Data Protection Declaration of the Faber-Castell Group

1. Data protection at a glance

The protection of your privacy is very important to us and we wish to be certain that at all times your data are secured when using our website.

The Data Protection Declaration of the Faber-Castell Group applies to all websites for which German companies of the Faber-Castell Group are responsible. Websites of the Faber-Castell Group may contain links to other companies to which our Data Protection Declaration is not applicable.
The Faber-Castell Group ensures the privacy of your personal data in that our employees are bound to confidentiality, our security measures correspond to the current state of technology, and our operational data protection officer as well as our internal auditors assure compliance with our "Data Protection Declaration".
General notices
The following notices provide a simple overview of what happens to your personal data when you visit our website. Personal data are all data with which you can be personally identified. You can find more detailed information on data protection in this text under our Data Protection Declaration.
Data collection on our website
Who is responsible for data collection on this website?
The data processing on this website is performed by the website operator. You can find the contact data for the operator in the Imprint of this website.
How do we collect your data?
Your data are partially collected in that you provide them to us. This may involve, for example, data that you enter into a contact form.
Other data are collected automatically by our IT system upon visiting our website. They are largely technical data (e.g. internet browser, operating system or time the site is viewed). The collection of this data is done automatically as soon as you enter our website.
How do we use your data?
The personal data that you provide to us through a website (e.g. name, address, email address) are processed only for correspondence with you and only for the purpose for which you voluntarily provided the data to us (e.g. via the input mask). This data is processed initially in order to respond to your enquiry. Part of the data is collected in order to ensure error-free operation of the website. Other data can be used for an analysis of your user behaviour.
In addition, we will use this data in accordance with the statutory framework conditions in order to inform you of new products and services and other potentially interesting functions. You can object at any time to this use of your personal data. We assure you that we do not disclose your personal data to third parties unless we are obliged to do so by law or you have given us your prior consent. If we make use of service providers in the implementation and performance of processing procedures, the contract relationships are structured on the basis of the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (“FDPA”) and of the Telemedia Act (“TMA”).
What rights do you have regarding your data?
At all times you have the right to receive free information on the source, recipients and purpose of your stored personal data. In addition, you have a right to demand the rectification, blocking or erasure of this data. In this regard as well as for other questions on data protection, at all times you can you contact our data protection officer, whose contact data is found under Section 3 of this Data Protection Declaration. In addition, you have a right to file a complaint with the competent supervisory authorities. The contact data of the supervisory authorities can be found under Section 2 of this Data Protection Declaration.
Analysis tools and tools from third parties
Your surfing behaviour can be evaluated for statistical purposes upon visiting our website. This is done with cookies and with so-called analysis programmes. As a rule, the analysis of your surfing behaviour is performed anonymously; the surfing behaviour cannot be traced to you. You can object to this analysis or prevent it through the non-use of certain tools. You can find details in our Data Protection Declaration under the heading “Third party modules and analysis tools”.
You can object to this analysis. We inform you of your objection options in this Data Protection Declaration.

2. General notices and obligatory information

Data protection
The operator of this site takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations as well as in accordance with this Data Protection Declaration.
When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This Data Protection Declaration explains which data we collect and for what purpose we use it. It also explains how and for what purpose this happens.
We point out that data transmission in the internet (e.g. when communicating by email) may have security gaps. Complete protection of data from third party access is not possible.
Notice to the controller
The controller of data processing for this website is:
Faber-Castell Aktiengesellschaft 
Nürnberger Straße 2 
90546 Stein 
Telephone: +49 (0) 911 9965-0
FAX: +49 (0) 911 9965-5856
Email: info@faber-castell.de
The controller is the natural or legal person, which, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, email addresses and similar data).
Revocation of your consent to data processing
Many data processing procedures are possible only with your express consent. At any time you may revoke your already issued consent. An informal notification by email to us is adequate. The lawfulness of the data processing performed until revocation remains unaffected.
Right to file a complaint with the competent supervisory authorities
In the event of a data protection infringement, the data subject has a right to file a complaint with the competent supervisory authorities. The competent supervisory authority in data protection questions is the state data protection officer of the state in which our company has its domicile. 

For the Faber-Castell Group this is:
Bayerisches Landesamt für Datenschutzaufsicht
Promenade 27 (Schloss)
91522 Ansbach 
Germany
Telephone: +49 (0) 981 53 1300
Telefax: +49 (0) 981 53 98 1300
Email: poststelle@lda.bayern.de

SSL and TLS encryption
This site uses a SSL and TLS encryption for security reasons and for protection of the transmission of confidential content, as for example orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection in that the address line of the browser changes from “http://” to “https://” and on the lock symbol in your browser line.
When the SSL or TLS encryption is activated, the data which you transmit to us cannot be read by third parties.
Encrypted payment transactions on this website
If there is an obligation to transmit your payment data (e.g. account number for a direct debit authorisation) after conclusion of a purchase contract, this data is necessary for completion of payment.
Payment transactions via common payment means (Visa/MasterCard, direct debiting) are made exclusively via an encrypted SSL or TLS connection. You can recognise an encrypted connection in that the address line of the browser changes from “http://” to “https://” and on the lock symbol in your browser line.
When the SSL or TLS encryption is activated, the data which you transmit to us cannot be read by third parties.
Information, Blocking, Erasure
Within the framework of statutory provisions, at all times you have the right to free information on your stored personal data, its source and recipients and the purpose of the data processing and, if applicable, a right to rectification, blocking or erasure of this data. In this regard as well as in other questions concerning personal data you can contact us at any time at the address provided in the Imprint.
Objection to marketing mails
We expressly object to the use of contact data published within the framework of our Imprint obligation for the sending of marketing and information materials. The operator of the site expressly retains the right to take legal steps in the event of the sending of unrequested marketing materials, for example through spam emails.

3. Data protection officer

Data protection officer prescribed by law
We have appointed a data protection officer for our company.
Faber-Castell Aktiengesellschaft 
Data protection officer
Nürnberger Straße 2 
90546 Stein 
Telephone: +49 (0) 911 9965-0
FAX: +49 (0) 911 9965-5856
Email: datenschutz@faber-castell.de
The contact data of the data protection officer has been registered with the competent data protection supervisory authorities.

4. Data collection on our website

Microsoft Bing Ads
On our pages, we use the conversion tracking of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Microsoft Bing Ads stores a cookie on your computer if you have accessed our website via a Microsoft Bing ad. In this way, Microsoft Bing and we can recognise that someone has clicked on an ad, been redirected to our website and reached a previously determined target page (conversion page). We only learn the total number of users who clicked on a Bing ad and were then redirected to the conversion page. No personal information about the user's identity is shared.
If you do not want information about your behaviour to be used by Microsoft as explained above, you can refuse the setting of a cookie required for this - for example, by means of a browser setting that generally deactivates the automatic setting of cookies. You can also prevent the collection of data generated by the cookie and related to your use of the website, as well as the processing of this data by Microsoft, by clicking on the following link 
https://account.microsoft.com/privacy/ad-settings/signedout?lang=en-en.   
to declare your objection. Further information on data protection and the cookies used by Microsoft and Bing Ads can be found on the Microsoft website at 
https://privacy.microsoft.com/en-en/privacystatement.

Bing Universal Event Tracking (UET)
On our website, data is collected and stored using Bing Ads technologies, from which usage profiles are created using pseudonyms. This is a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. This service enables us to track the activities of users on our website if they have reached our website via ads from Bing Ads. If you arrive on our website via such an ad, a cookie is set on your computer. A Bing UET tag is integrated on our website. This is a code which, in conjunction with the cookie, stores some non-personal information about your use of the website. This includes, among other things, the length of time spent on the website, which areas of the website were accessed and via which advertisement the users arrived at the website. Information about your identity is not collected.
The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days. You can prevent the collection of data generated by the cookie and related to your use of the website, as well as the processing of this data, by deactivating the setting of cookies. This may restrict the functionality of the website under certain circumstances.
In addition, Microsoft may be able to track your usage behaviour across multiple electronic devices through cross-device tracking, which enables Microsoft to display personalised advertising on or within Microsoft websites and apps. You can disable this behaviour at http://choice.microsoft.com/en-en/opt-out
For more information about Bing's analytics services, please visit the Bing Ads website (https://help.bingads.microsoft.com/#apex/3/en/53056/2). For more information about Microsoft and Bing privacy, please see Microsoft's privacy policy (https://privacy.microsoft.com/en-en/privacystatement).

Google DoubleClick
This website uses features of Google DoubleClick. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland, (hereinafter “DoubleClick”).
DoubleClick is used to show you interest-based ads across the Google Network. Advertisements can be tailored to the interests of the viewer using DoubleClick. For example, our ads may appear in Google search results or in banners associated with DoubleClick.
To be able to display interest adequate promotional content to users, DoubleClick must recognize the respective visitor so that it can allocate the websites visited, the clicks and other user pattern information to the user. To do this, DoubleClick deploys cookies or comparable recognition technologies (e.g., device fingerprinting). The recorded information is consolidated into a pseudonym user profile so that the respective user can be shown interest adequate advertising.
The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time.
For further information on how to object to the advertisements displayed by Google, please see the following links: https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated

Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior patterns of website visitors. To that end, the website operator receives a variety of user data, such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. This data is summarized in a user-ID and assigned to the respective end device of the website visitor.
Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics uses various modeling approaches to augment the collected data sets and uses machine learning technologies in data analysis.
Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting). The website use information recorded by Google is, as a rule transferred to a Google server in the United States, where it is stored. The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/

Browser plug-in
You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en
For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at:
https://support.google.com/analytics/answer/6004245?hl=en

Contract data processing
We have executed a contract data processing agreement with Google and are implementing the stringent provisions of the data protection agencies to the fullest when using Google Analytics.
Google Analytics E-Commerce-Tracking
This website uses the “E-Commerce Tracking” function of Google Analytics. With the assistance of E-Commerce Tracking, the website operator is in a position to analyze the purchasing patterns of website visitors with the aim of improving the operator’s online marketing campaigns. In this context, information, such as the orders placed, the average order values, shipping costs and the time from viewing the product to making the purchasing decision are tracked. These data may be consolidated by Google under a transaction ID, which is allocated to the respective user or the user’s device.
Clarity
This website uses Clarity. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 (USA), https://docs.microsoft.com/en-us/clarity/ (hereinafter referred to as “Clarity”).
Clarity is a tool to analyze user patterns on this website. Clarity records in particular cursor movements and compiles graphics that show on which parts of the website users are scrolling with great frequency (heatmaps). Clarity can also record sessions so that we can watch the use of the site in the form of videos. Moreover, we receive information on the general user conduct within our website.
Clarity uses technologies that make it possible to recognize users for the purpose of analyzing user patterns (e.g., cookies or use of device fingerprinting). Your personal data will be archived on Microsoft servers (Microsoft Azure Cloud Service) in the United States.
If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6(1)(a) GDPR. Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of Art. 6(1)(f) GDPR; the website operator has a legitimate interest in the effective analysis of user patterns. 

For more details on Clarity’s data privacy policy, please see: 
https://docs.microsoft.com/en-us/clarity/faq

Data processing
We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
Quantcount
We use on our site the service Quantcount of the company Quantcast Corp, 795 Folsom Street, CA 94107 San Francisco, United States, e-mail: privacy(at)quantcast.com, website: https://www.quantcast.com/. The processing also takes place in a third country for which there is no Commission adequacy decision. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.
The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website. You can revoke your consent at any time.
The service collects information about your user behaviour on our site and processes this for us as part of a technical analysis of user behaviour.
If you do not want us to collect and use information about your use of the website in this way, you can object to this via the following link (known as an "opt-out"): https://www.quantcast.com/opt-out/. For this purpose, a corresponding opt-out cookie will be set for you, which does not contain any data suitable for tracking, but merely makes it possible to recognise your objection to the collection of data so that it is no longer carried out.
Further information on the handling of the transmitted data can be found in the provider's privacy policy at https://www.quantcast.com/privacy/

Quantcount
We use on our site the service Quantcount of the company Quantcast Corp, 795 Folsom Street, CA 94107 San Francisco, United States, e-mail: privacy(at)quantcast.com, website: https://www.quantcast.com/. The processing also takes place in a third country for which there is no Commission adequacy decision. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.
The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website. You can revoke your consent at any time.
The service collects information about your user behaviour on our site and processes this for us as part of a technical analysis of user behaviour.
If you do not want us to collect and use information about your use of the website in this way, you can object to this via the following link (known as an "opt-out"): https://www.quantcast.com/opt-out/. For this purpose, a corresponding opt-out cookie will be set for you, which does not contain any data suitable for tracking, but merely makes it possible to recognise your objection to the collection of data so that it is no longer carried out.
Further information on the handling of the transmitted data can be found in the provider's privacy policy at https://www.quantcast.com/privacy/. 

Quantserve
We use on our site the service Quantserve of the company Quantcast Corp., 795 Folsom Street, CA 94107 San Francisco, United States, e-mail: privacy.qil(at)quantcast.com, website: https://www.quantcast.com/. The processing also takes place in a third country for which there is no Commission adequacy decision. Therefore, the usual level of protection for the GDPR cannot be guaranteed for the transfer, as it cannot be ruled out that in the third country, e.g. authorities can access the collected data.
The legal basis for the transmission of personal data is your consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website. You can revoke your consent at any time.
This service is an analysis tool that allows us to monitor surfing behaviour on our site. 
If you do not want us to collect and use information about your use of the website in this way, you can object to this via the following link (known as an "opt-out"): https://www.quantcast.com/opt-out/. For this purpose, a corresponding opt-out cookie will be set for you, which does not contain any data suitable for tracking, but merely makes it possible to recognise your objection to the collection of data so that it is no longer carried out.
Further information on the handling of the transmitted data can be found in the provider's privacy policy at https://www.quantcast.com/privacy/.

Vimeo
Our website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our pages equipped with a Vimeo plugin, for example our media library, a connection to the Vimeo servers is established. This tells the Vimeo server which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged in to Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the USA.
If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Vimeo account.
For more information on the handling of user data, please refer to the Vimeo privacy policy at: https://vimeo.com/privacy.  

 

9. Changes to this Data Protection Declaration

We reserve the right to change or supplement this Data Protection Declaration as needed. We shall publish the changes here. Accordingly, you should regularly visit this website in order to be informed on the current state of this Data Protection Declaration.

As at: September 2022

Contact
More questions? 

Please contact the data protection officer of the Faber-Castell Group at the following address: 

Faber-Castell Aktiengesellschaft 
Data protection officer
Nürnberger Straße 2 
90546 Stein 
Telephone: +49 (0) 911 9965-0
Email: datenschutz@faber-castell.de