Data protection declaration

The controller

for data processing within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is
SONAX GmbH Münchener Str. 75 86633 Neuburg Germany
Telephone: +49 / 84 31 / 53-0 Email: [email protected] Internet: www.sonax.de

The data protection officer

of the controller is:
Mrs Vera Schneider Email: [email protected]
who can otherwise be reached using the contact details of the controller.

Protection of your personal data

Data protection and the protection of your privacy are important to us. We therefore only process personal data in accordance with the applicable data protection and data security legislation, in particular the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the Telecommunications and Telemedia Data Protection Act (TTDSG). In this, we are guided by the principle of data avoidance and data minimisation. Our employees are bound to confidentiality and secrecy.

Our website can be used without registration, i.e. without actively disclosing your identity or manually entering personal data. Nevertheless, personal data are collected every time you visit our website. It may also be necessary to provide your personal data in the context of use, e.g. when you contact us. The following data protection declaration informs you about the processing of your personal data when using our website, the measures taken to protect your data and your rights as a data subject.

General principles for the processing of personal data

1. Description of the processing of personal data

We use IT systems on our websites to provide services to our users, through which we process the personal data described in more detail below.

2. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.

When processing personal data that is necessary for the fulfilment of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis in conjunction with a special authorising standard setting out the legal situation more concretely.

If the processing is necessary to safeguard a legitimate interest of the controller or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.

3. Transfer of data, processors, external providers

Data transfer

Your personal data will not be transferred to third parties for purposes other than those listed below. We only pass on your personal data to third parties

if you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
if the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
in the event that there is a legal obligation for disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR,
if this is necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR.

Processors

Your data will only be passed on to processors within the framework of the statutory provisions, in particular in accordance with Art. 28 GDPR. We have concluded a service agreement and a valid contract for data processing with all processors. The processor will only process the personal data on our instructions and for the purposes described, in particular for the fulfilment of the contract.

Your data are protected against loss, misuse and unauthorised or unapproved access, disclosure, modification or deletion. We log access, collect access passwords and encrypt data, provided this does not fundamentally impair our services.

External providers and links

On our website you may also find information and/or services from other providers who collect personal data as part of their offerings. Please note that we are not responsible for the processing of these data: only the external provider is, to whom other conditions may apply.

This website may contain links to websites of other providers. Please note that this data protection declaration applies exclusively to our website. We cannot check whether external providers comply with the applicable data protection regulations.

4. Data erasure and duration of storage

The personal data of the data subjects will be deleted or restricted as soon as the purpose of the storage no longer applies, e.g. the storage of the data is no longer required for the fulfilment of a contract or an overriding legitimate interest. Data may also be stored if this is provided for by European or national legislatures through regulations, laws or other provisions to which the controller is subject. The data will therefore be deleted or restricted when a storage period prescribed by the aforementioned regulations expires.

Visiting our website

1. Description and scope of data processing

When you visit our website www.sonax.com information is automatically sent to the server of our website by the browser used on your device. This information is temporarily stored in a logfile. The following information is collected without any action on your part and stored until it is automatically deleted:

IP address of the user (requesting computer)
Date and time of access
Name and URL of the accessed file/page
Website from which the access is made (referrer URL)
Browser used and the operating system of your computer
Name of your access provider

The logfiles contain IP addresses or other data that can be assigned to a user and are therefore predominantly categorised as personal data.

2. Purpose of data processing

We process the aforementioned data for the following purposes:

Ensuring a smooth connection to the website
Ensuring easy use of our website
Analyses of system security and stability
Evaluation of user behaviour
Other administrative purposes

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. Storage in logfiles takes place to ensure the functionality of the website. We also use the data to optimise the website and to ensure the security of our information technology systems. In this specific context, we do not use the data collected here for the purpose of drawing conclusions about your person for marketing purposes. These purposes justify our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.

Anonymous information may be statistically evaluated by us in order to optimise our website and the technology behind it. In addition, we use cookies or other analysis services when you visit our website. You will find more detailed explanations below in this data protection declaration.

3. Legal basis for data processing

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b GDPR, as a user relationship exists, as well as Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the data processing purposes described above.

4. Duration of storage

The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is generally the case when the respective session has ended. If unabridged IP addresses are stored in logfiles, the personal data will be deleted or anonymised after seven days at the latest. Additional storage is possible in connection with cookies or analysis services. In this case, the IP addresses of the users are deleted or truncated so that it is not possible to identify the calling client. You will find more detailed explanations below in this data protection declaration.

5. Possibility of objection and deletion

The collection of data for the provision of the website and the storage of data in logfiles is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

Forms on the website, bookings, enquiries, contact, newsletter

If you contact us with questions of any kind by email or contact form, you give us your voluntary consent to process your personal data for the purpose of contacting you. These are used to allocate the enquiry and subsequently answer it.

The following personal data are collected and processed in the various forms:

Enquiry form Authorised Detailer: First name, surname, company name, email, postcode, telephone number, country
Contact form: First name, surname, email, telephone number, street, house number, postcode, city, country
Seminar enquiry form: First name, surname, company, email, telephone, street, house number, postcode
Seminar booking Company: First name, surname, street, house number, postcode, city, telephone number, fax number, email

Product enquiry: First name, surname, email, street, house number, postcode, town, country

We process personal data to handle your enquiries, to provide the services you have requested and to ensure compliance with laws and regulations.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. a and b GDPR, as in each case your consent is given to the use of a form or the sending of information and/or a contractual service is provided.

The personal data collected will be stored for as long as is necessary for the purposes described. If the data are subject to statutory retention obligations, for example under the AO (German Tax Code) or the HGB (German Commercial Code), it must be retained for six or ten years. Otherwise, the general storage principles described above apply.

Newsletters

1. Description and scope of data processing

You can subscribe to a free newsletter on our website. When you register for the newsletter, the following data are collected and transmitted to us via the input screen:

Name of the user
IP address of the calling computer
Date and time of registration
Information about the browser type and version used
The user’s operating system

During the registration process, your consent to the processing of the data is obtained using the double opt-in procedure (double consent) with reference to this data protection declaration. After the first act of consent, the user receives a confirmation email for the second act of consent. The verified user authorises the website operator to send him/her newsletters by email. This procedure forms the basis for legally justified email marketing. Consent for the newsletter can also be obtained by other means, e.g. in writing or by email.

On the basis of your consent, we will use the personal data stored by us to inform you about our products, services and events.

To send the newsletter, the data are passed on to external service providers for contract processing and deleted again after the newsletter has been sent. The data will be used exclusively for sending the newsletter.

2. Purpose of data processing

The purpose of collecting the user’s email address and other personal data is to send the newsletter and to prevent misuse of the services or the email address used.

3. Legal basis for data processing

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. a and b GDPR, as your consent has been obtained for the sending of information and a contractual service is provided.

4. Duration of storage

The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. The user’s email address is therefore stored for as long as the subscription to the newsletter is active. The other personal data collected during the registration process are generally deleted after a period of seven days.

5. Possibility of objection and deletion

You can revoke your consent at any time with future effect and cancel the newsletter, both via the unsubscribe link in the individual mailings and informally, e.g. by contacting [email protected]. Further information on consent can be found in the section “Rights of the data subject”.

Cookies, plugins and web analytics

Below we describe in detail which cookies, analysis tools and plugins we use, which data are processed and how you can deactivate the analysis tools. The term “cookies” is also used as a generic term for plugins and analysis tools of all kinds.

1. What are cookies?

Cookies are placed when using our website. Cookies are small files that are automatically created by the browser and stored on the user’s end device (laptop, tablet, smartphone, etc.) when they visit the website. Cookies do not cause any damage to the end device and do not contain any viruses, Trojans or other malware. Information is stored in the cookie that results in each case from the relationship with the specific terminal device used. Cookies can be recognised and read automatically during a visit in progress or on the next visit. However, this does not mean that the website operator is directly informed of the identity of the user.

Cookies make visiting the website more user-friendly by remembering personal settings or serve the advertising interests of the website operator. Cookies make it possible, in particular, to determine the frequency of use and number of users of the pages, to analyse page usage behaviour and to make our offering more customer-friendly. So-called session cookies are used, among other things, to recognise that the user has already visited individual pages of the website. These are automatically deleted after you leave the site.

If you leave our site and access third-party sites, cookies may also be placed by the target site. We are not legally responsible for these cookies. For information on the use of these cookies by third parties and the information stored therein, please refer to their privacy policies.

2. Legal basis for cookies, analysis tools and plugins

We may store cookies on your device if they are technically necessary for the operation of the website. Necessary cookies help to make a website usable by enabling basic functions such as page navigation or language selection. The website may not function properly without such cookies. The data processed for the aforementioned purposes serve to safeguard our legitimate interests, which are overriding in the context of a balancing of interests, and are therefore necessary in accordance with the principle of proportionality. The legal basis for technically necessary cookies is Art. 6 para. 1 sentence 1 lit. f GDPR in conjunction with § 25 para. 2 no. 2 TTDSG (the German Telecommunications-Telemedia Data Protection Act).

We require your consent for all other cookie types. You can specifically select these as explicit opt-in consents in a dialogue window (cookie consent window) on your first visit to our website. This places a cookie in your system that contains your cookie settings and signals to our system which cookies have been accepted each time you visit our website. You can change or revoke your cookie settings on our website at any time. You can find information on deactivating cookies below. The legal basis for all other cookie types is Art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para. 1 TTDSG, insofar as you have given your consent.

If you delete all cookies, the cookie with your cookie settings will also be deleted, so you will have to set your cookie preferences again. The limitation of cookies can lead to limited functionality of the website.

3. How do we use cookies, analysis tools and plugins? Purpose of data processing

Within the framework of the use of cookies, analysis tools and plugins, the name of the Internet service provider, requested files, IP address, access to individual pages, browser type, screen resolution, colour depth, operating system, search terms and reference pages from which you have accessed our websites are processed, among other things.

The data contained in session cookies or other cookies are processed by us for the following purposes:

Ensuring the smooth operation of the website
Ensuring easy use of our website
System security and stability
For further administrative or advertising purposes

The data collected may be processed and used to improve the marketing of the websites, to increase the user-friendliness of the websites and for other optimisation purposes. The analysis required for marketing and optimisation purposes does not generally allow any direct conclusions to be drawn about your person or personal data. In particular, no names, addresses, telephone numbers or other data that can be directly attributed to individuals are stored. The analysis only provides aggregated data, such as the number of visitors and page views.

Cookies make it possible, among other things, to customise our website to your wishes, to establish connections between different visits to our website or to save your password in the browser so that you do not have to re-enter it each time.
Cookies can also be used for target group-orientated advertising. Third-party providers and automatic data collection tools may also be authorised to use cookies so that they can support us in providing our own content and advertisements and in measuring the effectiveness of our advertising measures. For registered users, the data collected on our websites are not anonymous. This information may be used together with other information we know or infer about you, such as your preferences, to provide you with customised content, services and advertisements.

We currently use the cookies automatically listed and described in more detail in our cookie policy on our website.

4. Duration of storage

Some cookies are deleted after the end of the browser session, i.e. after closing the browser (so-called “session cookies”). Other cookies remain on the end device and make it possible to recognise the user on the next visit (“persistent cookies”). The specific duration of storage can be found in our cookie policy and in the overview in the cookie settings of your web browser. Otherwise, the general storage principles described above apply.

5. Deactivation of cookies

You can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. If you deactivate cookies completely, you may not be able to use all the functions of a website.

If you want to prevent cookies from being used, set your browser so that it deletes cookies from your hard drive, blocks all cookies or warns you before a cookie is stored so that you can decide on a case-by-case basis whether you want the cookie. Each browser differs in the way it manages cookie settings. They are described in more detail in the help menu of each browser. There it is explained how you can change your cookie settings. You can find the relevant browser information at the following links, for example:

Internet Explorer: https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox, https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop, https://support.mozilla.org/en-US/kb/block-websites-storing-cookies-site-data-firefox
Firefox for Android: https://support.mozilla.org/de/kb/cookies-aktivieren-deaktivieren-firefox-android
Safari: https://support.apple.com/guide/safari/sfri11471/mac
Chrome: http://support.google.com/chrome/bin/answer.py?hl=en&hlrm=en&answer=95647
Opera: https://help.opera.com/en/latest/web-preferences/

You will also find the options for deactivation directly in the description of the cookies, plugins and tracking measures.

PIWIK PRO

This website uses Piwik PRO Analytics Suite, a web analytics service provided by Piwik PRO GmbH, Knesebeckstraße 62/63, 10719 Berlin (hereinafter referred to as Piwik PRO). Piwik PRO is analytics software that uses cookies and tracking tools and collects personal data of website visitors such as IP addresses, browser fingerprints, operating system, usage data, etc., creates user profiles based on browsing history and calculates metrics related to website usage such as bounce rate, intensity of visits, page views, etc. All cookies and tracking tools used by Piwik PRO can be viewed under Cookies. All data processed by Piwik PRO are described under Data. We use the Tag Manager from Piwik PRO to control data collection and processing through cookies and tracking tools. With the Tag Manager, we can create, implement, test and adapt tags from templates, examine the processed data at any time, categorise the tags used and activate them in conjunction with clear consent in order to meet data protection requirements. A detailed description of the options can be found under Tag Manager. The general deactivation of cookies and tracking tools is described in the Cookies section. The purpose of data processing includes the analysis of user behaviour, the creation of user profiles, conversion tracking, etc. in order to display personalised content and carry out online campaigns. The legal basis for data processing is primarily your consent in accordance with Art. 6 para. 1 lit. a GDPR, which is obtained via the consent window (consent banner), but also our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR to improve our website and customer approach. We use Piwik PRO’s Consent Manager to adapt the consent window (Consent Banner) to the website and the language used and to categorise the data from the web analysis service and the Tag Manager so that the processing purpose corresponds to the selected consent. The Consent Manager enables us to design the consent window on our website in accordance with the requirements of the TTDSG and the GDPR. A detailed description of the configuration options can be found under Consent Manager. We use the cloud version of Piwik PRO (Piwik PRO Analytics Suite Cloud), which is hosted for us within the EU by Orange Flexible Engine France (FR Central) and ElastX Sweden (SWE Central). We have concluded a data processing agreement with Piwik PRO, which you can view at Data Processing Agreement. You can find the Piwik PRO online terms of service here: Online Service Terms. Piwik PRO does not pass on your data to other sub-processors or third parties and does not use them for its own purposes. The term of data storage is regulated in the data processing contract and can be determined by us. The data are stored for a period of 14 or 25 months. Further details on the processing of personal data by Piwik PRO can be found in the data protection declaration of Piwik PRO.

Google Maps

This website uses Google Maps to display maps and to create directions. Google Maps is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as “Google”). If you use Google’s advanced functions, for example by clicking on the map displayed, you are using a Google service outside our sphere of influence. In this case, the specifications and information provided by Google in this context apply. On the Google website you will find further information on the Google Terms of Use, additional Terms of Use for Google Maps/Google Earth, the legal notice for Google Maps/Google Earthand the Google data protection declaration. In the data protection declaration you will find information about what data are collected for what purpose and what Google does with these data. The processing of personal data by Google also takes place in the USA. To ensure an adequate level of data protection for data transfers to the USA, Google has adopted the Data Privacy Framework certification. The current certificate from Google can be viewed here. Google also concludes the EU standard contractual clauses with its customers and business partners, see here and here. You can find the wording of the EU standard data protection clauses at https://gsuite.google.com/terms/mcc_terms.html.

Google thereby undertakes to comply with the standards and regulations of European data protection law. The legal basis for the processing and transfer of personal data to Google is your consent, based on Art. 6 para. 1 sentence 1 lit. a GDPR. We also base the use of Google on Art. 6 para. 1 lit. f GDPR, as the data processing serves the user-friendliness of the website and is therefore necessary to protect our legitimate interests. The general deactivation of cookies is described in the Cookies section.

Recaptcha

To protect the forms on this website, we use the “reCAPTCHA” service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”. By using this service, a distinction can be made as to whether the corresponding input is of human origin or has been misused by automated machine processing. The integration of the service requires the IP address and any other data required by Google for the reCAPTCHA service to be sent to Google. If you wish to prevent this, you must block the storage of cookies in your browser. The information obtained is used in accordance with the Google terms of use: https://policies.google.com/privacy?hl=en
The general deactivation of cookies is described in the Cookies section.

Digital Ocean

This website uses the hosting services of the cloud platform for virtual servers from Digital Ocean LLC, 101 Avenue of the Americas, 10th Floor, New York, NY 10013, USA (hereinafter referred to as Digital Ocean). In connection with the search functions offered, Digital Ocean processes the names, images, positions and contact details (address, email address, telephone number) of the sales representatives and sales offices of those responsible. When you use our website, Digital Ocean collects and processes personal data in logfiles such as IP addresses, timestamps and usage data. Digital Ocean’s server locations are in Frankfurt in an ISO/IEC 27001-certified data centre and in the USA. We have concluded a data processing contract with Digital Ocean in accordance with Art. 28 GDPR, which can be viewed at https://www.digitalocean.com/legal/data-processing-agreement. Data transfer to the USA or insecure third countries is legitimised by the conclusion of the EU standard contractual clauses. In addition, Digital Ocean is certified under the EU-U.S. Data Privacy Framework. The details of data transfer to insecure third countries can be found in Digital Ocean’s data protection declaration at https://www.digitalocean.com/legal/privacy-policy. The use of Digital Ocean serves the secure and functional provision, administration and optimisation of our website. The legal basis is founded on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in being able to provide our website in accordance with the purposes described. All personal data will be deleted within the statutory periods. Further information on data protection and data processing by Digital Ocean can be found in Digital Ocean’s data protection declaration at https://www.digitalocean.com/legal/privacy-policy and in the GDPR FAQs of Digital Ocean.

Neon

This website uses the hosting services of the cloud platform for virtual servers from Neon Inc, 209 Orange Street, City of Wilmington, County of New Castle, Delaware 19801, USA (hereinafter referred to as Neon). In connection with the search functions offered, Neon processes names, images, positions and contact data (address, email address, telephone number) of the sales representatives and sales offices of the responsible parties. Neon’s servers are located in the USA. We have concluded a data processing contract with Neon in accordance with Art. 28 GDPR, which can be viewed at https://neon.tech/dpa. Data transfer to the USA or insecure third countries is legitimised by the conclusion of the EU standard contractual clauses. In addition, Neon is certified under the EU-U.S. Data Privacy Framework. Details on the transfer of data to insecure third countries can be found in Neon’s data protection declaration at https://neon.tech/privacy-policy. Neon is used for the secure and functional provision, administration and optimisation of our website. The legal basis is founded on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in being able to provide our website in accordance with the purposes described. Neon stores the personal data described for as long as the account is active or as long as it is required for the provision of services. Further information on data protection and data processing by Neon can be found in Neon’s data protection declaration at https://neon.tech/privacy-policy, in the Neon Privacy Guide and at https://neon.tech/terms-of-service and https://neon.tech/docs/security/security-overview.

Swiftype Search/Swiftype Autocomplete

Insofar as we obtain the consent of the data subject to the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.
Our websites use the “Swiftype” search tool (Elasticsearch, Inc., 800 El Camino Real, Suite 350, Mountain View, CA 94040, USA or Elasticsearch B.V., Rijnsburgstraat 11, 1059 AT Amsterdam, Netherlands).

Swiftype uses cookies to process data such as standard internet log data and details of the usage behaviour of our website search. This serves to constantly improve our search in order to offer you a better search experience. Cookies are small files that are stored on computers or other devices by websites for the purpose of logging and improving the functionality of the website. Swiftype stores these data in a pseudonymised user profile. They are not processed to identify individual users or to compare them with other user data.

Cookies are stored on your device; you have full control over their use. You can deactivate cookies or restrict the transfer of data by cookies by changing the settings of your web browser. Cookies that have already been saved can be deleted at any time. After deactivating cookies, you may no longer be able to use the functions on our website to their full extent.
The general deactivation of cookies is described in the Cookies section.
Swiftype also offers further data protection information at
https://www.elastic.co/de/legal/privacy-statement
https://swiftype.com/privacy-and-gdpr-faq

Cloudinary

Our website uses Cloudinary, a cloud-based image and video management service for displaying embedded content. The service provider is the US company Cloudinary Limited (hereinafter Cloudinary), 111 W Evelyn Ave, Suite 206, Sunnyvale, CA 94086, USA. When you call up a page that contains content displayed via Cloudinary, a connection to the Cloudinary server is established. To ensure an adequate level of data protection for data transfers to the USA, Cloudinary has certified itself in accordance with the Data Privacy Framework certification. The current certificate from Cloudinary can be viewed here. In addition, Cloudinary bases transfer on the Standard Contractual Clauses of the EU Commission to ensure an adequate level of data protection. Further information on the international transfer of data by Cloudinary can be found under “Transfer of Personal Information” in the Cloudinary Data Protection Declaration. The purpose of data processing is to provide you with optimised embedded content. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest follows from the described purpose of data processing. We have concluded a Data Processing Agreement with Cloudinary. Further data protection information can be found in the Cloudinary Data Protection Declaration.

Facebook fan page data protection declaration

The controller for the Facebook platform as a whole is Meta Platforms Ireland Limited 4 Grand Canal Square, Dublin 2, Ireland or Meta Platforms Inc, 1 Hacker Way, Menlo Park, California 94025, USA (hereinafter referred to as Facebook). The controller for our own Facebook page is the controller for the website above.

When you visit our Facebook fan page, Facebook collects personal user data, e.g. through the use of cookies, tracking and similar technologies. This also applies to users who are not logged in or registered with Facebook while visiting the site. The types of cookies and tools used by Facebook are described in detail in the Cookie policy. There you will also find a list of cookies and comparable technologies. Under Cookie settings you can manage the authorised cookies yourself.

Facebook transmits some of the information collected to affiliated companies in the USA. Facebook bases this transfer on the Standard Contractual Clauses of the EU Commission to ensure an adequate level of data protection. In addition, Meta Platforms, Inc., the parent company of Facebook, is certified in accordance with the Data Privacy Framework. A current certificate can be viewed here. Further information on international data transfer by Facebook can be found at https://www.facebook.com/legal/terms/dataprocessing and https://www.facebook.com/legal/EU_data_transfer_addendum/update.

Further information on data processing by Facebook as a whole can be found in the Facebook data policy. How and to what extent personal user data are processed by Facebook is not transparent or verifiable for us in detail.

We do not have full access to your personal data processed by Facebook, including your profile data. Only the publicly accessible information in your profile is visible to us. You can determine the scope of the information publicly accessible in your profile yourself in the Facebook settings. There you can, for example, hide your likes or unfollow our Facebook page. Your profile will then no longer appear in the list of fans on our fan page.

With regard to your visit to our Facebook fan page, we receive anonymous usage statistics from Facebook with the following information, for example:

Range: Number of people accessing a specific post, advert, etc. and its change over time; number of user interactions with a specific post and its change over time; advert performance (cost per click; number of people who have seen an advert)
Followers: Number and of people who follow our page over a certain period of time and its change over time
Demographics: Average age of users, gender, place of residence, language

We use the statistical information to find out which content is well received by our users and what interests our users have. This enables us to adapt the offers and contributions on our website to the needs of our users and to continuously improve our website in line with our target group.

The legal basis for the processing of usage data and statistics is Art. 6 para. 1 lit. a GDPR, insofar as you have consented to the processing. The processing of the statistics is also based on a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, whereby our legitimate interest results from the above description of the purpose.

We cannot assign the statistical usage data to a specific profile or user or draw any other conclusions about an individual user. You can use your Facebook settings to decide how targeted advertising is displayed to you. Under Advertising settings you can customise your advertising preferences yourself in your user account.

Facebook compiles the statistics on the basis of usage data to which we have no access. We have concluded a Controller Addendum with Facebook which regulates which data processing operations we or Facebook are responsible for when you visit our Facebook fan page. Facebook has assumed responsibility for the processing of your usage data and has undertaken to protect your rights under the GDPR. You can view this agreement under the following link: https://www.facebook.com/legal/terms/page_controller_addendum
If you actively contact us, e.g. via posts, comments, forms or chat functions, we process your personal data, e.g. name, contact details, concerns, etc., to process your enquiry and communicate with you. For this purpose, we store your data in our CRM system. Depending on the nature of your enquiry, the legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in order to process a general enquiry with you, or Art. 6 para. 1 lit. b GDPR if your enquiry is aimed at concluding a contract.
Your personal data will only be stored on our systems for as long as this is necessary in accordance with the above-mentioned purposes or for as long as there are statutory retention obligations.

There is no legal or contractual obligation for you to provide your personal data. However, you cannot use our Facebook fan page without your personal data being processed by Facebook.

Further information on how we process personal data and what rights you have in this regard can be found in this data protection notice. With regard to data processing by Facebook, we ask you to exercise your rights directly using the Facebook email address or contact options. With regard to our data processing, you will find the contact options above.

Instagram data protection declaration

The controller for the Instagram platform as a whole is Meta Platforms Ireland Limited 4 Grand Canal Square, Dublin 2, Ireland and Instagram, LLC1601 Willow Road, Menlo Park, California 94025, USA (hereinafter referred to as Instagram). The controller for our own Instagram page is the controller for the website above.

When you visit our Instagram page, Instagram collects personal user data, e.g. through the use of cookies, tracking and similar technologies. This also applies to users who are not logged in or registered with Instagram while visiting the site. The types of cookies and tools used by Instagram are described in detail in the Cookie policy. There you will also find a List of cookies and similar technologies and further information on how you can Manage cookies yourself.

Instagram transmits some of the information collected to affiliated companies in the USA. Instagram bases the transfer on the Standard Contractual Clauses of the EU Commission to ensure an adequate level of data protection. Further information on the use of the standard contractual clauses by Instagram can be found at https://www.facebook.com/help/instagram/272603474673152. In addition, Meta Platforms, Inc., the parent company of Instagram, is certified under the Data Privacy Framework. A current certificate can be viewed here. Further information on international data transfer by Meta Platforms, Inc. can be found at https://www.facebook.com/legal/terms/dataprocessing and https://www.facebook.com/legal/EU_data_transfer_addendum/update.
Further information on data processing by Instagram as a whole, in particular which personal data Instagram processes for which purposes, can be found in the Privacy policy and in the Terms of use of Instagram. How and to what extent personal user data are processed by Instagram is not transparent or verifiable for us in detail.

We do not have full access to your personal data processed by Instagram, including your profile data. Only the publicly accessible information in your profile is visible to us. You can determine the scope of the information that is publicly accessible in your profile yourself in the Instagram settings. For example, you can decide to no longer follow our Instagram page there.

With regard to your visit to our Instagram page, we receive anonymous usage statistics from Instagram with, for example, the following information:

Range: Number and of people who open a specific post, advert, etc. and its change over time; number of user interactions with a specific post and its change over time; advert performance (number of people who have seen an advert/post); from this it is possible to deduce, for example, which adverts/posts are better received than others.
Followers: Number and of people who follow our page over a certain period of time and its change over time

Instagram compiles the statistics on the basis of usage data to which we have no access. We use the statistical information to find out which content is well received by our users and what interests our users have. This enables us to adapt the offers and contributions on our website to the needs of our users and to continuously improve our website in line with our target group.

We cannot assign the statistical usage data to a specific profile or user or draw any other conclusions about an individual user. You can use your Instagram settings to decide how targeted advertising is displayed to you. You can customise your advertising preferences yourself in your user account under advertising settings.

If you actively contact us, e.g. via posts, comments, forms or chat functions, we process your personal data, e.g. name, contact details, concerns, etc., to process your enquiry and communicate with you. For this purpose, we store your data in our CRM system. Depending on the nature of your enquiry, the legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in order to process a general enquiry with you, or Art. 6 para. 1 lit. b GDPR if your enquiry is aimed at concluding a contract.

Your personal data will only be stored on our systems for as long as this is necessary in accordance with the above-mentioned purposes or for as long as there are statutory retention obligations.

There is no legal or contractual obligation for you to provide your personal data. However, you cannot use our Instagram page without Instagram processing your personal data.

Further information on how we process personal data and what rights you have in this regard can be found in this data protection notice. With regard to data processing by Instagram, we ask you to exercise your rights directly using the Instagram email address or contact options. With regard to our data processing, you will find the contact options above.

TikTok data protection declaration

TikTok is an international video portal where users can watch, share and upload mainly short video clips, especially lip-sync and music videos. The controller for the TikTok platform as a whole is TikTok Technology Limited 10 Earlsfort Terrace, Dublin, D02 T380, Ireland and the Chinese company ByteDance (hereinafter referred to as TikTok). The controller for our own TikTok page is the controller for the website above.

When you visit our TikTok page, TikTok collects and processes personal user data, in particular profile data and user content, IP addresses, browser type, operating system and other technical data, usage data, location data, data about contacts, followers, etc. TikTok also processes personal user data through the use of cookies, tracking tools and similar technologies for the operation and provision of TikTok services and for advertising purposes.

TikTok uses tracking technologies to analyse how you use the platform, e.g. which pages you visit most frequently and how you interact with the content. This information is used to evaluate or report your activities and behaviour patterns as a user of the platform.

This also applies to users who are not logged in or registered with TikTok during their visit to the site. The types of cookies and tools used by TikTok are described in detail in the Cookie policy. There you will also find a list of cookies and similar technologies as well as further information on how you can manage cookies yourself. For example, you have the option of adjusting your device settings to control your advertising ID and can deactivate personalised advertising. You can find further information on how to configure data protection and privacy settings on TikTok under Account privacy settings. You can also manage and deactivate cookies in your web browser, which is also possible without a TikTok account. However, this may affect the functionality of our TikTok page.

Further information on data processing by TikTok overall, in particular which personal data TikTok processes from you and for what purposes, can be found in the Privacy policy and in the Terms of Use of TikTok. How and to what extent personal user data are processed by TikTok is not transparent or verifiable for us in detail.

We do not have full access to your personal data processed by TikTok, including your profile data. Only the publicly accessible information in your profile is visible to us. You can determine the scope of the publicly accessible information in your profile yourself in the Privacy settings of TikTok. There you can, for example, no longer follow our TikTok page or specify which information may or may not be shared.

For our TikTok page we receive from TikTok so-called “Page insights” (analytics). These are aggregated data that tell us how people interact with our site. Page Insights may be based on personal data collected in connection with a visit or interaction on our TikTok page. They contain aggregated usage statistics with, for example, the following information:
Range: Number and of people who open a specific post, advert, etc. and its change over time; number of user interactions with a specific post and its change over time; advert performance (number of people who have seen an advert/post); from this it is possible to deduce, for example, which adverts/posts are better received than others.

Followers: Number and of people who follow our page over a certain period of time and its change over time.

TikTok compiles the statistics on the basis of usage data to which we have no access, and we use the statistical information to find out what content is well received by our users and what interests our users have. This enables us to adapt the offers and contributions on our website to the needs of our users and to continuously improve our website in line with our target group.

We cannot assign the statistical usage data to a specific profile or user or draw any other conclusions about an individual user. You can use your TikTok settings to decide how targeted advertising is displayed to you. You can customise your advertising preferences yourself in your user account under advertising settings.

TikTok transmits some of the information collected to partners or group companies in unsafe third countries. In doing so, TikTok bases the transfer on the Standard Contractual Clauses of the EU Commission to ensure an adequate level of data protection. Through the standard contractual clauses, TikTok undertakes to comply with the European level of data protection, even if the data are processed in unsafe third countries. Further information on the use of the standard contractual clauses by TikTok can be found in the Privacy policy of TikTok.

Your personal data will only be stored on our systems for as long as this is necessary in accordance with the above-mentioned purposes or for as long as there are statutory retention obligations. TikTok also stores data on servers in the USA or other third countries. TikTok determines the storage period in accordance with the respective legal provisions and its internal guidelines. We do not know how long TikTok stores your data.

There is no legal or contractual obligation for you to provide your personal data. However, you cannot use our TikTok site without it processing your personal data.

Further information on how we process personal data and what rights you have in this regard can be found in this data protection notice. With regard to our data processing, you will find the contact options above. With regard to data processing by TikTok, we ask you to exercise your rights directly via the TikTok legal notice, the email address or the contact options. You can contact TikTok’s data protection officer using the online contact form provided by TikTok. Via the TikTok data protection form you can request further data protection information.

YouTube data protection declaration

YouTube is a social network and online video portal of YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”) is responsible for all data processing in Europe.

The controller for our own YouTube page is the controller for the website above. In addition, our website uses plugins and embedded videos from YouTube.

When you visit our YouTube page, YouTube, as the controller, collects personal user data, e.g. through the use of cookies. We cannot track or influence which user data YouTube processes in detail. We also do not have full access to the processed data or your profile data. We can only view the publicly accessible information on your profile that you yourself determine in your YouTube settings.

We receive anonymous statistics from YouTube regarding the use of our YouTube page, which contain the following information:

Followers: Number of people who follow our YouTube page, including growth and development over a defined time frame.
Range: Number of people who see a specific contribution. Number of interactions with a post. From this, for example, it is possible to deduce which content is better received than others.
Ad performance: Number of people who have been reached with a post or paid advert and have interacted with it.

We use the statistics, from which we cannot draw any conclusions about individual users, to improve our YouTube page and to respond to the interests of our users. We cannot link the statistical data with the profile data of our users or followers. You can use your YouTube settings to decide how targeted adverts are displayed to you.

If you actively contact us on YouTube, e.g. via comments, forms or chat functions, we process your personal data, e.g. name, contact details, concerns, etc., to handle your enquiry and communicate with you. For this purpose, we store your data in our CRM system. Depending on the nature of your enquiry, the legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in order to process a general enquiry with you, or Art. 6 para. 1 lit. b GDPR if your enquiry is aimed at concluding a contract.

Your personal data will only be stored on our systems for as long as this is necessary in accordance with the above-mentioned purposes or for as long as there are statutory retention obligations.

There is no legal or contractual obligation for you to provide your personal data. However, you cannot use our YouTube page without YouTube processing your personal data.

When you visit our websites with a YouTube plugin, a connection is established to the YouTube server and notified which of our pages you are visiting. Videos from YouTube are displayed on our website using framing technology and can be played directly from there.

This service is inactive by default, but you can activate and deactivate it at any time by giving your consent. As soon as you click on the consent button and thereby declare your consent to view the content from YouTube, the connection to YouTube is established.

Through the embedding technology, YouTube places at least one cookie in the user’s browser and thus automatically collects personal data of the website visitor, such as the IP address and behaviour on the site, which is transmitted to Google. The legal basis for the processing of the data is your consent pursuant to Art. 6 para. 1 lit. a GDPR.

The data collected is processed by Google and may also be transferred to countries outside the European Union. We have no influence on the type and scope of the data processed by Google, the use or transfer of these data to third parties, in particular to countries outside the European Union.

Data processing and transfer by Google takes place regardless of whether or not you have a user account with YouTube or Google. If you are logged in to a user account, your data will be assigned directly to this account. If you do not wish to do this, you must log out of your user account before visiting our YouTube page or playing a video. The data transmitted to Google is stored by Google in the form of user profiles and used for advertising and market research purposes as well as for personalised design. With the help of this analysis, Google can generate demand-optimised advertising (even for users who are not logged in). You can object to the creation of these user profiles. To do this, you must contact Google.

YouTube does not provide its own data protection declaration, but refers in the Use of YouTube to the data protection provisions of Google. In the Google data protection declaration you can find out more about data processing by Google as well as your rights, settings options and the ability change your settings yourself. The processing of personal data by Google also takes place in the USA. To ensure an adequate level of data protection for data transfers to the USA, Google has adopted the Data Privacy Framework certification. The current certificate from Google can be viewed here. Google also concludes the EU standard contractual clauses with its customers and business partners, see here and here. You can find the wording of the EU standard data protection clauses at https://gsuite.google.com/terms/mcc_terms.html. Google thereby undertakes to comply with the standards and regulations of European data protection law.

Further information on how we process personal data and what rights you have in this regard can be found in this data protection notice. With regard to data processing by YouTube, we ask you to exercise your rights directly via the YouTube email address or contact options. With regard to our data processing, you will find the contact options above.

We use YouTube in connection with the “extended data protection mode” function in order to be able to show you videos. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in improving the quality of our website. According to YouTube, the “Extended data protection mode” function means that the data described in more detail below is only transmitted to the YouTube server when you actually start a video.
Without this “Extended data protection”, a connection to the YouTube server in the USA is established as soon as you call up one of our Internet pages on which a YouTube video is embedded.

LinkedIn data protection declaration

The controller for the LinkedIn platform as a whole is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter LinkedIn). The controller for our own LinkedIn page is the controller for the website above.

When you visit our LinkedIn page, LinkedIn collects personal user data, e.g. through the use of cookies, tracking and similar technologies. This also applies to users who are not logged in or registered with LinkedIn while visiting the site. The types of cookies and tools used by LinkedIn are described in detail in the Cookie policy. You can find an individual list of cookies and comparable technologies in the Cookie table.

LinkedIn may transfer some of the information collected to affiliated companies in the USA. To ensure an adequate level of data protection for data transfers to the USA, LinkedIn has adopted the Data Privacy Framework certification. The current certificate from LinkedIn can be viewed here. In addition, LinkedIn bases the transfer on the Standard Contractual Clauses of the EU Commission to ensure an adequate level of data protection. Further information on the use of the standard contractual clauses by LinkedIn can be found at https://de.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
Further information on data processing by LinkedIn as a whole can be found in the LinkedIn data protection declaration. How and to what extent personal user data are processed by LinkedIn is not transparent or verifiable for us in detail.

We do not have full access to your personal data processed by LinkedIn, including your profile data. Only the publicly accessible information in your profile is visible to us. You can determine the scope of the publicly accessible information in your profile yourself in your LinkedIn settings.

With regard to your visit to our site, we receive anonymous usage statistics from LinkedIn with the following information:

Range: Number of people accessing a specific post, advert, etc. and its change over time; number of user interactions with a specific post and its change over time
Followers: Number and of people who follow our page over a certain period of time and its change over time

We cannot assign the statistical usage data to a specific profile or user or draw any other conclusions about an individual user. You can use your LinkedIn settings to determine whether and in what form targeted advertising is displayed to you.

LinkedIn compiles the statistics on the basis of usage data to which we have no access. LinkedIn has signed a Joint Controller Addendum in which LinkedIn has assumed responsibility for the processing of usage data and has undertaken to protect your rights under the GDPR.

There is no legal or contractual obligation for you to provide your personal data. However, you cannot use our LinkedIn page without your personal data being processed by LinkedIn.
Further information on how we process personal data and what rights you have in this regard can be found in this data protection notice. With regard to data processing by LinkedIn, we ask you to exercise your rights directly using the LinkedIn email address or contact options. With regard to our data processing, you will find the contact options above.

Xing data protection declaration

The controller for the Xing platform as a whole is New Work SE, Am Strandkai 1, 20457 Hamburg (hereinafter referred to as Xing). The controller for our own Xing page is the controller for the website above. There is a joint controller relationship in place, whereby Xing has assumed responsibility for the processing of usage data and has undertaken to protect your rights under the GDPR.

When you visit our Xing page, Xing collects personal user data, e.g. through the use of cookies, tracking and similar technologies. This also applies to users who are not logged in or registered with Xing while visiting the site. The types of tracking tools used by Xing are described under Tracking. You can find a list of tracking technologies at Third-party providers.

Xing may transfer some of the information collected to recipients in third countries. Xing bases the transfer to unsafe third countries on the Standard Contractual Clauses of the EU Commission to ensure an adequate level of data protection. Further information on the use of the standard contractual clauses can be found in Xing’s data protection declaration under Third countries.

Further information on data processing by Xing as a whole can be found in the Xing data protection declaration or in the corresponding long version. How and to what extent personal user data are processed by Xing is not transparent or verifiable for us in detail.
We do not have full access to your personal data processed by Xing, not even to your profile data. Only the publicly accessible information in your profile is visible to us. You can determine the scope of the publicly accessible information in your profile yourself in your Xing settings.

Regarding your visit to our site, we receive anonymous usage statistics (page insights) from Xing with the following information:

Range: Number of people accessing a specific post, advert, etc. and its change over time; number of user interactions with a specific post and its change over time
Followers: Number and of people who follow our page over a certain period of time and its change over time
Demographics: Average age of visitors, gender, place of residence, language

Xing compiles the statistics on the basis of usage data to which we have no access. We cannot assign the statistical data to a specific profile or user or draw any other conclusions about an individual user. You can use your Xing settings to determine whether and in what form targeted advertising is displayed to you.

Your personal data will only be stored on our systems for as long as this is necessary in accordance with the above-mentioned purposes or for as long as there are statutory retention obligations.

There is no legal or contractual obligation for you to provide your personal data. However, you cannot use our Xing page without your personal data being processed by Xing.

Further information on how we process personal data and what rights you have in this regard can be found in this data protection notice. With regard to data processing by Xing, we ask you to exercise your rights directly using the Xing email address or other contact options. With regard to our data processing, you will find the contact options above.

Use of Zoom

We use Zoom for video conferences. You can find the relevant data protection provisions here.

Rights of the data subject

You have the various rights set out below on the basis of the data protection provisions.

1. Right of access

You have the right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of appeal, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information on its details.

2. Right to rectification

In accordance with Art. 16 GDPR, you have the right to demand the immediate rectification of incorrect or incomplete personal data stored by us.

3. Right to erasure

You have the right to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims.

4. Right to restriction of processing

You have the right to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR if the accuracy of the data is disputed by you, the processing is unlawful but you decline to delete it, or if we no longer need the data but you require it for the assertion, exercise or defence of legal claims, or you have lodged an objection to the processing in accordance with Art. 21 GDPR.

5. Right to data portability

In accordance with Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller.

6. Right to revoke the declaration of consent under data protection law

In accordance with Art. 7 (3) GDPR, you have the right to revoke your declaration of consent under data protection law at any time. As a result, we may no longer continue the data processing based on this consent in the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

If you wish to make use of your right of cancellation, it is sufficient to send a corresponding message via all known communication channels, in particular also by email to [email protected].

7. Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your workplace or our company headquarters. In Bavaria this is
Bayerisches Landesamt für Datenschutzaufsicht
Promenade 18 91522 Ansbach
Telephone: 0981/180093-0 Email: [email protected] Internet: https://www.lda.bayern.de

A list of the competent state data protection authorities (for the non-public sector) with addresses can be found at https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html.

8. Right to object

If your personal data are processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.

If you wish to exercise your right of objection, it is sufficient to send a corresponding message via any known communication channel, in particular also by email to [email protected].

After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defence of legal claims. This does not apply if the processing is carried out for direct marketing purposes. We will then no longer process your personal data for this purpose.

9. Automated decision-making in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

(1) is necessary for the conclusion or fulfilment of a contract between you and the controller,

(2) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or

(3) is made with your express consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect your rights and freedoms as well as your legitimate interests.

In the cases referred to in (1) and (3), the controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

Data security

When you visit our website, we use the widespread SSL encryption (Secure Socket Layer) in the TLS standard (Transport Layer Security) in conjunction with the highest encryption level supported by your browser. As a rule, this involves 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit technology instead. You can recognise whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

Purpose and legal basis of data processing

The security measures described are used on the basis of Art. 6 para. 1 sentence 1 lit. f, Art. 32 GDPR. The data processed in this way are required for security purposes to protect our legitimate interests and the interests of third parties in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

Questions for the data protection officer

If you have any questions about data protection, please send us an email or contact the person responsible for data protection in our organisation directly: Mrs Vera Schneider, Email: [email protected]

Up-to-dateness and amendment of this data protection declaration

This data protection declaration is dated February 2024. Due to the further development of our website and offers, e.g. when introducing new services, or due to changed legal or official requirements, it may become necessary to change this data protection declaration. We therefore reserve the right to amend the data protection declaration at any time with future effect. The new data protection declaration will then apply to your next visit. We recommend that you read the current data protection declaration from time to time. The current data protection declaration can be found on our website at https://www.sonax.com/en/footer/legal/privacy-policy.

Privacy Policy

Data protection declaration

The controller

The data protection officer

Protection of your personal data

General principles for the processing of personal data

1. Description of the processing of personal data

2. Legal basis for the processing of personal data

3. Transfer of data, processors, external providers

Data transfer

Processors

External providers and links

4. Data erasure and duration of storage

Visiting our website

1. Description and scope of data processing

2. Purpose of data processing

3. Legal basis for data processing

4. Duration of storage

5. Possibility of objection and deletion

Forms on the website, bookings, enquiries, contact, newsletter

Newsletters

1. Description and scope of data processing

2. Purpose of data processing

3. Legal basis for data processing

4. Duration of storage

5. Possibility of objection and deletion

Cookies, plugins and web analytics

1. What are cookies?

2. Legal basis for cookies, analysis tools and plugins

3. How do we use cookies, analysis tools and plugins? Purpose of data processing

4. Duration of storage

5. Deactivation of cookies

PIWIK PRO

Google Maps

Recaptcha

Digital Ocean

Neon

Swiftype Search/Swiftype Autocomplete

Cloudinary

Facebook fan page data protection declaration

Instagram data protection declaration

TikTok data protection declaration

YouTube data protection declaration

LinkedIn data protection declaration

Xing data protection declaration

Use of Zoom

Rights of the data subject

1. Right of access

2. Right to rectification

3. Right to erasure

4. Right to restriction of processing

5. Right to data portability

6. Right to revoke the declaration of consent under data protection law

7. Right to lodge a complaint with a supervisory authority

8. Right to object

9. Automated decision-making in individual cases including profiling

Data security

Purpose and legal basis of data processing

Questions for the data protection officer

Up-to-dateness and amendment of this data protection declaration