In this privacy statement, we inform you which personal data we process during your visit to our website and what rights you have. We therefore ask that you read the following explanations carefully.
Personal data is all information that refers to an identified or identifiable natural person. This data includes your name, address, e-mail address and other communication data.
Processing refers to any automated or non-automated procedure or series of procedures performed in connection with personal data, such as collection, recording, organization, sorting, storage, adaptation or modification, readout, querying, use, disclosure through transmission, distribution or any other form of provision, comparison or linking, restriction, deletion or destruction.
The affected person is any identified or identifiable natural person whose personal data is processed by the party responsible for processing.
The responsible party or the “party responsible for processing” is a natural or legal person, public authority, institution or other body that decides solely or together with others on the purpose and means of processing personal data.
The user comprises all categories of people affected by the processing of the data. This includes our business partners and other visitors of our website.
In regard to the terminology used, please refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR). The terms used, such as “user”, are to be seen as gender-neutral.
1. Who is responsible for processing the data and who can I contact?
Additional information can be found in the legal notice (Imprint).
2. Data protection officer
Our data protection officer can be contacted at the e-mail address datenschutz©soehner-wordlwide.com or through our postal address with the amendment “ATTN: Data Protection Officer”.
3. Processing of personal data
3.1. Visiting our website
3.1.1. Scope of data processing
When you visit our website, your browser will transfer certain data to our web server for technical reasons. This data is as follows (contained in so-called server log files):
- IP address
- Date and time of the query
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (concrete page)
- Operating system and its access status / HTTP status code
- Amount of transferred data
- Website from which the request comes (referrer URL)
- Browser, language and version of the browser software
3.1.2. Purpose of the data processing
This data must be stored in log files to guarantee the functionality of the website. We use this data to optimize the website and guarantee the security of our IT systems.
3.1.3. Legal basis of processing
We collect this data on the basis of our legitimate interest within the scope of Art. 6 Sect. 1 letter f) GDPR to display our website and guarantee your security.
3.1.4. Duration of storage
Information in the log files is saved for a maximum of seven days for security reasons (for example, to clarify cases of misuse or fraud) and then deleted. Data whose further storage is required for evidential purposes is excepted from deletion until the final clarification of the respective matter.
3.1.5. Possibility of objection and elimination
The collection of data for the provision of the website and its storage in log files is required for operation for technical reasons. The user consequently has no possibility of objection in this case.
3.2. Contact form and e-mail contact
3.2.1. Scope of data processing
If you use the contact form on our website, we process the following data: form of address, first name, last name, company, function, street, house number, zip code, city, country, telephone number, fax number, e-mail address, subject of your query and your sent message.
Alternatively, we may establish contact to the provided e-mail addresses, depending on the respective matter. In such cases, the personal data of the sender transmitted with the e-mail is processed.
In this case, no data is passed on to third parties. The data is used solely to process the conversation and the respective matter.
3.2.2. Purpose of the data processing
The processing of the personal data from the entry mask serves the establishment of contact. In case contact is established by e-mail, a necessary legitimate processing of the data also exists. The other personal data processed during the transmission procedure (such as the IP address, date and time) are used to prevent a misuse of the contact form and guarantee the security of our IT systems.
3.2.3. Legal basis of processing
In case we are contacted (by contact form or e-mail), the user’s data is processed to deal with and settle the contact inquiry according to Art. 6 Sect. 1 letter b) GDPR.
3.2.4. Duration of storage
We delete your personal data from the entry screen of the contact form and the data sent by e-mail if this data is no longer required for the purpose of data collection and no legal storage safe-keeping periods conflict with this deletion.
3.2.5. Possibility of objection and elimination
You always have the possibility to revoke your consent to the processing of your personal data.
If you contact us by e-mail, you can object to the storage of your personal data at any time. In this case, our conversation can naturally no longer continue. Please send such revocations to firstname.lastname@example.org. All personal data stored within the course of the establishment of contact is then deleted.
3.3.1. Scope of data processing
This website uses transient and persistent cookies.
a) Transient cookies are deleted automatically when you close your browser. This particularly includes so-called session cookies. Session cookies save a so-called session ID, by means of which the various queries of your browser can be allocated to the common session. When you return to our website, your computer can be recognized. The session cookies are deleted when you log out and/or close your browser.
b) Persistent cookies are automatically deleted after a set period of time, which can differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
3.3.2. Purpose of the data processing
3.3.3. Legal basis of processing
The legal basis for the processing of personal data using technically required cookies is Art. 6 Sect. 1 letter f) GDPR.
3.3.4. Duration of storage
Session cookies are deleted as soon as the browser is closed. Persistent cookies are automatically deleted after a set period of time.
3.3.5. Possibility of objection and elimination
3.4. Webanalyse / Google Analytics
3.4.1. Scope of data processing
3.4.2. Purpose of the data processing
On our behalf, Google uses this information to analyze the use of our website and compile reports on the activities carried out on our website. This analysis lets us better design your online experience and increase the user-friendliness of our Website.
3.4.3. Legal basis of processing
Our legitimate interest in the processing of data by Google Analytics lies in the purposes mentioned above. The legal basis is Art. 6 Sect. 1 letter f) GDPR.
3.4.4. Duration of storage
Sessions and campaigns come to an end after a certain period of time has expired. By default, sessions are ended after 30 minutes of no activity and campaigns after six months. The maximum time limit for campaigns is two years.
3.4.5. Possibility of objection and elimination
The IP address transmitted by your browser is not merged with other data by Google. You can prevent the saving of cookies by a corresponding browser software setting as described above in the “Cookies” chapter. In addition, you can prevent the collection of the data generated by the cookie and related to your use of the website to Google and prevent the processing of this data by Google by downloading and installing the browser plugin available from Google under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
3.5. Google AdWords
3.5.1. Scope of data processing
We use Google AdWords to draw attention to our offerings using advertising means (so-called Google AdWords) on external websites. These advertising means are provided by Google using so-called ad servers. For this purpose, we use ad server cookies by means of which certain parameters can be measured to determine success, such as the display of the ads or clicks by the user. If you reach our website through a Google ad, Google AdWords will set a cookie on your computer. What cookies are and how they can be deleted is described above; these cookies let Google recognize your Internet browser. If a user searches for certain pages of the website of an AdWords customer and the cookie stored on his or her computer has not yet expired, Google and the customer can see that the user has clicked the ad and was forwarded to this page. A different cookie is allocated to each AdWords customer. Cookies can therefore not be tracked through the websites of AdWords customers. We do not collect and process any personal data in the above-mentioned advertising measures ourselves. We merely receive statistical analyses from Google. Using these analyses, we can see which of the advertising measures used are particularly effective. We do not receive more detailed data from the use of the advertising means; in particular, we are unable to identify users using this information. Based on the marketing tool used, your browser automatically sets up a direct connection to the Google server. We have no influence on the scope and further use of the data collected by Google using this tool and we therefore inform you of the following based on our current knowledge: Through the integration of AdWords Conversion, Google obtains the information that you have called the corresponding part of our Internet presence or clicked one of our ads. If you are registered with a Google service, Google can allocate the visit to your account. Even if you are not registered with Google and/or are not logged in to your Google account, it is possible for the service provider to discover and save your IP address.
3.5.2. Purpose of the data processing
In relation to the data of the advertising campaign, we determine how successful the individual advertising campaigns were. We therefore pursue the interest of showing you advertising that is of interest to you, designing our website in a manner that is of interest to you and achieving a fair calculation of advertising expenses.
3.5.3. Legal basis of processing
The processing of this data serves our legitimate interest in designing our advertising in a targeted manner. The legal basis is Art. 6 Sect. 1 letter f) GDPR.
3.5.4. Duration of storage
These cookies generally lose their validity after 30 days and shall not be used to identify you personally. In addition to this cookie, the unique cookie ID, the number of ad impressions per placement (frequency), last impression (relevant for post view conversions) and opt-out information (marker that the user no longer wishes to be addressed) are generally saved as analysis values.
3.5.5. Possibility of objection and elimination
SYou can prevent your participation in this tracking method in a variety of ways:
a) through a corresponding setting in your browser software (in particular, the suppression of third-party cookies prevents you from receiving third-party ads);
b) through the deactivation of cookies for conversion tracking by setting your browser in such a way that cookies from the “www.googleadservices.com” domain (https://www.google.de/settings/ads) are blocked, whereby this setting is deleted when you delete your cookies;
c) through the deactivation of interest-related ads of the service provider that are part of the “About Ads” self-regulation campaign under the link http://www.aboutads.info/choices, whereby this setting is deleted when you delete your cookies;
d) through permanent deactivation in your browser (Firefox, Internet Explorer or Google Chrome) under the link http://www.google.com/settings/ads/plugin.
Further information on Google’s data protection policy can be found here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternative, you can visit the website of the Network Advertising Initiative (NAI) under www.networkadvertising.org. Google is subject to EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.
4. Data security
We take technical, contractual and organizational measures for securing data processing according to the state of the art. In this way, we guarantee that the regulations of data protection laws, especially the General Data Protection Regulation are observed and that the data we process is protected against destruction, loss, modifications and unauthorized access. These security measures also include the encoded transmission of data between your browser and our servers. Please note that the SSL encoding of Internet transmissions is activated only when the key symbol appears in the lower menu bar of your browser window and the address starts with https://. Through SSL (Secure Socket Layer), the data transmission is protected against illegal access at-tempts of third parties using an encoding technology. If this option is not available, you can also decide not to send certain data via the Internet. All information that you send to us is stored and processed on our servers in the Federal Republic of Germany.
5. Passing on data to third parties and third-party service providers
Data is passed on to third parties only within the scope of legal regulations. We pass on user data to third parties only if required for contractual purposes on the basis of Art. 6 Sect. 1 letter b) GDPR or for the economical and effective operation of our business on the basis of a legitimate interested according to Art. 6 Sect. 1 letter f) GDPR. Within the scope of order processing according to Art. 28 GDPR, we use subcontractors for the rendering of our services, especially for the operation, maintenance and hosting of the website. We have taken suitable legal precautions and corresponding legal and organizational measures to guarantee the protection of personal data according to the pertinent legal regulations.
6. External services and content on our website
We integrate external services or content into our website. Such integration takes place on the basis of our legitimate interests in analysis, optimization and economic operation of our online offering within the scope of Art. 6 Sect. 1 letter f) GDPR. Communication data, such as the date, time and IP address, between you and the respective ser-vice provider is exchanged for technical reasons during the use of such a service or during the display of third-party content. In particular, this data includes your IP address, which is required for displaying content in your browser. It is possible that the provider of the respective services or content will process your data for additional purposes of its own. Since we have no influence on the data collected by third parties or the processing thereof by these third parties, we cannot provide binding information on the purpose and scope of the processing of your data. Additional information on the purpose and scope of the collection and processing of your data can therefore be found in the privacy statements of the respective service provider responsible for data protection and who has provided the services or content we have integrated. The following list contains an overview of third-party service providers, as well as their content and links to their privacy statements, which contain further information on the processing of data and objection possibilities.
7. Your rights
If we process your personal data, you are an affected person within the scope of the General Data Protection Regulation (GDPR) and have the following rights in regard to your personal data:
- Right to information (Art. 15 GDPR)
- Right to correction (Art. 16 GDPR)
- Right to deletion (Art. 17 GDPR)
- Right to the limitation of processing (Art. 18 GDPR)
- Right to data transferability (Art. 20 GDPR)
- Right to object to processing (Art. 21 GDPR)
You also have the right to complain to a data protection supervisory body about our processing of your personal data.
8. Changes to the privacy statement
We reserve the right to modify the privacy statement in order to adapt it to changed legal situations or to changes in the service and data processing. This applies only to declarations regarding data processing, however. If user consent is required or if parts of the privacy statement contain provisions regarding the contractual relationship with the users, the changes will be carried out only with the consent of the users. Please inform yourself regularly regarding the contents of the privacy statement.