Introduction and organizational info

We, at CATARC Europe Testing and Certificate GmbH, are dedicated to serving our customers and contacts to the best of our abilities. Part of our commitment involves the responsible management of personal information collected through our website europe.catarctc.com, and any related interactions. Our primary goals in processing this information include:

1.Enhancing the user experience on our platform by understanding customer needs and preferences.

2.Providing timely support and responding to inquiries or service requests.

3.Improving our products and services to meet the evolving demands of our users.

4.Conducting necessary business operations, such as billing and account management.

It is our policy to process personal information with the utmost respect for privacy and security. We adhere to all relevant regulations and guidelines to ensure that the data we handle is protected against unauthorized access, disclosure, alteration, and destruction. Our practices are designed to safeguard the confidentiality and integrity of your personal information, while enabling us to deliver the services you trust us with.

We have a designated Data Protection Officer (DPO). If you have any questions or require further information about how we manage personal information, please feel free to contact us at dpo.europe@catarc.ac.cn or +49 081229458937.

Your privacy is our priority. We are committed to processing your personal information transparently and with your safety in mind. This commitment extends to our collaboration with third-party services that may process personal information on our behalf, such as in the case of sending invoices. Rest assured, all activities are conducted in strict compliance with applicable privacy laws.

Scope and application

Our privacy policy is designed to protect the personal information of all our stakeholders, including website visitors, registered users, and customers. Whether you are just browsing our website europe.catarctc.com, using our services as a registered user, or engaging with us as a valued customer, we ensure that your personal data is processed with the highest standards of privacy and security. This policy outlines our practices and your rights related to personal information.

Data collection and processing

Our commitment to transparency and data protection extends to how we collect and use your personal information. We gather personal data through various interactions, including but not limited to, when you utilize our services or products such as tests for automotive lighting and interior trimming devices, China Compulsory Certification ,CCC Self-Declaration,Voluntary Certification,Testing capacity for complete scope of ECE/EU certification,Global Certification,Audit Support,Consulting and Training, or directly provide information to us.

The following list details the types of personal information we may process:

1.First and last name

2.Email address and/or Phone number

3.Address and city

Please note, that we only process information that is essential for delivering our services, complying with legal obligations, or enhancing your user experience. Your privacy is paramount, and we are dedicated to handling your personal information responsibly and in accordance with all applicable laws.

At CATARC Europe Testing and Certificate GmbH, we believe in using personal information responsibly and ethically. The data we collect serves multiple purposes, all aimed at enhancing the services we offer and ensuring the highest level of satisfaction among our users, customers, and employees. Here are the key ways in which we use the personal information collected:

1.Customizing and adapting user experience

2.Content delivery

3.Research and development

4.Authentication and security

5.Marketing and advertising

6.Customer support

7.Fraud prevention and risk management

Your privacy is our priority. We process your personal information transparently and in accordance with your preferences and applicable privacy laws. We are committed to ensuring that your data is used solely for the purposes for which it was collected and in ways that you have authorized.

Data storage and protection

Data storage

1.Personal information is stored in secure servers located in the following locations: DE. For services that require international data transfer, we ensure that such transfers comply with all applicable laws and maintain data protection standards equivalent to those in our primary location.

2.Data hosting partners: We partner with reputable data hosting providers committed to using state-of-the-art security measures. These partners are selected based on their adherence to stringent data protection standards.

Data protection measures

Security audits and monitoring: Regular security audits are conducted to identify and remediate potential vulnerabilities. We also monitor our systems for unusual activities to prevent unauthorized access.

Third-Party Links

Our website contains links to third-party platforms including LinkedIn (Microsoft Corporation). Once you leave our website, we are not responsible for the data practices of third-party sites. We recommend reviewing LinkedIn's Privacy Policy before engaging with their platform.

Data processing agreements

When we share your data with third-party service providers, we do so under the protection of Data Processing Agreements (DPAs) that ensure your information is managed in accordance with GDPR and other relevant data protection laws. These agreements mandate that third parties implement adequate technical and organizational measures to ensure the security of your data.

Transparency and control

We believe in transparency and providing you with control over your personal information. You will always be informed about any significant changes to our sharing practices, and where applicable, you will have the option to consent to such changes.

Your trust is important to us, and we strive to ensure that your personal information is disclosed only in accordance with this policy and when there is a justified reason to do so. For any queries or concerns about how we share and disclose personal information, please reach out to us at catarc.europe@catarc.ac.cn or +49 081229458937.

User rights and choices

At CATARC Europe Testing and Certificate GmbH, we recognize and respect your rights regarding your personal information, in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. We are committed to ensuring you can exercise your rights effectively. Below is an overview of your rights and how you can exercise them:

Your rights

1.Right of access (Art. 15 GDPR): You have the right to request access to the personal information we hold about you and to obtain information about how we process it.

Right to rectification (Art. 16 GDPR): If you believe that any personal information we hold about you is incorrect or incomplete, you have the right to request its correction or completion.

3.Right to erasure ('right to be forgotten') (Art. 17 GDPR): You have the right to request the deletion of your personal information when it is no longer necessary for the purposes for which it was collected, among other circumstances.

4.Right to restriction of processing (Art. 18 GDPR): You have the right to request that we restrict the processing of your personal information under certain conditions.

5.Right to data portability (Art. 20 GDPR): You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit those data to another controller.

6.Right to object (Art. 21 GDPR): You have the right to object to the processing of your personal information, under certain conditions, including processing for direct marketing.

7.Right to withdraw consent (Art. 7(3) GDPR): Where the processing of your personal information is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

8.Right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal information violates applicable data protection laws.

Exercising your rights

To exercise any of these rights, please contact us at catarc.europe@catarc.ac.cn or +49 081229458937. We will respond to your request in accordance with applicable data protection laws and within the timeframes stipulated by those laws. Please note, in some cases, we may need to verify your identity as part of the process to ensure the security of your personal information.

We are committed to facilitating the exercise of your rights and to ensuring you have full control over your personal information. If you have any questions or concerns about how your personal information is handled, please do not hesitate to get in touch with us.

Cookies and tracking technologies

At CATARC Europe Testing and Certificate GmbH, we value your privacy and are committed to being transparent about our use of cookies and other tracking technologies on our website europe.catarctc.com. These technologies play a crucial role in ensuring the smooth operation of our digital platforms, enhancing your user experience, and providing insights that help us improve.

Understanding cookies and tracking technologies

Cookies are small data files placed on your device that enable us to remember your preferences and collect information about your website usage. Tracking technologies, such as web beacons and pixel tags, help us understand how you interact with our site and which pages you visit.

How we use these technologies

1.Essential cookies: Necessary for the website's functionality, such as authentication and security. They do not require consent.

2.Performance and analytics cookies: These collect information about how visitors use our website, which pages are visited most frequently, and if error messages are received from web pages. These cookies help us improve our website.

3.Functional cookies: Enable the website to provide enhanced functionality and personalization, like remembering your preferences.

4.Advertising and targeting cookies: Used to deliver advertisements more relevant to you and your interests. They are also used to limit the number of times you see an advertisement and help measure the effectiveness of the advertising campaign.

Your choices and consent

Upon your first visit, our website will present you with a cookie consent banner, where you can:

Accept all cookies: Consent to the use of all cookies and tracking technologies.

2.Reject non-essential cookies: Only essential cookies will be used to provide you with necessary website functions.

3.Customize your preferences: Choose which categories of cookies you wish to allow.

International data transfers

Your personal data is hosted and processed in China by our infrastructure provider, Huawei Software Technologies Co., Ltd. (Huawei Public Cloud). China is a third country outside the European Economic Area (EEA) and has not received an adequacy decision from the European Commission under Article 45 of the GDPR, meaning it is not considered to provide an equivalent level of data protection to that of the EU/EEA.

To ensure that your personal data is adequately protected when transferred to China, we have implemented the following safeguards in accordance with Article 46 of the GDPR:

1.Standard Contractual Clauses (SCCs): We have entered into Standard Contractual Clauses with Huawei Software Technologies Co., Ltd., based on the European Commission's Decision 2021/914. These clauses contractually obligate the data recipient to protect your personal data in accordance with EU standards.

2.Technical and Organizational Measures: In addition to the SCCs, appropriate technical measures, including encryption and access controls, are applied to further protect your data during transfer and storage.

You have the right to obtain a copy of the Standard Contractual Clauses we have put in place. To exercise this right, please contact us.

Data breach notification procedures

At CATARC Europe Testing and Certificate GmbH, we understand the importance of protecting your personal information and take proactive measures to safeguard it. In the event of a data breach that poses a risk to your privacy rights and freedoms, we have established clear procedures for promptly identifying, assessing, and mitigating the impact of the breach. Our data breach notification procedures are designed to comply with applicable data protection laws and regulations, including the General Data Protection Regulation (GDPR).

Detection and assessment

Internal monitoring: We employ robust security measures and monitoring systems to detect and respond to potential data breaches promptly.

2.Assessment of breach impact: Upon discovery of a data breach, we will conduct a thorough assessment to determine the nature and scope of the breach, including the types of personal information involved and the potential impact on affected individuals.

Notification obligations

Regulatory authorities: If required by law, we will notify the relevant data protection authorities of the data breach within 30 day(s), following the procedures specified by applicable regulations.Affected individuals: If a data breach poses a significant risk to your privacy rights and freedoms, we will notify you within 30 day(s), providing clear and concise information about the breach, the types of personal information affected, and the steps you can take to protect yourself.

Communication channels

Email notification: We may notify affected individuals via email, using the contact information provided to us, if feasible and appropriate.

Support and assistance

In the event of a data breach, we are committed to providing affected individuals with the support and assistance they need, including guidance on steps they can take to mitigate the potential risks associated with the breach.

Point of contact: If you have any questions or concerns about a data breach or believe you may have been affected, please contact us immediately at catarc.europe@catarc.ac.cn or +49 081229458937.

Policy updates and changes

At CATARC Europe Testing and Certificate GmbH, we are committed to keeping you informed about how we handle your personal information and any changes to our privacy practices. We may update this privacy policy from time to time to reflect changes in legal requirements, industry standards, or our business operations. We want to assure you that any updates will be communicated transparently and in accordance with applicable data protection laws.

Notification of changes

1.Notification process: In the event of significant changes to our privacy policy that may affect your rights or the way we handle your personal information, we will provide notice through prominent means, such as email, website notifications, or other appropriate channels. We will also indicate the effective date of the updated policy at the top of the document.

2.Reviewing changes: We encourage you to review our privacy policy periodically to stay informed about how we collect, use, and protect your personal information. Your continued use of our services after any changes to the policy signifies your acceptance of the updated terms.

Contact us

If you have any questions or concerns about our privacy policy or any updates to it, please don’t hesitate to contact us at catarc.europe@catarc.ac.cn or +49 081229458937. We are here to address any inquiries you may have and to ensure that you have the information you need to feel confident about how your personal information is handled.