Privacy Policy
This privacy statement explains the nature, scope and purpose of the processing of personal data (hereinafter referred to as "data") within our online offer and its related websites, functions and content, as well as external online presence, such as our Social Media Profile (hereafter collectively referred to as "online offer"). With regard to the terms used, such as "processing" or "responsible", we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
Controller
Schoeller SI GmbH
Unter den Linden 4
72762 Reutlingen
Germany
Email: hello@schoeller-si.com
Managing Director: Willi Schöller
Your trust is important to us. Therefore, we would like to answer your questions at any time regarding the processing of your personal data. If you have any questions that this data protection declaration could not answer or if you would like more detailed information on a point, please contact our data protection officer.
Contact to the data protection officer:
Schoeller SI GmbH
Data protection officer
Unter den Linden 4
72762 Reutlingen
Email: dsb@schoeller-si.com
Types of processed data:
- Inventory data (eg, names, addresses).
- Contact details (eg, e-mail, telephone numbers).
- Content data (eg, text input, photographs, videos).
- Usage data (eg, visited websites, interest in content, access times).
– Meta/communication data (e.g. device information, IP addresses).
Categories of affected persons
Visitors and users of the online offering (Hereinafter, we also collectively refer to these affected individuals as 'users').
Purpose of processing
- Provision of the online offer, its functions and contents.
- Answering contact requests and communicating with users.
- Safety measures.
- Reach Measurement / Marketing
Used terms
"Personal data" refers to any information relating to an identified or identifiable natural person (hereinafter referred to as the 'data subject'); an identifiable natural person is one who can be identified, directly or indirectly, particularly by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or one or more specific factors expressing the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
"Processing" encompasses any operation or set of operations performed on personal data, with or without automated means. This term is broad and includes practically any handling of data.
"Pseudonymization" is the processing of personal data in a way that the data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
"Profiling" refers to any form of automated processing of personal data to evaluate certain personal aspects relating to a natural person, particularly to analyze or predict aspects concerning job performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements of that natural person.
The "controller" refers to the natural or legal person, authority, agency, or other body which alone or jointly with others determines the purposes and means of the processing of personal data.
The "processor" is a natural or legal person, authority, agency, or other body processing personal data on behalf of the controller.
Relevant legal basics
In accordance with Art. 13 DSGVO we inform you about the legal basis of our data processing. Unless the legal basis in the data protection declaration is mentioned, the following applies: The legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 DSGVO, the legal basis for the processing for the performance of our services and the execution of contractual measures as well as the response to inquiries is Art. 6 para. 1 lit. b DSGVO, the legal basis for processing in order to fulfill our legal obligations is Art. 6 para. 1 lit. c DSGVO, and the legal basis for processing for the protection of our legitimate interests is Art. 6 para. 1 lit. f DSGVO. In the event that vital interests of the data subject or any other natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO as legal basis.
Safety measures
We take appropriate technical measures in accordance with Art. 32 GDPR, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different likelihood and severity of the risk to the rights and freedoms of individuals and organizational measures to ensure a level of protection appropriate to the risk.
Measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as their access, input, disclosure, availability and separation. We have also set up procedures to ensure the enjoyment of data subject rights, data deletion and data vulnerability. Furthermore, we consider the protection of personal data already in the development, or selection of hardware, software and procedures, according to the principle of data protection by technology design and by privacy-friendly default settings (Article 25 DSGVO).
Collaboration with processors and third parties
If, in the context of our processing, we disclose data to other persons and companies (contract processors or third parties), transmit them to them or otherwise grant access to the data, this will only be done on the basis of a legal permission (eg if a transmission of the data to third parties, as to payment service providers, in accordance with Art. 6 para. 1 lit. b DSGVO is required to fulfill the contract), you have consented to a legal obligation or on the basis of our legitimate interests (eg the use of agents, webhosters, etc.).
If we commission third parties to process data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 DSGVO.
Transfers to third countries
If we process data in a third country (ie outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third party services or disclosure or transmission of data to third parties, this will only be done if it is to fulfill our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only in the presence of the special conditions of Art. 44 et seq. DSGVO. This means, for example, that the processing takes place on the basis of special guarantees, such as the officially recognized level of data protection (eg for the USA through the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").
Rights of data subjects
You have the right to request a confirmation as to whether the data in question are being processed and to provide information about this data as well as further information and a copy of the data in accordance with Art. 15 DSGVO.
You have accordingly. Art. 16 DSGVO the right to demand the completion of the data concerning you or the correction of the incorrect data concerning you.
In accordance with Art. 17 DSGVO, they have the right to demand that the relevant data be deleted immediately, or, alternatively, to require a restriction of the processing of data in accordance with Art. 18 DSGVO.
You have the right to demand that the data relating to you provided to us be obtained in accordance with Art. 20 DSGVO and to be transmitted to other persons responsible.
You have gem. Art. 77 DSGVO the right to file a complaint with the competent supervisory authority.
Right to cancel
You have the right to grant consent in accordance with. Art. 7 para. 3 DSGVO with effect for the future
Right of objection
You may at any time object to the future processing of your data in accordance with Art. 21 GDPR. The objection may in particular be made against processing for direct marketing purposes.
Cookies and right of objection for direct advertising
"Cookies" are small files that are stored on users' computers. These files can contain various information. A cookie's primary purpose is to store information about a user (or the device where the cookie is stored) during or after their visit within an online service. Temporary cookies, also known as "session cookies" or "transient cookies," are cookies that are deleted after a user leaves an online service or closes their browser. Such a cookie might store the contents of a shopping cart in an online store or a user's login status. "Permanent" or "persistent" cookies, on the other hand, remain stored even after the browser is closed. For instance, they can retain the login status when users revisit the site after several days. Additionally, such cookies can store user interests for audience measurement or marketing purposes. "Third-party cookies" refer to cookies offered by providers other than the operator responsible for the online service. Conversely, if they are only the operator's cookies, they are called "first-party cookies."
We may use both temporary and permanent cookies and provide information about this in our privacy policy.
If users do not want cookies to be stored on their computer, they are advised to deactivate the corresponding option in their browser's system settings. Stored cookies can be deleted in the browser's system settings. However, disabling cookies may result in functional limitations within this online service.
A general contradiction against the use of the cookies used for the purpose of online marketing can in a variety of services, especially in the case of tracking, on the US side http://www.aboutads.info/choices/ or the EU side http://www.youronlinechoices.com/ be explained. Furthermore, the storage of cookies can be achieved by switching them off in the browser settings. Please note that in this case not all functions of this online offer can be used.
Types of cookies
Technically necessary cookies (essential): These cookies are necessary for the smooth functioning of websites and related functions, e.g. authentication cookies.
Statistics: These cookies collect information about how you use the website. Statistics cookies help us, for example, to identify sections of our website that are visited particularly frequently. This information enables us to better adapt content for our visitors and to make our overall offer more interesting for our customers.
External media: These cookies are required to display the embedded external media on our websites, e.g. Google Maps.
The following cookies are used on this website:
| Cookies Art | Cookie name | cookie purpose |
| technically necessary (essential) | borlabs-cookie | Cookie used to store the user's consent to the privacy policy and cookie preferences. |
| technically necessary (essential) | _GREECE CAPTCHA | Technically necessary cookie, which is set in connection with Google reCaptcha when a message is sent via our contact forms in order to determine whether the user is a robot or not. This helps us keep our website safe and secure from spammers. |
| technically necessary (essential) | pll_language (polylang) | Saves the current language. |
| Statistics | _gid, _gat_gtag, _ga (Google Analytics) | Google cookies, which are used to analyze the website. Statistical data is generated on how the visitor uses the website. |
| External media | NID (Google) | Used to unlock Google Maps content. |
View and adjust cookie settings: Cookie Settings
Deletion of data
The data processed by us are deleted or restricted in accordance with Art. 17 and 18 DSGVO. Unless explicitly stated in this privacy policy, the data stored by us are deleted as soon as they are no longer required for their purpose and the deletion does not conflict with any statutory storage requirements. Unless the data is deleted because it is required for other and legitimate purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons.
According to legal requirements in Germany, the retention takes place in particular for 10 years according to §§ 147 para. 1 AO, 257 para. 1 no. 1 and 4, para. 4 HGB (books, records, management reports, accounting documents, trading books, for taxation relevant Documents, etc.) and 6 years according to § 257 para. 1 No. 2 and 3, para. 4 HGB (commercial letters).
According to legal regulations in Austria the storage takes place in particular for 7 J according to § 132 para. 1 BAO (accounting documents, receipts / invoices, accounts, receipts, business papers, statement of income and expenses, etc.), for 22 years in connection with real estate and for 10 years of documentation related to electronically provided services, telecommunications, broadcasting and television services provided to non-entrepreneurs in EU Member States for which the Mini-One-Stop-Shop (MOSS) is used.
Brokerage services
We process the data of our customers, clients and interested parties (uniformly referred to as "customers") in accordance with Article 6 Paragraph 1 lit. b. GDPR in order to provide you with our contractual or pre-contractual services. The data processed here, the type, scope and purpose and the necessity of their processing are determined by the underlying order. This basically includes inventory and master data of the customers (name, address, etc.), as well as the contact data (e-mail address, telephone, etc.), the contract data (content of the assignment, fees, terms, information on the brokered companies/ insurers/benefits) and payment data (commissions, payment history, etc.). We can also process information about the characteristics and circumstances of persons or their belongings if this is part of our order. This can be, for example, information about personal living conditions, mobile or immovable property.
As part of our assignment, it may also be necessary for us to process special categories of data in accordance with Article 9 (1) GDPR, here in particular information on a person's health. If necessary, we will obtain the express consent of the customer for this purpose in accordance with Article 6 Paragraph 1 Letter a., Article 7, Article 9 Paragraph 2 Letter a GDPR.
If necessary for the fulfillment of the contract or by law, we disclose or transmit the data of the customers in the context of coverage requests, conclusions and processing of contracts data to providers of mediated services/objects, insurers, reinsurers, broker pools, technical service providers, other service providers, such as cooperating Associations, as well as financial service providers, credit institutions and capital investment companies as well as social security institutions, tax authorities, tax consultants, legal advisors, auditors, insurance ombudsmen and the Federal Financial Supervisory Authority (BaFin). Furthermore, we can commission sub-contractors, such as sub-agents. We obtain customer consent if this is required for disclosure/transmission (which may be the case, for example, in the case of special categories of data pursuant to Art. 9 GDPR).
The data will be deleted after statutory warranty and comparable obligations have expired, with the necessity of storing the data being checked every three years; Otherwise, the statutory retention requirements apply.
In the case of legal archiving obligations, the deletion takes place after their expiry. According to German law in the insurance and financial sector in particular, records of consultations for 5 years, brokerage contract notes for 7 years and brokerage contracts for 5 years and generally 6 years for documents relevant to commercial law and 10 years for documents relevant to tax law are required to be retained.
Contractual services
We process the data of our contractual partners and interested parties as well as other clients, customers, clients, clients or contractual partners (uniformly referred to as "contractual partners") in accordance with Article 6 Paragraph 1 lit. b. GDPR in order to provide you with our contractual or pre-contractual services. The data processed here, the type, scope and purpose and the necessity of their processing are determined by the underlying contractual relationship.
The processed data includes the master data of our contractual partners (e.g. names and addresses), contact data (e.g. e-mail addresses and telephone numbers) as well as contract data (e.g. services used, contract content, contractual communication, names of contact persons) and payment data (e.g. bank details, payment history).
In principle, we do not process special categories of personal data, unless these are part of commissioned or contractual processing.
We process data that are necessary for the establishment and fulfillment of the contractual services and point out the necessity of their disclosure, if this is not evident for the contractual partner. Disclosure to external persons or companies only takes place if it is required in the context of a contract. When processing the data provided to us as part of an order, we act in accordance with the instructions of the client and the legal requirements.
When using our online services, we can save the IP address and the time of the respective user action. The storage takes place on the basis of our legitimate interests, as well as the interests of the user in protection against misuse and other unauthorized use. In principle, this data will not be passed on to third parties unless it is necessary to pursue our claims in accordance with Article 6 (1) (f) GDPR or there is a legal obligation to do so in accordance with Article 6 (1) (c). GDPR.
The data will be deleted if the data is no longer required to fulfill contractual or legal duties of care or to deal with any warranty and comparable obligations, with the necessity of storing the data being checked every three years; Otherwise, the statutory retention requirements apply.
Administration, financial accounting, office organization, contact management
We process data as part of administrative tasks, organizing our operations, financial accounting, and compliance with legal obligations such as archiving. In this context, we process the same data that we process in providing our contractual services. The legal bases for processing are Art. 6(1)(c) GDPR and Art. 6(1)(f) GDPR. Customers, prospective customers, business partners, and website visitors are affected by this processing. The purpose and our interest in processing lie in administration, financial accounting, office organization, data archiving, tasks essential for maintaining our business activities, fulfilling our duties, and providing our services. Deletion of data concerning contractual services and communication complies with the information provided for these processing activities.
We disclose or transmit data to tax authorities, consultants such as tax advisors or auditors, as well as other fee collection agencies and payment service providers.
Furthermore, based on our business interests, we store information about suppliers, event organizers, and other business partners, for example, for future contact purposes. We typically store these predominantly company-related data permanently.
Contacting us
When contacting us (eg via contact form, e-mail, telephone or via social media), the information provided by the user to process the contact request and its processing acc. Art. 6 para. 1 lit. b) DSGVO processed. User information can be stored in a Customer Relationship Management System ("CRM System") or comparable request organization.
We delete the requests if they are no longer required. We review the necessity every two years; the statutory archiving obligations also apply.
hosting and email delivery,
The hosting services we utilize are for providing the following services: infrastructure and platform services, computing capacity, storage space and database services, email delivery, security services, as well as technical maintenance services that we employ for the operation of this online offering.
In doing so, we or our hosting provider process inventory data, contact details, content data, contract data, usage data, meta and communication data of customers, interested parties, and visitors to this online offering based on our legitimate interests in an efficient and secure provision of this online service pursuant to Art. 6(1)(f) GDPR in conjunction with Art. 28 GDPR (conclusion of a data processing agreement).
Collection of access data and log files
We, or our hosting provider, collects based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO Data on every access to the server on which this service is located (so-called server log files). The access data includes name of the retrieved web page, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider ,
Logfile information is stored for security reasons (eg to investigate abusive or fraudulent activities) for a maximum of 7 days and then deleted. Data whose further retention is required for evidential purposes shall be exempted from the cancellation until final clarification of the incident.
Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC ('Google'), based on our legitimate interests (i.e., interest in analyzing, optimizing, and economically operating our online offering within the meaning of Art. 6(1)(f) GDPR). Google employs cookies. The information generated by the cookie regarding the use of the online service by users is typically transmitted to and stored on a Google server in the United States.
Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf to evaluate the use of our online service by users, compile reports on activities within this online service, and provide us with further services related to the use of this online service and internet usage. This can also involve the creation of pseudonymous user profiles based on processed data.
We use Google Analytics with IP anonymization enabled. This means that the IP address of users within member states of the European Union or in other contracting states of the Agreement on the European Economic Area is shortened by Google. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
The IP address submitted by the user's browser will not be merged with other data provided by Google. Users can prevent the storage of cookies by setting their browser software accordingly; Users may also prevent the collection by Google of the data generated by the cookie and related to their use of the online offer and the processing of such data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
For more information about Google's data usage, hiring and disparaging options, please refer to the Google Privacy Policy (https://policies.google.com/technologies/ads) as well as in the settings for the presentation of advertising impressions by Google (https://adssettings.google.com/authenticated).
The personal data of users is deleted or anonymized after 14 months.
Google reCaptcha
We use “Google reCaptcha” (hereinafter referred to as “reCaptcha”) on our websites. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
If a message is sent via our contact form, Google reCaptcha stores a cookie. With reCaptcha it should be checked whether the data entry on our website (e.g. in a contact form) is done by a human or automatically by a bot. To do this, reCaptcha analyzes the behavior of the website visitor based on various characteristics. The data collected during the analysis is forwarded to Google.
The data processing is based on Art. 6 para. 1 lit. f DSGVO. The Web site operator has a legitimate interest in protecting its web sites from abusive automated spying and SPAM.
More information about Google reCaptcha V2 and Google's privacy policy can be found here: https://support.google.com/recaptcha/ and https://policies.google.com/privacy?hl=de
Google Maps
Our website uses Google Maps to display map information. By using Google Maps, Google processes and uses data about the use of the Maps functions by visitors to the website. Information about data processing by Google can be found in Google's data protection information at: https://policies.google.com/privacy?hl=de There you can check and adjust your settings in the “Privacy Settings” section.
Integration of services and content of third parties
Based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit.f DSGVO), we make use of content or services offered by third-party providers in order to provide their content and services Integrate services such as videos or fonts (collectively referred to as "content").
This always presupposes that the third-party providers of this content perceive the IP address of the users, since they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include, but is not limited to, technical information about the browser and operating system, referring web pages, visit time, and other information regarding the use of our online offer.
Youtube
We embed the videos of the platform "YouTube" of the provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection: https://www.google.com/policies/privacy/, Opt-out: https://adssettings.google.com/authenticated.