As at: September 2020
Thank you for your interest in SAUERESSIG. Here, we explain, in accordance with the applicable data protection regulations, which personal data we collect in the context of
• your visit to our website
• use of contact form
• job vacancies
• sending newsletter
(hereafter collectively referred to as the ‘website’), what purposes we use this information and how we use it to optimise our services to you.
1. Data controller, data protection officer
a) Data controller pursuant to Art. 4 (7) GDPR (General Data Protection Regulation) is
Matthews Europe GmbH
Schifferstraße 196, 47059 Duisburg, Germany
T: +49 203 87842510
hereafter referred to as ‘Saueressig’, ‘we’ or ‘us’. Further information about the provider can be found in our -> Imprint.
b) The data protection officer can be contacted by post at the address above with the remark “Attn: Data Protection Officer” as well as by e-mail at S.Baum@bender-harrer.de
2. Types of data processed, categories of data subjects
2.1 Types of data processed
• Contact details (e.g. e-mail, phone numbers)
• Content data (e.g. text input, photographs, videos)
• Usage data (e.g. web pages visited, interest in content, access times)
• Communication data and history
• Meta / communication data (e.g. device information, IP addresses)
• Tracking data
• Audience measurement
2.2 Categories of data subjects
• Visitors and users of the website and online services
• Customers, prospects and business partners
• Other communication partner
(Hereafter, we refer to the data subjects collectively as ‘users’)
3. Purpose of processing
We use your personal information
• when providing the website and the online offering, its features and content,
• for answering contact requests and communicating with users,
• for security measures,
• for audience measurement,
• for the purpose of direct marketing, e.g. in the form of an e-mail newsletter or direct mail
• for the purpose of product and service satisfaction surveys and analysis.
4. Provision of website and log files
(1) During casual browsing of the website, i.e. if you do not register or otherwise provide us with information, we will only collect the personal data that your browser automatically transmits to our server. If you wish to view our website, we collect the following data that is technically necessary for us to display our website and to ensure the stability and security (legal basis is Article 6 Paragraph (1) Sentence 1 f) GDPR):
• IP address
• date and time of the request
• time difference from Greenwich Mean Time (GMT)
• content of the request (actual page)
• access status / HTTP status code
• transferred amount of data
• website from which the request comes
• operating system and its interface
• language and version of the browser software
(2) Users’ IP addresses will be deleted or anonymised after the end of use. When anonymised, IP addresses are changed in such a way that the individual details of personal or factual circumstances can no longer be assigned to a specific or identifiable natural person, or only with a disproportionate amount of time, cost and manpower.
(1) In addition to the aforementioned log files, cookies are stored on your computer when you use our website. Cookies are small text files that are allocated to the browser you use and stored on your hard drive, and provide certain information to the organisation that sets the cookie (in this case, to us). Cookies cannot run programs or transmit viruses to your computer. They make the internet site more user-friendly and effective overall.
a) This website uses the following types of cookies, the scope and operation of which are explained below:
• Session cookies (see b)
• Persistent cookies (see c).
b) Session cookies store a so-called session ID, which can assign various requests from your browser to the shared session. The session cookies are deleted when you log out or close the browser. If you restart your browser and go back to the website, the website will not recognise you. You will need to log in again (if a login is needed) or you will need to reset templates and preferences if the site offers these features. A new session cookie is then generated, which stores your information and stays active until you leave the page and close your browser.
c) Persistent cookies are automatically deleted after a specified period, which could differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
Description Storage time
Technically-required cookies allow the use of our website by enabling basic functions such as page navigation and access to secure areas of the website. Visiting our website may not work properly without these cookies.
Session cookies – are deleted when the browser is closed.
Performance (e.g., the user’s browser), appearance, and preferences
When using our website, cookies are set (e.g., to detect the browser) to improve performance (e.g., faster content loading). When you visit our website, the country or language choices selected by you or automatically detected will be stored in cookies to save you having to re-select them for subsequent visits. In advance, your browser is checked to ensure it supports cookies and this information is stored in another cookie. You will then be shown localised country and language contact information, which will also be saved. The legal basis for this is Art. 6 (1) sen. 1 f) GDPR.
Session cookies – are deleted when the browser is closed.
Analytical cookies (statistics)
We use third-party analytical cookies to understand how visitors use our site. This helps us improve the quality and content on our site. The statistical information aggregated includes data such as total number of visitors. For example, we learn how often and in what order each page was viewed and the average time visitors spend on our pages. We also learn if users have visited our website before. The legal basis for this is Art. 6 (1) sen. 1 f) GDPR. For further information see section 13 (web analysis services).
Persistent cookies – remain valid but are automatically deleted after 26 month if the website is not visited, unless in certain cases shorter deadlines apply.
Advertising cookies (Marketing)
We use advertising cookies to assess the effectiveness of our advertising activities and derive optimisation measures from them. The legal basis for this is Art. 6 (1) sen. 1 f) GDPR.
Persistent cookies – remain valid but are automatically deleted after 26 month if the website is not visited, unless in certain cases shorter deadlines apply
(4) Controlling cookies
You can set your browser so you are aware of when cookies are created and allow cookies only in individual cases, accept cookies for certain cases, exclude them generally as well as activating automatic cookie deletion when closing the browser. Disabling cookies may limit the functionality of this website.
(1) On our website is a contact form which you can use to contact us electronically in an easy and uncomplicated way. If a user takes this opportunity, the data entered in the input mask will be transmitted to us and stored. The corresponding data, in particular personal data, address data, contact data and messages (free text field) are directly visible on the respective input mask. At the time of sending, the following data is also stored:
The IP address of the user
Date and time of submitting the form
(2) For the processing of the data, reference is made to this data protection declaration during the sending process. Alternatively, it is possible to contact us using the e-mail addresses provided. In this case, the user’s personal data transmitted with the e-mail will be stored. The data will be used exclusively for processing the inquiry.
(3) The legal basis for the processing of the data transmitted in the context of the use of the contact form or in the course of sending an e-mail is Art. 6 (1) sen.1 f) GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for processing is Art. 6 (1) sen. 1 b) GDPR.
(4) The processing of the personal data from the input mask serves us only to process the contact. In the case of contacting us by e-mail, this is also the necessary legitimate interest in the processing of the data. The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
(5) The data will be deleted as soon as they are no longer necessary for the purpose of their collection. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be concluded from the circumstances that the matter in question has been finally clarified. Any additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
(6) You can contact us via the e-mail addresses provided on the website. In this case, the user’s personal data transmitted with the e-mail will be stored. The data will be used exclusively for processing the inquiry. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) sen. 1 f) GDPR. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) sen. 1 b) GDPR.
(7) Notwithstanding paragraph 3, the following shall apply: Contact inquiries from customers which relate to a specific business transaction shall be stored for as long as this is necessary for the execution and processing of the contract (Art. 6 para. 1 lit. b GDPR) or on account of statutory storage obligations (Art. 6 para. 1 lit. c) GDPR). Contact inquiries from customers which do not relate to a specific business transaction are stored as long as the business relationship exists. The legal basis is Art. 6 para. 1 lt. f) GDPR to protect our legitimate interests and those of the customer, in particular support and quality assurance. Customers can object to the processing of data at any time in individual cases.
Newsletter dispatch after product purchase
(1) If you have purchased products or services, we may send you our newsletter without prior registration for the newsletter subscription to the e-mail address you provided during the purchase. This applies to newsletters promoting products similar to those you have purchased.
(2) The legal basis for the above-mentioned processing operations in the context of sending the newsletter after a purchase is Art. 6 (1) sen. 1 f) GDPR. Our legitimate interest in data processing is the direct promotion of our products to our customers and their interest in offers and promotions.
(3) You can object to the sending of the newsletter at any time. You can declare your objection by clicking on the link provided in each newsletter e-mail or by sending a message to the contact data mentioned above in section 1 of this data protection declaration.
8. Advertising job vacancies (online portal)
(1) We advertise job vacancies on our website. To process your online application, we collect, process and use your personal data. Legal basis is Art. 6 (1) sen. 1 b) GDPR in conjunction with Section 26 Bundesdatenschutzgesetz (BDSG – Federal Data Protection Act). Your online application data will be sent by e-mail directly to management. Appropriate technical and administrative measures ensure that your personal data is treated confidentially within legal provisions.
(2) Please note that transmission of data by e-mail is unencrypted and data could possibly be intercepted by unauthorised persons or even falsified. You are welcome to send us your documents by post. If you have applied for a specific position and it is already filled, or if we also consider you to be just as suited or better suited for another position, we would like to forward your application within our company. Legal basis for this is Art. 6 (1) sen. 1 f) GDPR for the protection of your and our legitimate interests. Please inform us if you disagree with this procedure. After completion of the application process, but at the latest after 6 months, your personal data will be automatically deleted, unless you expressly consent to a storage over a longer period.
(3) In addition, the General Privacy Guidelines for Employees and Applicants apply (compulsory information according to Art. 13 GDPR).
9. Transmission to third parties
(1) As part of hosting our website, your data processed by us will be processed based on a processing contract.
(2) In the case of the use of web analysis services and third party providers, data will be transmitted to the extent described herein.
10. Storage time
We process and store your personal information as long as it is necessary for the fulfilment of our contractual and legal obligations. We will delete your personal information as soon as it is no longer necessary for the above purposes. Personal data may be kept for the time in which claims against our companies can be asserted (statutory limitation periods of three or up to thirty years). In addition, we store your personal data as far as we are legally obliged to do so. Corresponding proof and retention obligations result from commercial, tax and social security regulations.
11. Automated decision-making, Profiling
(1) In principle, we do not use fully automated decision-making processes pursuant to Art. 22 GDPR to justify and implement the business relationship.
(2) In order to provide you with targeted information and advice on our products from the publishing portfolio, we deploy service providers on our behalf including web analytics tools, especially tracking technology. These enable needs-based communication and advertising. We refer in this regard to Section 12 (Web analysis and advertising).
B. Data processing by third parties
12. Web analysis
12.1 Google Analytics
(1) This website uses Google Analytics, a web analytics service provided by Google Inc. (‘Google’). Google Analytics uses so-called ‘cookies’, text files that are stored on your computer and that allow an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymisation is enabled on this website, Google will truncate your IP address beforehand within member states of the European Union or other parties to the Agreement on the European Economic Area. The full IP address will only be sent to a Google server in the US and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website usage and internet usage to the website operator.
(2) The IP address identified within the framework of Google Analytics will not be merged with other data provided by Google.
(3) You can prevent the storage of cookies by setting your browser software correspondingly; however, we point out that in this case you may not be able to use all the functions of this website in full. In addition, you may prevent Google collecting data generated by the cookie and related to your use of the website (including your IP address) and processing this data by downloading and installing the browser plug-in provided by Google
(4) This website uses Google Analytics with the extension ‘_anonymizeIp()’. As a result, IP addresses are processed in shortened form, thereby excluding any connection to an individual. Insofar as the data collected about you can be personally identifiable, it will be immediately excluded and the personal data will be deleted immediately.
(5) We use Google Analytics to analyse and regularly improve the use of our website. With the collated statistics, we can improve our service and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the US, Google is subject to the EU-US Privacy Shield https://www.privacyshield.gov/welcome. The legal basis for the use of Google Analytics is Art. 6 (1) sen. 1 f) GDPR.
(6) Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 436 1001. User terms: https://marketingplatform.google.com/about/analytics/terms/de/ and data protection policy: https://policies.google.com/privacy
12.2 Google AdWords
(1) This website uses ‘Google AdWords’, an online advertising program, and conversion tracking within it. Google AdWords places a cookie on your computer if you have reached our website via a Google ad. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages on our website and the cookie has not expired yet, we and Google can ascertain that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. Cookies cannot therefore be tracked across AdWords customers’ websites.
(2) Information gathered by conversion cookies is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to page encoded with a conversion tracking tag. However, they do not receive any information that personally identifies users.
12.3 Google Tag Manager
(1) This website uses ‘Google Tag Manager’ as part of Google Analytics. Tags are small pieces of code on our site that are used, among other things, to measure traffic and visitor behaviour, track the impact of online advertising and social media, use remarketing and audience targeting, and to test and optimise the site. Google Tag Manager is a solution that allows Saueressig to manage website tags through one interface. The Tag Manager tool itself (which deploys the tags) is a domain with no cookies. The tool triggers other tags, which may collect data. Google Tag Manager does not access this data. If disabled at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager.
(2) For more information about Google Tag Manager, visit: https://www.google.com/analytics/tag-manager/use-policy/
12.4 Google Data Studio
(1) Based on Art. 6 (1) sen. 1 f) GDPR (legitimate interest), we use an additional Google Analytics data management tool – ‘Google Data Studio (Beta Version)’ – to visually create custom reports and interactive dynamic dashboards for our users. Here, we use Google Analytics data and no other interfaces to data sources (such as Google AdWords, Attribution 360, BigQuery, Cloud SQL, MySQL, Google Sheets, YouTube Analytics, etc.). The web tool does not require a local application and can be accessed via the internet. Access is via a browser and data sources are connected directly via Google Data Studio. For more information about the use of Google Data Studio, please visit: https://support.google.com/datastudio/answer/6283323?hl=en
(2) The user can revoke their consent to the processing of personal data at any time. If the user contacts us by e-mail, they may object to the storage of their personal data at any time. In such a situation, the conversation cannot be continued.
12.5 Google Optimize
Our website uses the Google Optimize web analytics and optimisation service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (henceforth ‘Google Optimize’). We use Google Optimize to increase the attractiveness, content and functionality of our website by showing new features and content to a percentage of our users and statistically evaluating the change of behaviour. Google Optimize is a related service of Google Analytics (see section on Google Analytics).
(3) The legal basis for data processing is Art. 6 (1) sen. 1 f) GDPR. Our legitimate interest is for the data collection purposes listed above.
13. My Fonts
(1) This website uses Web Fonts, https://www.myfonts.com/
(2) The third-party provider is: Monotype Imaging Holdings Inc., a Delaware corporation with its principal offices at 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA.
14. Links to other websites
(2) Links to external websites are checked by us before linking. However, we have no control over their operator’s adherence to data privacy regulations. We will remove the respective links upon notification of any violations or legal infringements.
C. Rights of data subjects
15. Your rights
If your personal data is processed, you are a ‘data subject’ as defined by GDPR and you have the following rights against us as data controller.
a) Rights arising from Art. 15 ff. GDPR
The data subject has the right to ask the data controller to confirm if relevant personal data has been processed. If this is the case, you have a right to information about this personal data and to the individual information listed under Art. 15 GDPR. Under certain legal conditions, you have the right of correction under Art. 16 GDPR, the right to restrict processing under Art. 18 GDPR and the right to be deleted (‘right to be forgotten’) under Art. 17 GDPR. In addition, it is your right to have data provided by you returned in a structured, common and machine-readable format (right to data portability) under Art. 20 GDPR, provided that the processing is carried out using automated procedures and with consent pursuant to Art. 6 (1) sen. 1 a) or Art. 9 (2) sen. a) or is based on a contract according to Art. 6 (1) sen. 1 b) GDPR.
b) Revocation of consent pursuant to Art. 7 (3) GDPR
If processing is based on your consent, you may revoke your consent to the processing of personal data at any time. Please note that the revocation is not retrospective. Processing that occurred before revocation is not affected.
c) Right of Appeal
You have the option to file a complaint with us or a data protection supervisory authority (Art. 77 GDPR). In the German state of North Rhine-Westphalia, the relevant supervisory authority is the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia. Their address is: Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestr. 2-4, 40213 Düsseldorf, Germany. Tel: +49 211 38424-0, Fax: +49 211 38424-10, E-Mail: firstname.lastname@example.org.
d) Right of objection pursuant to Art. 21 GDPR
In addition to the aforementioned rights, you have the right to object as follows:
Case-specific right of objection
You have the right to object at any time against the processing of personal data relating to you taking place pursuant to Art. 6 (1) sen. 1 e) GDPR (data processing in the public interest) and Art. 6 (1) sen. 1 f) GDPR (data processing based on a balance of interests) on the grounds of your particular circumstances; this also applies to profiling based on this provision within the meaning of Art. 4 (4) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, pursuing or defending legal claims.
Right to object to the processing of data for advertising purposes
In certain circumstances, we process your personal data in order to operate direct mail. You have the right to object at any time to the processing of your personal data for the purposes of such advertising; this also applies to profiling, as far as it is associated with such direct mail. If you object to processing for direct marketing, we will no longer process your personal data for these purposes.
D. Final provisions
(1) We have put in place technical and organisational security measures according to Art. 24 and Art. 32 GDPR in order to protect your personal data from loss, destruction, manipulation and unauthorised access. All our employees and all third parties involved in data processing are obliged to comply with GDPR requirements and the confidential handling of personal data.
(2) SSL or TLS encryption: For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. An encrypted connection is indicated by the browser’s address bar changing from “http: //” to “https: //” and displaying the padlock icon in your browser’s address bar. If SSL or TLS encryption is enabled, the data you submit to us cannot be read by third parties.