORCE.COM (the “CRM”)
* Salesforce.com is a U.S.-based CRM (Customer Relationship Management) system used by the Company. All personal data collected via himacs.eu or over the ordinary course of business for HI-MACS will be either automatically uploaded by means of an automatic connection between the databases (himacs.eu and Salesforce) or direct input by an authorized personnel.
DIRECT SALES
*"Direct Sales" refers to any and all traditional and ordinary course of business taken off-line. However, some referral may be made directly by a source using e-mail system. Any and all referrals and traditional business methods, such as exchanging of business cards, phone calls, on-the-ground business transactions, exhibitions and trade shows, etc., will be considered as direct sales.
NEWSLETTER SERVICES / MEDIA ALERTS
GENERAL APPLICABILITY
The Company collects and processes your personal data on the grounds of one or more of the lawful bases permitted under the laws and regulations (such as performance of contract, legitimate interest of the Company, required by law, etc.).
2. Personal Data Retention Policy
The Company conforms to the data retention period as permitted or required by law. However, if one is not clearly specified or managed by law or regulation, then the Company shall reasonably set the retention period as its internal policy. When and if the data subject makes a request for deletion of some or all of his or her personal data, then the Company will do so without undue delay unless other reasonable ground exist.
Please refer to the Company Personal Data Retention Policy for further details. As a general standard, LG Hausys Europe does not retain personal data for longer than the period necessary. As a general rule, the three-year mark is considered as the point of deletion for unused personal data, absent other reasonable grounds to further retain such data. In short, if LG Hausys Europe does not use your personal data for 3 years, then it will be deleted automatically.
For statistical purposes, in the interest of commercial objectives, the Company may safely archive expired or terminated personal data by anonymizing such data (meaning no one will be able to identify the data subject).
The Website
Newsletter Service / Media Alerts
The CRM
3. Matters Regarding Transfer of Your Personal Data to a Third-Party
The Company, in order to efficiently process and safeguard data, processes or transfers applicable data to its affiliates and external service providers. All personal data provided hereunder shall only be collected and processed for the purpose(s) accepted by you.
For any personal data being processed and transferred to a third party or internationally, absent unique situation, the Company shall process only under the Article 6(1)(b), ("processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a Contract") and/or Article (6)(1)(f), ("processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child"), or by other meands permitted by law.
Data Being Collected and/or Processed (Based on Request or Situation) |
Recipient |
Recipient’s Purpose for Processing of Personal Data |
Distinction (third party/consignment) |
Name, E-Mail, Address, Language, Country, Zip-Code, Phone Number, Business Name, Business Address, or other information necessary to fulfill the request |
Royalkomm, Internet X |
Ordinary Website (himacs.eu) features and to utilize functions therein |
Consignment |
Name, E-Mail, Address, Language, Country, Zip-Code, Phone Number, Business Name, Business Address, or other information necessary to fulfill the request |
Salesforce |
Ordinary CRM features |
Consignment |
|
MailChimp |
External e-mail (Thank You, Newsletters, Mass Notices, etc.) |
Consignment |
Name, E-Mail, Address, Language, Country, Zip-Code, Phone Number, Business Name, Business Address, or other information necessary to fulfill the request |
Company's Distributors and other business partners |
To fulfill commercial requests made by the potential, actual or existing business customers |
Third party |
E-Mail, Name |
LG Hausys, Ltd. and its approved processors |
As part of the LG Hausys global network, LG Hausys Europe uses its internal systems to conduct ordinary business operations (internal e-mail, etc.) |
Consignment |
Name, E-Mail, Address, Language, Country, Zip-Code, Phone Number, Business Name, Business Address, or other information necessary to fulfill the request |
LG Hausys, Ltd. |
Answers to questions, sample shipping and product tests that the Company cannot handle. |
Consignment |
*ASSIGNMENT: In the case of mergers and acquisitions or effects similar thereto, the Company will either transfer the personal data it has retained up to such transaction to its merging entity or maintain it until other corporate changes occur. In applicable cases, where your rights may be affected, you will be notified of such applicable changes in processing.
4. Matters Regarding International Transfers of Personal Data
The Company may transmit collected personal data to countries outside of the EEA (European Economic Area) in the following cases:
Recipient |
Data Being Collected and/or Processed (Based on Request or Situation) |
Receiving Country and Transmission Method |
Recipient's Purpose for Use and Data Retention Period |
Salesforce |
Name, E-Mail, Address, Language, Country, Zip-Code, Phone Number, Business Name, Business Address, or other information necessary to fulfill the request |
Country: U.S. Method: Database connection and manual input |
To maintain and process customer/other business-related contact information / Data retention period as specified under “2. Period of Storing and Using Personal Data” |
MailChimp |
|
Country: U.S. |
Please refer to the MailChimp’s mailing service provisions and its privacy policy at |
LG Hausys, Ltd. and its approved processors |
Name, E-Mail, Address, Language, Country, Zip-Code, Phone Number, Business Name, Business Address, or other information necessary to fulfill the request |
Country: Republic of Korea Method: Transmitted via internal systems ( e-mail, etc) |
Respond to questions or issues, entering into a contract or taking steps to enter into a contract, shipping samples, and conducting product tests that the Company cannot handle by itself/3 month data retention |
5. Matters Regarding Automated Decision-Making and Profiling
The Company currently does not use any type of automated decision-making such as profiling or others having similar or substantial effects on a data subject. If this should change, this General Privacy Policy shall be revised accordingly to notify the users of the details of such changes.
6. Complying with Requests Related to the Rights of the Data Subject under Privacy/Data Protection Laws and Regulations.
In accordance with the rights provided by the GDPR and other relevant laws and regulations, you can request the following from the Company:
The above forms are only applicable when and if the Company has any personal data related to you. The Company may refuse to comply with your request when there is a need to process your personal data for certain lawful purposes (performance of contract, required by law, etc.) or the Company has an overriding legitimate interest to process it.
If you want to make a request as mentioned above, you can download the respective form from https://himacs.eu/en/rights-data-subject and submit such a request to the gdprweb@lghausys.com. In order for us to process your request, you must fill-in all required information and are strongly encouraged to fill-in additional information reasonably related to your request.
For all requests, the Company is to use only the contact information already within the CRM or in other applicable databases. As the Company requires an e-mail address for all commercial requests, such e-mail address will be the primary contact information to be used. If additional contact information is available, such as a phone number or address, then such methods may be used to verify the identity of the requester. When an e-mail address is used that is different from the one the Company has, then the Company will ask for verification of the requester’s identification.
In the case of a request received from a proxy, the Company will only process such request once the identity of the proxy has been verified (photo ID, etc.) and a lawful power of attorney has been received.
The standard processing time permitted by law is to respond within 30 days of the request. If the Company cannot process such a request within the permitted time period, then you will be notified with the reasons for the delay and the anticipated delivery date. When abusive, excessive, and/or repetitive requests are made, the Company may charge reasonable administrative fees to process such requests.
7. Matters Regarding Technical Protection Measures
The Company devises the following technical protection measures to implement safeguards so that your personal data does not get lost, stolen, leaked, falsified or damaged during processing.
1. Measures against hacking, etc.
The Company uses antivirus software to prevent its PCs that are processing your personal data from being infected with a virus and periodically improves weaknesses in its systems by conducting penetration testing where applicable. Furthermore, security mechanisms (SSL, etc.) are employed to transmit personal data safely over the network used by the Company.
2. Storage of access records
The Company secures traceability by storing and managing records (web logs, summarized information, etc.) of access to the personal data processing system. There is no active monitoring of such records, and such records will be used when there is an issue or to take preventative measures.
3. Restrictions on access to personal data
The Company actively manages the permissions of each access group, both of its employees and its business partners, to sufficiently implement reasonable measures against data protection. Such actions may include granting, changing, and terminating one’s access. The Company only permits a small number of authorized employees to hold such management roles. Any and all creation, deletion and changes related to access will be recorded in accordance with the Company’s internal policy.
4. Deletion of personal data
The Company regularly deletes personal data, whose purpose of use has expired, from the applicable databases.
The above protection measures do not guarantee perfect security. However, the Company will act diligently to prevent further damage, when there is an actual or suspected personal data breach.
8. Matters Regarding Cookies
The Company uses “cookies” that store and retrieve your personal data frequently to provide you with a more comfortable homepage environment.
- What are cookies?
Cookies are very small test files that the server used to operate a homepage sends to your browser. They are sometimes stored on your computer’s hard disk.
- Purposes of using cookies.
To provide a faster web environment to you by storing your preferred settings, etc., and to improve services.
- Cookies settings
You can choose whether to install cookies or not. In other words, you can allow all cookies, go through confirmation whenever cookies are to be stored, or reject storage of any cookies by means of the seetings in your web browser.
- Google Analytics
The Website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies, which are text files placed on your computer, to help the Website analyze how users use the site. The information generated by the cookie about your use of the Website (including your IP address) will be transmitted to and stored by Google on servers in the United States . Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for Website operators and providing other services related to website activity and Internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings in your browser. However, please note that if you do this you may not be able to use the full functionality of this Website. By using this Website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
Please see the following for more details on how to check, manage and delete cookies on your computer: http://www.allaboutcookies.org.
9. Responsibility for Data Protection
■ LG Hausys Europe GmbH
- Address: Lyoner Str. 15, 60528 Frankfurt am Main, Germany
- Phone: +49-69-583-029-469
- E-mail: gdprweb@lghausys.com
■ Department in charge of data processing and protection for HI-MACS products/services and the Website
- Department: LG Hausys Europe GmbH, HI-MACS Team
■ LG Hausys Europe Data Protection Officer
- Name: IBS data protection services and consulting GmbH, Dr. Michael Foth
- Address: Zirkusweg 1, 20359 Hamburg, Germany
- Phone: +49-(0)40-696-985-24
- E-mail: info@ibs-data-protection.de
■ To file a complaint with the supervisory authority in Hessen, Germany:
If you need damage relief or a consult on infringement of your personal data, you can contact the following institution.
※ The following institution is a public body and is separate from the Company. If you are not satisfied with the result of the Company’s response to your claims or complaints, or need more specific assistance, please contact the following:
* Supervisory authority in Hessen, Germany
- Name: Der Hessische Datenschutzbeauftragte
- Phone: +49-06-11-140-80
- Fax: +49-06-11-14-08-900
- E-mail: poststelle@datenschutz.hessen.de
- Website: http://www.datenschutz.hessen.de
This Privacy Policy takes effect on May 25, 2018.