DATA PROTECTION

1  INTRODUCTION AND GENERAL PROVISIONS

 

Thank you for your interest in our company. The management of sanotact GmbH takes your privacy and the protection of your data very seriously. While it is, in principle, possible to use the websites of sanotact GmbH without disclosing any personal data, the processing of personal data may be required if visitors wish to use specific services offered by our company through the website. If the processing of personal data is necessary and there is no legal basis for such processing, we will seek the consent of the data subject.

We process personal data, e.g. the name, address, email address or telephone number of a data subject, strictly in accordance with the General Data Protection Regulation (GDPR) and any applicable national data protection provisions. The purpose of this privacy policy is to provide the public with information about the nature, scope and purpose of the collection, use and processing of personal data, and to inform website users about their rights.

Sanotact GmbH, as the data controller, has implemented a range of technical and organisational measures to ensure that the personal data processed via this website are protected to the fullest extent possible. However, it should be noted that transfer of data over the Internet can pose a security risk and cannot be fully protected against third-party access. For this reason, data subjects are may use alternative means, e.g. telephone to communicate personal data to us.

1.1  Name and address of the data controller

The data controller within the meaning of the General Data Protection Regulation (GDPR), other data protection laws applicable in the member states of the European Union and other data protection provisions is:

sanotact GmbH
Hessenweg 10
48157 Münster

Telephone: +49 (0)251 1421-0
Email: service@sanotact.de

1.2  Name and address of the data protection officer

Our data protection officer can be reached at the following address:

sanotact GmbH
Hessenweg 10
48157 Münster

Email: datenschutz@sanotact.de

Visitors to our website and any other interested parties can contact our data protection officer at any time with any questions or suggestions regarding data protection they may have.

1.3  Disclosure of data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We will pass your personal data to third parties only if

  • you have given your explicit consent in accordance with Article 6(1)(a) GDPR for us to disclose your data e.g. to a carrier by ordering goods to be posted to you or by agreeing to separate terms to take part in competitions,
  • the disclosure is necessary in accordance with Article 6(1)(f) GDPR and there is no reason to assume that you have an overriding legitimate interest in non-disclosure of your data,
  • the disclosure is necessary for compliance with a legal obligation in accordance with Article 6(1)(c) GDPR, or

  • this is legally permissible and is necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 sentence 1 (b) GDPR.

 

2  DATA COLLECTION POLICY

 

2.1    Cookies

The sanotact GmbH website uses cookies. Cookies are text files that are placed and stored on a computer system by a browser.

Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which websites and servers can be assigned to the specific browser in which the cookie was stored. This allows the visited websites and servers to distinguish the concrete browser of the website visitor from other browsers that contain other cookies. A specific browser can be recognised and identified using the unique cookie ID.

By using cookies, sanotact GmbH can provide users of this website with more user-friendly services than would otherwise be possible.

Website users can prevent cookies from being installed by our website by changing the settings of their browser to block the acceptance of cookies. Furthermore, users can delete cookies already stored on their computers through their browser or other software. While all popular browsers offer this option, if used, some features of this website may no longer function properly.

Refuse cookies

2.2    Collection of general data and information

a) When visiting the website

When you visit our website, the browser on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:

  • Name of the accessed file 
  • Date and time of the access
  • Amount of data transferred
  • Message indicating whether the access attempt was successful
  • Type of web browser used
  • Type of operating system used
  • Referring website
  • Name of your ISP
  • Your IP address

We process this data for the following purposes:

  • Ensure a smooth connection to the website,
  • Make our website more user-friendly,
  • Evaluate the security and stability of the system
  • and for other administrative purposes.

The legal basis for data processing is Article 6(1)(f) GDPR. The purposes listed above constitute legitimate interests as defined by GDPR. We will not, under any circumstances, use the data collected to identify you.

b) When using our contact form

If you have any questions, you may contact us using the form provided on the website. If a website visitor contacts us, the personal data transmitted by him or her to us on a voluntary basis will be automatically stored – for the purpose of processing or establishing contact. We do not pass personal data on to third parties. We process the data you provide in the contact form based on your consent to the processing of personal data in accordance with Article 6(1)(a) GDPR.

 

3  WEB ANALYSIS AND WEBSITE OPTIMISATION

 

Google Analytics
If you have given your consent, this website uses Google Analytics, a web analysis service of Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Scope of processing
Google Analytics uses cookies that enable an analysis of your use of our website. The information collected by the cookies about your use of this website is usually transferred to a Google server in the USA and stored.

We use the function ‘anonymizeIP’ (so-called IP-Masking): Due to the activation of IP-anonymization on this website, your IP-address will be shortened by Google within member states of the European Union or in other signatory states of the Agreement on the European Economic Area. Only in exceptional cases the full IP address will be transferred to a Google server in the USA and shortened there. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other data from Google.

During your website visit the following data will be collected:

  • the pages you call up, your “click behaviour“
  • Achievement of “website goals” (conversions, e.g. newsletter registrations, downloads, purchases)
  • Your user behavior (for example clicks, dwell time, bounce rates)
  • Your approximate location (region)
  • Your IP address (in abbreviated form)
  • technical information about your browser and the end devices you use (e.g. language settings, screen resolution)
  • Your internet provider
  • the referrer URL (via which website/advertising medium you came to this website)

Purposes of processing
On behalf of the operator of this website, Google will use this information to evaluate your (pseudonymous) use of the website and to compile reports on website activity. The reports provided by Google Analytics serve to analyse the performance of our website and the success of our marketing campaigns.

Recipient
The data recipient is

  • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

as data processor. For this purpose we have concluded a contract with Google. Google LLC, headquartered in California, USA, and, if applicable, US authorities can access the data stored at Google.

Transfer to third countries
A transfer of data to the USA cannot be excluded.

For more information about Google Analytics terms of use and Google’s privacy policy, please visit https://marketingplatform.google.com/about/analytics/terms/gb/ und unter https://policies.google.com/?hl=en.

Duration of storage
The data sent by us and linked to cookies is automatically deleted after 14 months. Data is automatically deleted once a month as soon as the storage period is reached.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by
a. not giving your consent to the setting of the cookie or
b. downloading and installing the browser add-on to disable Google Analytics HERE.

By setting your browser software accordingsly you can also prevent the storage of cookies. If your browser is set to refuse all cookies, the functionality of this and other websites may be limited.

Legal basis and right of withdrawal
Your consent is the legal basis for this data processing, Art.6 para.1 S.1 lit.a GDPR. You can revoke your consent at any time with effect for the future by changing your selection in the cookie settings.

 [cookiebot]

 

4  USING GOOGLE ADS CONVERSION TRACKING

 

This website uses the online advertising program “Google AdWords” and under Google AdWords, the conversion tracking tool of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We use the offer of Google Ads to draw attention to our attractive offers with the help of advertising materials (so-called Google Ads) on external websites. We can determine how successful the individual advertising measures are in relation to the data from the advertising campaigns. We are interested in showing you advertisements which are of interest to you, in making our website more interesting for you and in achieving a fair calculation of advertising costs.

The cookie for conversion tracking is set when a user clicks on an ad placed by Google Ads. Cookies are small text files that are saved on your computer system. These cookies expire after 30 days and are not used for personal identification. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page. Each Google AdWords customer has a different cookie. Thus, cookies cannot be tracked using the website of Ads customers.

The information collected by the conversion cookie is used to create conversion statistics for AdWords customers, who have opted-in to conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, they do not receive any information that could be used to identify any particular user. If you do not want to participate in tracking, you can opt-out of this by disabling the Google Conversion Tracking cookie in your browser settings or use the implemented cookie notice on our website. By doing so, you will not be included in the conversion tracking statistics. We use Google Adwords because of our legitimate interest in a targeted advertising according to Art. 6 section. 1 lit. f DSGVO (General Data Protection Regulations).

For more information on how Google uses data for marketing purposes, please refer to https://www.google.com/policies/technologies/ads, and Google’s privacy policy https://www.google.com/policies/privacy.

If you wish to opt-out from interest-based advertising by Google marketing services, you can change your settings and take advantage of the opt-out option, at: https://www.google.com/ads/preferences.

 

5  FACEBOOK SOCIAL PLUG-INS

 

On our website, on the basis of Article 6(1)(f) GDPR, we use social plugins from the social media platform Facebook. The underlying commercial purpose constitutes a legitimate interest within the meaning of the GDPR. Responsibility for data protection-compliant operation shall be guaranteed by the respective provider. We integrate these plugins by using the so-called two-click method to protect visitors of our website in the best possible way.

Our website uses social media plugins from Facebook to make it more personalised. We use the “LIKE” or “SHARE” buttons from Facebook for this purpose. This is an offer from Facebook. If you access a page on our website that contains this social plugin, your browser establishes a direct connection with Facebook servers. The content of the plugin is then transmitted by Facebook directly into your browser and integrated by your browser into the page. By integrating the plugin, Facebook receives the information that your browser has accessed a particular page on our website, even if you do not have a Facebook account, or you are currently not logged into Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the US and stored there.

If you are logged into Facebook, Facebook can link the visit to our website directly to your Facebook account. If you interact using the plugins, for example, by clicking on the “LIKE” or “SHARE” button, the relevant information will also be transmitted directly to a Facebook server and stored there. The information will also be posted on your Facebook profile and displayed to your Facebook friends. Facebook may use this information for advertising, market research purposes and to customise its website. For this purpose, Facebook creates user, interest and relationship profiles, e.g. to analyse your use of our website with regard to the advertisements displayed on your Facebook account, to inform other Facebook users about your activities, and to develop further services relating to the use of Facebook. If you do not want Facebook to link the data collected on our website directly with your Facebook account, you have to log out from Facebook before visiting our website. For more information on the purpose and scope of collection, further processing and the use of data by Facebook as well as your rights and the options available to protect your privacy, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy/.

 

 

6  INTEGRATION OF TWITTER

 

We may integrate content and related features of Twitter, which may, for example, be displayed as a feed. Twitter is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. As part of this use, content such as images, videos and texts as well as buttons for liking and subscribing to Twitter may be downloaded.

If you use these features and have an account on the Twitter platform itself, Twitter can use your account to link your activities to your profile. For more information about Twitter’s privacy policy, please refer to https://twitter.com/en/privacy; in addition, Twitter is certified under the Privacy Shield Agreement, which guarantees compliance with European data protection laws and regulations.

You can disable the transmission of data to Twitter by installing an opt-out cookie by clicking on the following link: https://twitter.com/personalization

 

7  RIGHTS OF THE DATA SUBJECT

 

You are entitled to the following rights for data subjects:

a)        Right of access

You have the right to request confirmation from us as to whether they are processing personal data relating to you.

b)        Rectification/ erasure/ restriction of processing

Furthermore, you have the right to require us to

  • without any undue delay the rectification of inaccurate personal data concerning you (right to rectification);
  • the erasure of personal data concerning you without undue delay (right to erasure) and
  • restriction of processing of your personal data (right to restriction of processing).

c)        The right to data portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

d)        Right of withdrawal

You have the right to withdraw your consent at any time. This revocation will not affect the lawfulness of any processing done beforehand.

e)        Right to object

You have the right to object if the processing of your personal data is necessary for the performance of a task carried out in the public interest (Article 6(1)(e) GDPR) or for the purposes of our legitimate interests (Article 6(1)(f) GDPR).

f)        Right of appeal

Without prejudice to any other legal remedy, you have the right to lodge a complaint with a supervisory authority, if you consider that the processing of personal data relating to you infringes the GDPR; for information about the competent supervisory authority, please visit https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm