Sympatec

Privacy

Sympatec GmbH data protection information for customers and other data subjects pursuant to Article 13, GDPR

 

The protection of your personal data is important to us, and we take this into account in all of our business processes. We collect, process and use personal data only in compliance with the general data protection regulations (GDPR). Our website and online operations also comply with the German Teleservices Act (Telemediengesetz, TMG).

Our websites can generally be used without entering personal data. However, in each case, we (or our web hosting provider) store data about accessing our website in temporary log files. The information captured includes:

  • the IP address of the requesting computer
  • the identifier of the requesting provider
  • the date and time of access
  • the name and transfer data quantity for the accessed website
  • notifications about successful access or error messages
  • the browser type and version, as well as the operating system of the requesting computer
  • referrer URL | URL of the previously visited page.

This information is technically required in order to correctly deliver the website contents you have requested, and are essential for the use of the Internet. We use the log data exclusively for statistical evaluations for the purpose of the operation, security and optimisation of our website. However, we reserve the right to subsequently review the log data if – as a result of specific indications – there is a justified suspicion of unlawful use.

Personal data is only recorded if you expressly share it with us, for example when using an email form or in the course of registering for access to protected content on a website. In order to avoid improper use of your data by third parties, your data is transferred in encrypted form. The transfer process is based on SSL (Secure Socket Layer) protocol, and ensures encrypted data traffic between your browser and our server.

We will only record, process and use your personal data for the purpose of processing your requests or orders, and for creating and managing your online account, as well as for protecting our own, justified business interests with respect to consultancy and support as part of a business relationship. In doing so, we ensure that all legal provisions are taken into account. The personal data entered is treated confidentially, and used for the designated purpose pursuant to the data privacy law provisions that are applicable in each case. The data is not disclosed to third parties.

You have the right, at any time, to receive information about the personal data we have stored about you. Similarly, you have the right to correct, block or delete your personal data. Deletion is not permitted except in as far as legal or contractual obligations to preserve records contradict this. In as far as an obligation of this type exists, we will block your data on request, and keep it available in a block file for supervisory purposes. Get in touch with us as the responsible office if you would like information, or to make use of your right to correction, blocking or deletion of your data. You can arrange for changes to or the revocation of a submitted declaration of consent with immediate effect by sending us a notification to this effect. The contact details provided above.

We use Cookies on our website, in order to be able to provide you with information in a targeted way. No personal data is stored or associated with your personal user data through the use of Cookies. Cookies are small text files that are stored locally in the cache of the web browser you use to access our site. In this way, cookies enable the recognition of your web browser. They contain information about your computer and your connection to the Internet, such as IP address, the web browser used, and the operating system. Cookies do not cause any damage, are saved temporarily, and can be deleted at any time. We use Cookies in order to display the website correctly, and to make it easier for you to navigate on our website. The data collected by the Cookies is also used to optimise our website.

You can of course also view our website without Cookies. Web browsers are set to accept Cookies as standard. You can deactivate the use of Cookies at any time using the settings in your web browser.

We operate official social media channels under the following addresses:

If you contact us using these channels, we process your data according to Article 6(1)(b) GDPR only to answer your enquiry. Data you have entered on these pages, for example comments, videos or pictures won’t be used or processes for other purposes. Please also consider the data protection regulations of the respective platform provider.

Social Media Plugins with Shariff
In our online offer, we use so-called social plugins of different social networks; these will be described individually in this section. On application of the plugins, your internet browser will establish a direct connection to the servers of the respective social network. Hereby the relevant provider obtains the information that your internet browser has called up the corresponding page of our online offer, even if you do not possess a user account with the provider or are not currently logged in with the provider. Log files (including the IP address) are directly transmitted from your internet browser to a server of the relevant provider where they are stored if necessary. The headquarters of the provider or his/her server could be located outside the EU or the EEA, in a third country with appropriate data protection standard (e.g. in Switzerland) or at a by EU-US Privacy Shield certified company in the US.

Plugins are usually recognizable by the applicable social media logo. To ensure data protection on our website, we only use these plugins together with the so called “Shariff” solution. This application prevents that plugin data integrated into our website is being shared with the respective provider during the first visit.

The plugins represent independent extensions of the providers of social networks. Therefore, we have no influence on the extent of the data collected and stored by the social network providers via the plugins. The purpose and extent of the collection, the further processing of the data by the social network as well as your associated rights and setting options for the protection of your private sphere can be taken from the data protection notes of the respective social network. You should not use the respective plugins if you do not want social network providers to obtain data concerning this online offer or to continue to use this data.

Social Plugin of Twitter
Functions of the platform Twitter are embedded on our website. Twitter is provided by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). You will find an overview of the plugins from Twitter and their appearance here: https://developer.twitter.com/; you will find information on data protection at Twitter here: https://twitter.com/en/privacy.

Social Plugin of LinkedIn
Our website uses functions of the network LinkedIn. LinkedIn is provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”). You will find an overview of the plugins from LinkedIn and their appearance here: https://developer.linkedin.com/plugins; you will find information on data protection at LinkedIn here: https://www.linkedin.com/legal/privacy-policy.

In some areas, we use integrated map material from Google maps, or integrate our videos using services such as Vimeo or YouTube. The integration of content of this type from third-party websites always requires that the providers of this content are aware of users’ IP addresses. Without the IP address, it would not be possible to send the content to the respective user’s browser. The IP address is therefore necessary in order to display this content. We strive to only use content of which the respective providers use the IP address only for delivering the content.

Google Ads / Google Ads Remarketing
On this website we are using the service of „Google Ads”. This service fulfils the purpose of the so called “Conversion-Trackings”, which means we can see what happened after you clicked on one of our ads. Cookies are placed for this, which have a limited validity and contain no personal data. A personalised identification of the user is therefore not possible.

The legal basis for using the service is Article 6(1)(f) GDPR - legitimate interest. Our legitimate interest to use this service is in analysing and optimising the operations of our website. You can find further information as well as the privacy policy from Google under: https://policies.google.com/privacy

We use the remarketing function within the Google Ads service. The remarketing function allows us to present to users of our website advertisements based on their interests on other websites within the Google advertising network (in Google search or on YouTube, so-called "Google ads" or on other websites). This is done by means of Cookies, which are used to record and evaluate your usage behaviour by Google when visiting various websites. This is how Google can determine your previous visits to our website. According to Google's own statements, Google does not merge the data collected in the context of remarketing with your personal data, which may be stored by Google. According to Google, in particular pseudonymisation is used for remarketing.

You can prevent participation in this tracking process in various ways: a) by setting your browser software accordingly, in particular by suppressing third-party cookies, you will not receive any ads from third-party providers; b) by installation of the plugin provided by Google under the following link: https://adssettings.google.com/authenticated; c) by provider-independent deactivation site of the Network Advertising Initiative http://optout.networkadvertising.org/?c=1; d) by permanently deactivating Firefox, Internet Explorer or Google Chrome in your browsers under the link https://www.google.com/settings/ads/plugin, e) by setting your cookie preferences accordingly. Please note that in this case you may not be able to use all functions of this offer in full.

For more information on privacy policy by Google, please visit https://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/en.html.

LinkedIn Ads Remarketing
On our website we use the analysis and conversion tracking technology of the LinkedIn platform. With LinkedIns just mentioned technology, advertisement that is relevant and based on your interests can be played out to you. Furthermore, we receive aggregated and anonymous reports of ad activities and information about how you interacted with our website. You can find more information about privacy policy on LinkedIn here: https://www.linkedin.com/legal/privacy-policy#choices-oblig. You can prevent the analysis of your user behavior through LinkedIn as well as the display of interest based suggestions (“Opt-Out”); just click on the button “Opt Out on LinkedIn” (for LinkedIn members) or “Opt Out” (for other users) under the following link https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Teamviewer
We offer our customers remote maintenance using the TeamViewer software in case of problems. The provider of this software is TeamViewer GmbH, Jahnstr. 30, D-73037 Göppingen (Germany). If you want to make use of remote maintenance, you have to download the TeamViewer software from the provider or from our website using a link provided by us and run it on your computer. For this, solely the privacy policy of TeamViewer GmbH as your contractual partner for the use of the software applies, which can be called up at www.teamviewer.com/en/privacy-policy/.


Insofar as we should gain knowledge of personal data within the scope of remote maintenance, this is done solely to provide the service requested by you and not to process the data by your order. We do not store such data and we maintain data secrecy for them. The legal basis for the processing is Art. 6 para. 1 lit. b GDPR. You can cancel remote access at any time by closing the TeamViewer software.

We offer website visitors the option of registering a user account in order to access protected website content. With a user ID, consisting of a user name and password, you can login to our website and receive access to protected content. The data entered during registration are used for the purposes of using our offering. Registered users can be informed about information relevant to our offering or registration, such as changes to the scope of the offering or technical circumstances, by email. The recorded data can be viewed on the input screen during registration.

A user account is registered on our website within a double-opt-in process. This means that, after registration, you receive an email in which you are asked to confirm your registration. This confirmation is necessary in order that no one with unknown email addresses can register. Registrations are logged in order to enable the registration process to be tracked in accordance with legal requirements. This includes saving the time of registration confirmation, as well as the IP address.

We reserve the right to block user accounts in order to prevent improper or dishonest behaviour or breaches of copyright and usage rights with respect to the content offered by us.

Our eMail forms and the form for registering on our website give you the opportunity to state your consent to our use of your transferred personal data for later contact (opt-in). Reasons for occasional later contact may include the provision of current information about our tools or about our company, or invitations to events (such as trade fairs or seminars) which may be of specialist interest to you. By consenting to the use of your data, you consent to use for the purposes described. Contact may include advertising information and may take place by phone, email or post, and only with the consent of the recipients or legal permission. You may at any time revoke your consent to the use of your personal data for this information service. We do not disclose the information stored for these purposes to third parties in any way.

Registration for our information service takes place in a double-opt-in process. This means that, after registration, you receive an email in which you are asked to confirm your registration. This confirmation is necessary in order that no one with unknown email addresses can register. Registrations are logged in order to enable the registration process to be tracked in accordance with legal requirements. This includes saving the time of registration confirmation, as well as the IP address.

We work with the German electronic delivery service provider CleverReach GmbH & Co. KG, Mühlenstraße 43, 26180 Rastede, Germany, for sending electronic messages (emails and newsletters). The email addresses, as well as other personal data for the creation of personalised messages, are stored on CleverReach servers located solely in Germany, and in accordance with German and European data privacy laws. CleverReach uses this information to send and analyse electronic messages on our behalf. We trust the reliability, IT security and data security of CleverReach. However, CleverReach does not use our address data in order to write to the addresses themselves, nor to disclose the data to third parties. CleverReach’s Data Privacy Statement and assurances with respect to data security can be viewed here: https://www.cleverreach.com/en/data-security/ and https://www.cleverreach.com/en/terms-of-service/. CleverReach commits to protecting our users’ data, to processing it in accordance with the applicable data privacy provisions on our behalf, and in particular to not disclosing it to third parties.

For statistical and anonymous evaluation purposes, the electronic mailings contain an integrated, hidden tracking pixel (web beacon) that is activated each time images from the CleverReach server are opened and accessed. In the framework of access of this type, technical information is initially recorded, such as information on the browser and your system as well as your anonymised IP address and time of access. Similarly, determining whether the electronic mailings are open, when they are opened, and which links are clicked is also recorded for statistical purposes. The analyses are used to identify our users’ reading habits and to adapt our content to them, or to send different content in accordance with our users’ interests.

You can object at any time to the sending of our mailing by revoking your consent. There is a link to unsubscribe from electronic notifications at the end of each electronic message.

On what legal basis and for what purposes do we process your data?
We process your personal data in compliance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz (BDSG)).

a. In order to fulfil contractual obligations or precontractual measures (point (b) of Article 6(1) GDPR)

Personal data are processed in the initiation and fulfilment of contractual obligations, e. g. in processing your orders. The purposes of data processing are aligned with your specific request or the commissioned service; examples include the provision of relevant information, the rendering of analytical, consultancy and training services, the creation of individual quotes, the fulfilment of maintenance contracts and service orders, and the execution of transactions in the context of deliveries and ser-vices. In addition, we capture and process personal data in connection with your requests and orders in the context of a business relationship intended to be longer-term, enabling us to fulfil any potential contractual obligations.

b. Based on your consent (point (a) of Article 6(1) GDPR)

In as far as you have issued us consent to process your personal data for certain purposes, these data are processed legally based on your consent. Once consent has been issued, it may be withdrawn at any time. This also applies for any withdrawal of consent issued to us before the GDPR came into effect on 25/05/2018. The withdrawal of consent applies only for the fu-ture and does not affect the legality of the data processed up until the withdrawal of consent.

c. In the context of the balancing of interests (point (f) of Article 6(1) GDPR)

In as far as necessary, we process your data beyond the actual fulfilment of the contract in order to safeguard legitimate interests held by us and third parties in as far as the interest and basic freedoms of the data subject do not override such processing. In particular, legitimate interest exists before a contract with a financial risk is established, e.g. in the event of non-payment risks or in the event of the assertion of legal claims and defence in the event of legal disputes.

What sources and data do we use?
We process personal data that we have received from our customers or other data subjects in the context of our business relationships. In addition, in as far as is necessary for the provision of contractual services, we process personal data that we have permissibly gained from publicly accessible sources (e. g. registers, the press, and online), or which other companies or other third parties (e. g. commercial credit agencies, and operators of specialist portals) have legitimately transferred to us.

Relevant personal data could be

a. Contact information such as your name, academic title, gender-specific title, address, eMail address, phone num-ber, and fax number;
b. Professional and subject-based information such as your professional responsibilities and role title as well as specialist interests;
c. Communication preferences such as your preferred language, preferred channels of communication (phone, postal, or eMail), consent to marketing communications or use for other purposes and possible objections;
d. Data regarding customer relationship history such as your participation in our seminars, training, trade fair visits, or the use of support services or other interactions;
e. Documentation data such as logs or reports of conversations, consultancy, or services;
f. Order and payment-related, and financial data for processing transactions such as bank details and account numbers; as well as other data comparable with the stated categories.

Who will receive my data?
Within our company, those offices that require your data for the fulfilment of our contractual and legal obligations receive access to your data. Service providers and agents we use may also receive the data for this purpose if they are qualified as order processors and a corresponding processing contract has been agreed. Corresponding companies fall into categories such as IT services, communications and printing services, and logistics.

Furthermore, it may be that we transfer your personal data – for the performance of our contractual obligations or on the ba-sis of your consent – to our subsidiaries, regional field offices, foreign agencies, distributors and other agencies who work on our behalf. As a result, in following-up an enquiry for instance, it is usual to use our local points of contact or specialists, or to fully transfer the provision of support in order to meet your re-quirements to the best possible extent.

Public bodies (such as supervisory authorities, financial authorities and law enforcement agencies) may also be recipients of personal data in the event of a legal or official obligation.

Is my data transferred to a third country?
Your data is transferred to bodies in states outside the European Union (referred to as third countries) in as far as

a. this is required for the execution of your orders (e.g. for providing deliveries and services abroad)
b. this is legally required, or
c. you have provided us with your consent.

How long is my data stored for?
We process and store your personal data for as long as is necessary for serving the purposes that were stated when the data were collected, or for the fulfilment of our contractual obligations.

If the data are no longer required for the fulfilment of contractual or legal obligations, they will be erased on a regular basis unless their – time-limited – further processing is necessary for the following purposes:

a. the fulfilment of retention obligations under commercial and fiscal law which for example may arise from the German Commercial Code (Handelsgesetzbuch, HGB), the Unions Custom Code (UCC), or the German Tax Code (Abga-benordnung, AO). The retention periods are generally 2 to 10 years.
b. In order to safeguard evidence, the limitation period may be up to 30 years; the regular limitation period pursuant to Sections 195 et seqq., German Civil Code (Bürgerliches Gesetzbuch (BGB)) is 3 years.

What data protection rights am I entitled to?
Each data subject has the right of access (Article 15 GDPR), the right to rectification (Article 16 GDPR), the right to erasure (Article 17 GDPR), the right to restriction of processing (Article 18 GDPR), the right to object (Article 21 GDPR) and the right to data portability (Article 20 GDPR). The restrictions in accordance with Sections 34 and 35 BDSG apply with respect to the right to access and the right to erasure. In addition, you also have the right to submit a complaint to a relevant supervisory authority for data protection (Article 77 GDPR in conjunction with Section 19 BDSG).

You can at any time withdraw any consent you have issued for the processing of personal data. This also applies for the withdrawal of consent declarations that were issued to us before the GDPR came into effect, i.e. before 25/05/2018. Please note that the withdrawal only applies with effect for the future. Processing that took place before withdrawal is not affected by this.

Is there an obligation to provide data?
In the context of our business relationship, you are required to provide personal data that are necessary for the establishment, implementation, and termination of a business relationship, and that are necessary for the fulfilment of the associated contractual obligations, or that we are legally required to capture. Without these data, we will not be able to conclude, execute and terminate a contract with you.

Do we perform profiling or scoring?
We do not use any fully automated decision-making (pursuant to Article 22 GDPR) regarding the establishment and implementation of a business relationship. Furthermore, we do not perform any automated profiling or scoring relating to your personal data.

Information on the right to object in accordance with Article 21 GDPR