Customer service data protection guideline
GIGASET devices and services
Gigaset Communications GmbH and our affiliated companies ("Gigaset", "we", "us", "our") understand how important privacy is to our customers and we endeavour to provide a clear explanation of how we collect, use, disclose, transfer and store your personal data.
At Gigaset, we take the protection of our customers’ data very seriously, so we ensure that our products and services are developed and designed in accordance with the "Privacy by Design" principle. All data that we collect is used to ensure that our products and services are the best that they can possibly be and that we can optimise the user benefits for our customers. We ensure that your data is protected at all times and is only used to make a service or product available to you. We know exactly what happens to your data within the company and we ensure that it is processed securely and under protection in accordance with data protection requirements.
Who is your contact person?
The contact and responsible person for how your personal data is processed, within the terms of the EU General Data Protection Regulation (GDPR), is
Gigaset Communications GmbH
46395 Bocholt, Germany
Tel.: +49 (0) 2871 / 912 912
Email: email@example.com or firstname.lastname@example.org
You can also contact our data protection officer at any time for all questions concerning the topic of data protection in connection with our products and services. This officer can be reached at the above postal address and email address (keyword: "Data Protection Officer").
What data do we collect?
As part of our Customer Services provision, there are various options available to you for engaging with or using our services. We make a fundamental distinction here between customer services (your service call or your service chat or your email) and repairs (your repair request). If you get in touch with our service to buy accessories or replacement parts from our range, your order information will be processed during your service call, if appropriate, or, in our online shop as standard. You can also find all the information about how we process your data in the eShop on our homepage (www.gigaset.com).
Data when using our customer services
We will collect data from you when you contact our customer services to ask a question, ask for advice, have a repair approved or in relation to any other matter. This may be personal data such as your last name, first name, home address, telephone number, email address or device ID information.
Your data in your user account
You will sometimes be required to set up your own Gigaset user account so that we can support you in the best possible way or so that we can fully track the relevant service status of your requests or repair orders. In this scenario, we will collect personal data about you, such as particular details about you as an individual including your last name, first name and email address.
Getting in touch in person
You have several ways to get in touch with us. This includes live chat, service hotlines, and/or a support ticket, which is a type of online template you can use to describe a problem you are having with your product. In this context, we process data solely for the purpose of communicating with you. The legal basis is Article 6 Paragraph 1 lit. b of the GDPR.
We will make a record of each time you get in touch with us and, if you choose to do so, you can keep up to date about service activities via your user account at any time. You can delete these service tickets at any time from your user account, provided that we are not legally obliged to retain the information (see the section entitled "Storage duration").
Use of live chats
Our website uses the chat programme Freshchat, a service provided by Freshworks GmbH, Neue Grünstraße 17, 10179 Berlin, Germany. If you have any general or specific questions or issues in relation to our products, services or our Gigaset shop, you can send us a message via our live chat Users are shown whether anyone is online to provide immediate assistance. If no-one is online, we will answer your request promptly during our business hours. In this context, the data will be processed exclusively for the purpose of communicating with you in an EU data centre operated by our service provider. The legal basis is Article 6 Paragraph 1 lit. b of the GDPR.
You have the option of signing up for our login area to use the full functionality of our website and services. We have marked the mandatory information you must provide—first name, last name, email address, password— as mandatory fields. It is not possible to sign up without providing this information. The legal basis for this processing of information is Article 6 Paragraph 1 lit. b of the GDPR.
Following successful registration, you can manage your personal user account via gigaset.com. The following functions are available to do this: user account information, address book, my orders, my wishlist, newsletter subscriptions, reporting a repair, my repair orders and my customer reviews. You can add additional personal data using the address book. These are: first name, last name, company, phone, address, street, state, post code, city. In this context, we process information solely for the purpose of delivering our services such as conducting repair orders. The legal basis for this processing of information is Article 6 Paragraph 1 lit. b of the GDPR.
Data in the context of handling repair orders
In order to handle repairs, we need personal data such as last name, first name, home address, telephone number, email address or device ID information and a description of the error. The legal basis for this processing of information is Article 6 Paragraph 1 lit. b of the GDPR.
Device information: In the case of a repair, it is sometimes necessary to operate products in order to test them. In the context of your device being used in this way, we collect a range of device information depending on the type of device. This includes your hardware model, device hardware information, IMEI number and other unique device ID information such as serial number, model name, access log, the current version of software, the mobile communications country code, the mobile communications network code, the MAC address, version of operating system or the device settings that you are using to access the services.
Why do we process your data?
We process your personal data in accordance with the provisions of the GDPR, of national data protection legislation and of all other applicable laws. First and foremost, data is processed in order to carry out the mutual business relationship. In addition, your separate consent may be obtained by way of agreement giving permission for data protection purposes. We also process your data in order to be able to fulfil our legal obligations, in particular in the field of tax legislation. Where necessary, we also process your data pursuant to Article 6 Paragraph 1 f) of the GDPR in order to safeguard our legitimate interests or those of third parties (such as authorities). We process your data for the following purposes:
Registration: Your personal data is processed when you register your Gigaset product or when you register for a Gigaset service. You will also be personally identified and authenticated as a user of our Gigaset products. The legal basis for this is performance of a contract pursuant to Article 6 Paragraph 1 Clause 1 lit. b of the GDPR.
Product orders: Your personal data is processed when you order products, such as in the eShop. (e.g. to send order confirmations). The legal basis for this is performance of a contract pursuant to Article 6 Paragraph 1 Clause 1 lit. b of the GDPR.
Maintenance & support: Your personal data is processed in order to carry out maintenance and support services in relation to your device (e.g. to provide software updates or repairs). The legal basis for this is performance of a contract pursuant to Article 6 Paragraph 1 Clause 1 lit. b of the GDPR.
Customer promotions: Your personal data is processed for the purposes of prize draws, competitions or advertising campaigns, e.g. in order to notify you that you have won a prize. The legal basis for this purpose is your consent pursuant to Article 6 Paragraph 1 Clause 1 lit. a of the GDPR.
Product enhancements: We process data about how you use our Gigaset products for the purposes of improving our products, e.g. for the purposes of software updates. The legal basis for this is a legitimate interest pursuant to Article 6 Paragraph 1 Clause 1 lit. f of the GDPR.
Information services: Our products provide information services which will be further extended in future in your interests. This app may also process personal data, depending on the services used. The legal basis for this is performance of a contract pursuant to Article 6 Paragraph 1 Clause 1 lit. b of the GDPR.
Customer surveys: When we ask for your opinion about our products, we process data for statistical purposes. This helps us to improve our products. The legal basis for this purpose is your consent pursuant to Article 6 Paragraph 1 Clause 1 lit. a of the GDPR.
Sending promotional material: We process your personal data in order to send out promotional material or special offers. The legal basis for this purpose is your consent pursuant to Article 6 Paragraph 1 Clause 1 lit. a of the GDPR.
How do we disclose your data?
Within our corporate group, your data is shared with certain companies when these companies undertake central data processing tasks for the companies affiliated within the group (such as logistics, repairs). Although we may also disclose your data to the following companies, this is only to the extent necessary to provide the services:
- Service providers. We are able to disclose your data to carefully selected companies who provide services on our behalf, such as companies who help us with repairs, customer contact centres, customer service operations, advertisements, conducting customer satisfaction surveys or invoicing, or who send emails on our behalf. On the basis of contractual provisions, these companies may only use your data to provide the services we have requested.
We are also able to share your personal data with other recipients outside of the company, provided that this is necessary in order to fulfil legal obligations. This could be authorities such as financial authorities, courts, for example.
How is your data stored securely?
We take the protection of your information seriously and have taken appropriate physical and technical measures to protect data that we collect in connection with the services. Even though rapid technological developments mean that gaps in the security of websites, Internet transmissions, computer systems or communications over mobile networks can never be ruled out, we update our systems as soon as we become aware of any issues and we always take the appropriate steps to protect your data.
What rights do you as the data subject have under data protection law?
You can write to the address shown above to request information about the data stored about you as an individual. Under certain conditions, you are also able to request that your data be rectified or erased. You also have a right to restrict processing of your data and a right to receive the data you have provided in a structured, commonly used and machine readable format.
Right to objection
You have the right to object to your personal data being processed for the purposes of direct advertising without having to justify your decision. Where we process your data for the purposes of protecting legitimate interests, you are able to object to this processing for reasons relating to your particular situation. We will then no longer process your personal data unless we are able to demonstrate compelling, legitimate grounds for the processing that override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
With whom can you submit a complaint?
You have the right to submit a complaint to the competent data protection officer or to a data protection supervisory authority.
How long will your data be stored for?
We will delete your personal data as soon as it is no longer required for the aforementioned purposes. Once the business relationship comes to an end, we will store your personal data for as long as we have a legal obligation to do so. This is often a result of statutory burden of proof and retention obligations which are governed by German commercial law and the German fiscal code, among other things. Accordingly, the storage periods can be up to ten years.
Will your data be sent to a third country?
If we share personal data with service providers or group companies outside the European Economic Area (EEA), this will only be done if the EU Commission has determined that the third country exercises an appropriate level of data protection or other appropriate data protection guarantees (such as binding data protection regulations within the company or EU standard contractual clauses) are in place. You can request detailed information from the aforementioned points of contact.