As at: 08.08.2019
Thank you for your interest in SAUERESSIG. Here, we explain, in accordance with the applicable data protection regulations, which personal data we collect in the context of
• your visit to our website
• job vacancies
(hereafter collectively referred to as the ‘website’), what purposes we use this information and how we use it to optimise our services to you.
1. Data controller, data protection officer
a) Data controller pursuant to Art. 4 (7) GDPR (General Data Protection Regulation) is
Matthews Europe GmbH
Schifferstraße 196, 47059 Duisburg, Deutschland
T: +49 0203 878 42510
hereafter referred to as ‘Saueressig’, ‘we’ or ‘us’. Further information about the provider can be found in our -> Imprint.
b) The data protection officer can be contacted by post at the address above with the remark “Attn: Data Protection Officer” as well as by e-mail at email@example.com
2. Types of data processed, categories of data subjects
2.1 Types of data processed
• Contact details (e.g. e-mail, phone numbers)
• Content data (e.g. text input, photographs, videos)
• Usage data (e.g. web pages visited, interest in content, access times)
• Meta / communication data (e.g. device information, IP addresses)
• Tracking data
• Audience measurement
2.2 Categories of data subjects
• Visitors and users of the website and online services
• Customers, prospects and business partners
(Hereafter, we refer to the data subjects collectively as ‘users’)
3. Purpose of processing
We use your personal information
• when providing the website and the online offering, its features and content,
• for answering contact requests and communicating with users,
• for security measures,
• for audience measurement,
• for the purpose of direct marketing, e.g. in the form of an e-mail newsletter or direct mail.
4. Provision of website and log files
(1) During casual browsing of the website, i.e. if you do not register or otherwise provide us with information, we will only collect the personal data that your browser automatically transmits to our server. If you wish to view our website, we collect the following data that is technically necessary for us to display our website and to ensure the stability and security (legal basis is Article 6 Paragraph (1) Sentence 1 f) GDPR):
• IP address
• date and time of the request
• time difference from Greenwich Mean Time (GMT)
• content of the request (actual page)
• access status / HTTP status code
• transferred amount of data
• website from which the request comes
• operating system and its interface
• language and version of the browser software
(2) Users’ IP addresses will be deleted or anonymised after the end of use. When anonymised, IP addresses are changed in such a way that the individual details of personal or factual circumstances can no longer be assigned to a specific or identifiable natural person, or only with a disproportionate amount of time, cost and manpower.
(1) In addition to the aforementioned log files, cookies are stored on your computer when you use our website. Cookies are small text files that are allocated to the browser you use and stored on your hard drive, and provide certain information to the organisation that sets the cookie (in this case, to us). Cookies cannot run programs or transmit viruses to your computer. They make the internet site more user-friendly and effective overall.
a) This website uses the following types of cookies, the scope and operation of which are explained below:
• Session cookies (see b)
• Persistent cookies (see c).
b) Session cookies store a so-called session ID, which can assign various requests from your browser to the shared session. The session cookies are deleted when you log out or close the browser. If you restart your browser and go back to the website, the website will not recognise you. You will need to log in again (if a login is needed) or you will need to reset templates and preferences if the site offers these features. A new session cookie is then generated, which stores your information and stays active until you leave the page and close your browser.
c) Persistent cookies are automatically deleted after a specified period, which could differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
Technically-required cookies allow the use of our website by enabling basic functions such as page navigation and access to secure areas of the website. Visiting our website may not work properly without these cookies.
Session cookies – are deleted when the browser is closed.
Performance (e.g., the user’s browser), appearance, and preferences
When using our website, cookies are set (e.g., to detect the browser) to improve performance (e.g., faster content loading). When you visit our website, the country or language choices selected by you or automatically detected will be stored in cookies to save you having to re-select them for subsequent visits. In advance, your browser is checked to ensure it supports cookies and this information is stored in another cookie. You will then be shown localised country and language contact information, which will also be saved. The legal basis for this is Art. 6 (1) sen. 1 f) GDPR.
Session cookies – are deleted when the browser is closed.
Analytical cookies (statistics)
We use third-party analytical cookies to understand how visitors use our site. This helps us improve the quality and content on our site. The statistical information aggregated includes data such as total number of visitors. For example, we learn how often and in what order each page was viewed and the average time visitors spend on our pages. We also learn if users have visited our website before. The legal basis for this is Art. 6 (1) sen. 1 f) GDPR. For further information see section 13 (web analysis services).
Persistent cookies – remain valid but are automatically deleted after 1 year if the website is not visited, unless in certain cases shorter deadlines apply.
Advertising cookies (Marketing)
We use advertising cookies to assess the effectiveness of our advertising activities and derive optimisation measures from them. The legal basis for this is Art. 6 (1) sen. 1 f) GDPR.
Persistent cookies – remain valid but are automatically deleted after 1 year if the website is not visited, unless in certain cases shorter deadlines apply
(4) Controlling cookies
You can set your browser so you are aware of when cookies are created and allow cookies only in individual cases, accept cookies for certain cases, exclude them generally as well as activating automatic cookie deletion when closing the browser. Disabling cookies may limit the functionality of this website.
6. E-Mail contact
(1) You can contact us via the e-mail addresses provided on the website. In this situation, user’s personal data transmitted by e-mail will be stored. The data is used exclusively for processing the request. The legal basis for the processing of the data transmitted in the course of sending an e-mail is Art. 6 (1) sen. 1 f) GDPR. If the purpose of the e-mail is to conclude a contract, then the additional legal basis for processing is Art. 6 (1) sen. 1 b).
(2) Data will be deleted as soon as it is no longer needed to achieve the purpose for which it was collected. With regards to personal data inputted into the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation ends when it can be inferred from the circumstances that the matter in question has been unequivocally clarified.
(3) Notwithstanding paragraph 2, customer contact requests referring to a specific business transaction are stored as long as this is necessary for the processing and execution of the contract (Art. 6 (1) sen. 1 f) GDPR) or due to statutory retention obligations (Art. 6 (1) sen. 1 c) GDPR) is required. Contact requests from customers who do not refer to a specific business transaction are stored as long as the business relationship exists. Legal basis is Art. 6 (1) sen. 1 f) GDPR for the protection of our legitimate interests and those of the customer, in particular support and quality assurance. Customers can object to the processing at any time in individual cases.
7.1 Newsletter distribution after purchase
(1) If you have purchased products or services, we may also send you our newsletter, without prior registration to subscribe to the newsletter, to the e-mail address you specified during the purchase. This applies to newsletters promoting similar products as the one you bought.
(2) The legal basis for the processing operations mentioned above in connection with newsletter distribution after a purchase is Art. 6 (1) sen. 1 f) GDPR. Our legitimate interest in data processing is the direct purchase of our products by our customers as well as their interest in offers and promotions.
7.2 Newsletter tracking
(2) The legal basis for the tracking described above is Art. 6 (1) sen. 1 f) GDPR. Our legitimate interest in processing tracking data is our requirement to better tailor our newsletter to our customers’ interests.
(4) Tracking is not possible if you have turned off image viewing by default in your email client. In this situation, the newsletter will not be displayed completely and you may not be able to use all features of the newsletter. If you display the images manually, tracking is performed as above.
8. Advertising job vacancies (online portal)
(1) We advertise job vacancies on our website. To process your online application, we collect, process and use your personal data. Legal basis is Art. 6 (1) sen. 1 b) GDPR in conjunction with Section 26 Bundesdatenschutzgesetz (BDSG – Federal Data Protection Act). Your online application data will be sent by e-mail directly to management. Appropriate technical and administrative measures ensure that your personal data is treated confidentially within legal provisions.
(2) Please note that transmission of data by e-mail is unencrypted and data could possibly be intercepted by unauthorised persons or even falsified. You are welcome to send us your documents by post. If you have applied for a specific position and it is already filled, or if we also consider you to be just as suited or better suited for another position, we would like to forward your application within our company. Legal basis for this is Art. 6 (1) sen. 1 f) GDPR for the protection of your and our legitimate interests. Please inform us if you disagree with this procedure. After completion of the application process, but at the latest after 6 months, your personal data will be automatically deleted, unless you expressly consent to a storage over a longer period.
(3) In addition, the General Privacy Guidelines for Employees and Applicants apply (compulsory information according to Art. 13 GDPR).
9. Transmission to third parties
(1) As part of hosting our website, your data processed by us will be processed based on a processing contract.
(2) In the case of the use of web analysis services and third party providers, data will be transmitted to the extent described herein.
10. Storage time
We process and store your personal information as long as it is necessary for the fulfilment of our contractual and legal obligations. We will delete your personal information as soon as it is no longer necessary for the above purposes. Personal data may be kept for the time in which claims against our companies can be asserted (statutory limitation periods of three or up to thirty years). In addition, we store your personal data as far as we are legally obliged to do so. Corresponding proof and retention obligations result from commercial, tax and social security regulations.
11. Automated decision-making, Profiling
(1) In principle, we do not use fully automated decision-making processes pursuant to Article 22 GDPR to justify and implement the business relationship.
(2) In order to provide you with targeted information and advice on our products from the publishing portfolio, we deploy service providers on our behalf including web analytics tools, especially tracking technology. These enable needs-based communication and advertising. We refer in this regard to Section 12 (Web analysis and advertising).
B. Data processing by third parties
12. Web analysis
12.1 Google Analytics
(1) This website uses Google Analytics, a web analytics service provided by Google Inc. (‘Google’). Google Analytics uses so-called ‘cookies’, text files that are stored on your computer and that allow an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymisation is enabled on this website, Google will truncate your IP address beforehand within member states of the European Union or other parties to the Agreement on the European Economic Area. The full IP address will only be sent to a Google server in the US and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website usage and internet usage to the website operator.
(2) The IP address identified within the framework of Google Analytics will not be merged with other data provided by Google.
(3) You can prevent the storage of cookies by setting your browser software correspondingly; however, we point out that in this case you may not be able to use all the functions of this website in full. In addition, you may prevent Google collecting data generated by the cookie and related to your use of the website (including your IP address) and processing this data by downloading and installing the browser plug-in provided by Google.
(4) This website uses Google Analytics with the extension ‘_anonymizeIp()’. As a result, IP addresses are processed in shortened form, thereby excluding any connection to an individual. Insofar as the data collected about you can be personally identifiable, it will be immediately excluded and the personal data will be deleted immediately.
(5) We use Google Analytics to analyse and regularly improve the use of our website. With the collated statistics, we can improve our service and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the US, Google is subject to the EU-US Privacy Shield https://www.privacyshield.gov/welcome. The legal basis for the use of Google Analytics is Art. 6 (1) sen. 1 f) GDPR.
(6) Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 436 1001. User terms: https://marketingplatform.google.com/about/analytics/terms/de/ and data protection policy: https://policies.google.com/privacy
12.2 Google AdWords
(1) This website uses ‘Google AdWords’, an online advertising program, and conversion tracking within it. Google AdWords places a cookie on your computer if you have reached our website via a Google ad. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages on our website and the cookie has not expired yet, we and Google can ascertain that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. Cookies cannot therefore be tracked across AdWords customers’ websites.
(2) Information gathered by conversion cookies is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to page encoded with a conversion tracking tag. However, they do not receive any information that personally identifies users.
12.3 Google Tag Manager
(1) This website uses ‘Google Tag Manager’ as part of Google Analytics. Tags are small pieces of code on our site that are used, among other things, to measure traffic and visitor behaviour, track the impact of online advertising and social media, use remarketing and audience targeting, and to test and optimise the site. Google Tag Manager is a solution that allows Saueressig to manage website tags through one interface. The Tag Manager tool itself (which deploys the tags) is a domain with no cookies. The tool triggers other tags, which may collect data. Google Tag Manager does not access this data. If disabled at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager.
(2) For more information about Google Tag Manager, visit: https://www.google.com/analytics/tag-manager/use-policy/
12.4 Google Data Studio
(1) Based on Art. 6 (1) sen. 1 f) GDPR (legitimate interest), we use an additional Google Analytics data management tool – ‘Google Data Studio (Beta Version)’ – to visually create custom reports and interactive dynamic dashboards for our users. Here, we use Google Analytics data and no other interfaces to data sources (such as Google AdWords, Attribution 360, BigQuery, Cloud SQL, MySQL, Google Sheets, YouTube Analytics, etc.). The web tool does not require a local application and can be accessed via the internet. Access is via a browser and data sources are connected directly via Google Data Studio. For more information about the use of Google Data Studio, please visit: https://support.google.com/datastudio/answer/6283323?hl=en
(2) The user can revoke their consent to the processing of personal data at any time. If the user contacts us by e-mail, they may object to the storage of their personal data at any time. In such a situation, the conversation cannot be continued.
12.5 Google Optimize
Our website uses the Google Optimize web analytics and optimisation service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (henceforth ‘Google Optimize’). We use Google Optimize to increase the attractiveness, content and functionality of our website by showing new features and content to a percentage of our users and statistically evaluating the change of behaviour. Google Optimize is a related service of Google Analytics (see section on Google Analytics).
(3) The legal basis for data processing is Art. 6 (1) sen. 1 f) GDPR. Our legitimate interest is for the data collection purposes listed above.
13. My Fonts
(1) This website uses Web Fonts, https://www.myfonts.com/
(2) The third-party provider is: Monotype Imaging Holdings Inc., a Delaware corporation with its principal offices at 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA.
14. Links to other websites
(2) Links to external websites are checked by us before linking. However, we have no control over their operator’s adherence to data privacy regulations. We will remove the respective links upon notification of any violations or legal infringements.
C. Rights of data subjects
15. Your rights
If your personal data is processed, you are a ‘data subject’ as defined by GDPR and you have the following rights against us as data controller.
a) Rights arising from Art. 15 ff. GDPR
The data subject has the right to ask the data controller to confirm if relevant personal data has been processed. If this is the case, you have a right to information about this personal data and to the individual information listed under Art. 15 GDPR. Under certain legal conditions, you have the right of correction under Art. 16 GDPR, the right to restrict processing under Art. 18 GDPR and the right to be deleted (‘right to be forgotten’) under Art. 17 GDPR. In addition, it is your right to have data provided by you returned in a structured, common and machine-readable format (right to data portability) under Art. 20 GDPR, provided that the processing is carried out using automated procedures and with consent pursuant to Art. 6 (1) sen. 1 a) or Art. 9 (2) sen. a) or is based on a contract according to Art. 6 (1) sen. 1 b) GDPR.
b) Revocation of consent pursuant to Art. 7 (3) GDPR
If processing is based on your consent, you may revoke your consent to the processing of personal data at any time. Please note that the revocation is not retrospective. Processing that occurred before revocation is not affected.
c) Right of Appeal
You have the option to file a complaint with us or a data protection supervisory authority (Art. 77 GDPR). In the German state of North Rhine-Westphalia, the relevant supervisory authority is the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia. Their address is: Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestr. 2-4, 40213 Düsseldorf, Germany. Tel: +49 211 38424-0, Fax: +49 211 38424-10, E-Mail: firstname.lastname@example.org.
d) Right of objection pursuant to Art. 21 GDPR
In addition to the aforementioned rights, you have the right to object as follows:
Case-specific right of objection
You have the right to object at any time against the processing of personal data relating to you taking place pursuant to Art. 6 (1) sen. 1 e) GDPR (data processing in the public interest) and Art. 6 (1) sen. 1 f) GDPR (data processing based on a balance of interests) on the grounds of your particular circumstances; this also applies to profiling based on this provision within the meaning of Art. 4 (4) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, pursuing or defending legal claims.
Right to object to the processing of data for advertising purposes
In certain circumstances, we process your personal data in order to operate direct mail. You have the right to object at any time to the processing of your personal data for the purposes of such advertising; this also applies to profiling, as far as it is associated with such direct mail. If you object to processing for direct marketing, we will no longer process your personal data for these purposes.
D. Final provisions
(1) We have put in place technical and organisational security measures according to Art. 24 and Art. 32 GDPR in order to protect your personal data from loss, destruction, manipulation and unauthorised access. All our employees and all third parties involved in data processing are obliged to comply with GDPR requirements and the confidential handling of personal data.
(2) SSL or TLS encryption: For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. An encrypted connection is indicated by the browser’s address bar changing from “http: //” to “https: //” and displaying the padlock icon in your browser’s address bar. If SSL or TLS encryption is enabled, the data you submit to us cannot be read by third parties.