Skip navigation

Legal Notice / Data Protection

 

Data Protection Information

The following data protection policy explains to you which personal data we process in which way. Personal data protection in the processing and security of all business data is an important concern for us, which we take into account in our business processes. In communicating with you, you may be requested to provide personal data. The data entrusted to us are handled with the utmost care, in strict confidentiality and in compliance with legal provisions. 

Manager and Data Protection Officer

So that you know who you can contact about your data, we first of all inform you who is legally responsible for processing it and who the specific contact person is for your queries.  

Legal Manager:

SANHA GmbH & Co. KG
Im Teelbruch 80
45219 Essen
Germany

Data Protection Officer

datenschutzsanhacom

A. Website

Below we describe processing related to the use of our website.

Objects and Legal Grounds

Log Data

For technical reasons, every time you visit a website, your internet browser automatically transmits information to our web server (so-called log data). Some of this information is stored in log files, e.g.

  • date of access
  • time of access
  • URL of the linked website
  • retrieved data
  • transferred amount of data
  • browser type and version
  • operating system
  • IP address

Basically, we only look at log data in order to repair malfunctions in operating our website or to investigate security incidents.

For troubleshooting or to preserve evidence in the case of security incidents, it may be necessary for us to collect additional personal data using the log data. In these cases, we process the log data on the basis of a legal permit.

This processing is based on art. 6, par. 1, let. f of the GDPR, our interest is in the technical provision, security and optimization of the website. 

Contact Form

You can contact us using the contact form. Data entered there is sometimes required to enable communication and to handle your request. In this case, these are marked as mandatory fields. Further data that you provide us allows for a personal approach or better or faster processing.

This processing is based on art. 6, par. 1, let. b of the GDPR. 

Newsletter

On our website, you can sign up for a newsletter. In order to check whether the owner of an e-mail address has actually signed up for the newsletter, we use the "double opt-in procedure". The newsletter is only subscribed to if previously the owner of the e-mail address explicitly confirmed their subscription to the newsletter by clicking on the link in the confirmation email. As proof, we log execution of the individual phases of the double opt-in procedure.

If you sign up to receive our newsletter and agree to receive it, your data will only be used to send the newsletter. ). You can revoke this consent at any time. Each newsletter contains a corresponding link. If you cancel our newsletter, we will make a note of it in our database.

This processing is based on art. 6, par. 1, let. a of the GDPR.

Cookies

We use cookies. Cookies are small text files that we store on your device whenever you visit our website. Each time you visit our website, these cookies are sent back to us. This allows us to recognize you, for example, or to help you browse using the information in the cookies.

Cookies cannot be used to launch programs or to transfer viruses to a computer. Cookies can only be read through the web server from which they came.

Without your explicit consent, we do not share the information in the cookies with third parties. You can also view our website without cookies. Internet browsers are regularly set up to accept cookies. To prevent the use of cookies by your internet browser, you may (1) refuse the use of cookies when you visit our website via the cookie layer (if available) or (2) deactivate the use of cookies via the settings of your internet browser. The help functions of your internet browser tell you how to deactivate and/or delete cookies in your browser. Please note that disabling/deleting cookies may cause certain features on our website to stop working as expected. Cookies that may be required for certain features on our website are shown below. In addition, deactivation/deletion of cookies only affects the internet browser used here. For other internet browsers, therefore, deactivation/deletion of cookies must be repeated accordingly.

Cookies that we use for certain functions without personal reference:

  • Cookies that store certain user preferences (such as search or language settings);
  • Cookies that store data to ensure uninterrupted playback of video or audio content.
  • Cookies that temporarily store certain user input (e.g. contents from a shopping cart or an online form);

Cookies that we use for certain functions with personal reference:

  • Cookies used to identify or authenticate our users;

We store the data until the end of the running time of a particular cookie or until the cookies are deleted by you.

This processing is based on art. 6, par. 1, let. F of the GDPR. Our interest is the ongoing optimization of the website and improvement of usability. 

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). Usage includes the operating mode "Universal Analytics". This makes it possible to associate data, sessions and interactions across multiple devices to a pseudonymous user ID, thus analysing the activities of a user across devices.

Google Analytics uses cookies that allow for use of the website to be analysed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, in the event of activation of IP anonymisation on this website, your IP address will be shortened beforehand by Google within Member States of the European Union or in other signatory states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. The IP address provided by from our browser as a part of Google Analytics will not be merged with other Google data. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. For these purposes, our legitimate interest lies in data processing.

The legal basis for the use of Google Analytics is art. 6, par. 1, let. f of the GDPR; the interest is the optimization of the website. Sessions and campaigns time out after a certain amount of time. By default, sessions will time out after 30 minutes of no activity and campaigns after six months. The time-out for campaigns can be a maximum of two years. For more information about Terms of Use and Data Protection, please see https://www.google.com/analytics/terms/en.html or https://policies.google.com/?hl=en.

You can prevent the storage of cookies using a corresponding setting on your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. You may also prevent the collection of cookie-generated and website-related information (including your IP address) by Google and the processing of such data by Google by downloading and installing the Browser-Add-on. Opt-out cookies prevent future collection of your data when you visit this website. To prevent Universal Analytics from tracking across devices, you must opt-out on all systems that you use. If you click here, the opt-out cookie will be set: Deactivate Google Analytics.

Google Adwords Conversion-Tracking

To statistically record the use of our website and to evaluate it in order to optimise our website, we also use Google Conversion Tracking. In doing so, Google Adwords will place a cookie (see paragraph 5) on your computer if you have reached our website using a Google ad.

These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer's website and the cookie has not expired, Google and the customer will be able to recognize that the user clicked on the ad and was redirected to this page.

Every Adwords customer receives a different cookie. Cookies cannot be tracked via Adwords customers’ websites. The information gathered using the conversion cookie is used to generate conversion statistics for Adwords customers who have opted into conversion tracking. Adwords customers learn about the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, they do not receive information that personally identifies users.

If you do not want to participate in the tracking process, you can also refuse the necessary setting of a cookie, for example, via a browser setting that generally disables the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies using the domain www.googleadservices.com. You can find Google's data protection policy for conversion tracking through the following link: https://services.google.com/sitestats/en.html. The legal basis for the service is art. 6, par. 1, let. f of the GDPR; our interest is the optimisation of the website. 

Kyto

We use the Kyto analysis program to support our legitimate interest (Art. 6, Par. 1, letter f, GDPR) in providing an attractive and user-oriented online service, (Kyto GmbH, Linienstraße 123, 10115 Berlin, https://www.kyto.de).

Kyto enables us to measure and evaluate user behaviour on our website. The information that we receive about your visit to our website is transferred and stored by Kyto in Berlin.

Kyto uses the information to evaluate how you use the website, to create reports on usage and other services related to website usage and the internet evaluation of websites. Kyto uses third-party services such as Google Analytics. These companies can store information such as cookies or IP requests sent by your browser during your visit to the website, for example. Please refer to the privacy policy of Google Analytics for more information.

 This information (so-called session cookies) is deleted again as soon as you close your browser at the end of the browser session. You can set up your browser so that you are informed about the setting of cookies and decide on an individual basis whether to accept or exclude the acceptance of cookies for specific cases or as a general rule. Refusal to accept cookies may limit the functionality of our website.

By continuing to use our website, you consent to the aforementioned processing of the data by Kyto and its third-party providers under this Privacy Policy. https://www.kyto.de/impressum/

MyFonts Counter

On this website we use MyFonts Counter, a web analytics service from MyFonts Inc., 500 Unicorn Park Drive, Woburn, MA 01801, USA. Due to the licence terms, a page view tracking is carried out by counting the number of website visits for statistical purposes and sending them to MyFonts. MyFonts only collects anonymous data. If necessary, the data will be transferred by activating JavaScript code in your browser. To prevent the execution of JavaScript code from MyFonts altogether, you can install a JavaScript Blocker (for example, www.noscript.net). For more information about MyFonts Counter, please see the MyFonts data protection policy via https://www.monotype.com/legal/terms-and-conditions-of-business/#Privacy

The legal basis for the service is art. 6, par. 1, let. f of the GDPR; our interest is the optimisation of the website.

Links to social networks

On our website, you will find easy links to our websites on different social networks. If you follow the link from our website to a social network or sign up to share content from our website on your social network, your data will be processed by the respective social network provider. For the purpose and scope of the data collection, the further processing and use of data by the provider of the social network, and related rights and setting options to protect your privacy, please refer to the data protection information of the respective provider.

B. Suppliers and Clients 

Below, we describe the processes related to our suppliers and clients.

Objects and Legal Grounds

We use contact and communication data and other relevant personal data from our suppliers and clients, insofar as they or their employees are natural persons. We process this data for the purpose of managing the business relationship, communication, marketing measures and maintaining contacts. 

The processes are based on art. 6, par. 1, let. f of the GDPR; our legitimate interest is the execution of business cooperation, marketing and maintaining contacts. 

C. General Information

Recipient

Unless otherwise described in this data protection information, we work with various service providers and partners who may receive personally identifiable data when rendering and operating our website and services:

  • Service provider for hosting services
  • IT service provider
  • Service provider for programming services
  • Service provider for sales and marketing services
  • Authorities and institutions, when legally required 

We will only transmit your data to these recipients insofar as this is necessary to comply with a contract we have with you or if there is a legitimate interest in the disclosure of your data or we have your consent for the transfer.

Transfer to recipients outside of the EEA

Unless otherwise stated, we do not disclose your personal data to recipients who are located outside the EEA. 

In the event of a transfer, we shall ensure, through contractual or organisational measures, that the recipient either has an adequate level of data protection (e.g. due to a decision by the EU Commission on the appropriate country or the so-called EU standard contractual clauses of the European Union with the beneficiary) or your consent is present in the transfer.

For further information, in particular regarding the measures taken, please contact our data protection officer.

Provision obligation

Insofar as personal information is required to establish and conduct the business relationship and the associated contractual or legal obligations, said information must be provided by you so that we can meet our contractual or legal obligations. Without provision of the data, we may not be able to perform the service any more, properly or fully. The provision of further data is neither contractually nor legally necessary.

Storage period

If we store your personal data, it will only be for a limited period of time and no longer than necessary. Basically, we will delete your data if it is no longer necessary for the purpose for which it was collected or if there are other legal reasons that require deletion.

Insofar as we are subject to statutory storage requirements, which require a longer storage period, we store the data for this period, in particular for the fulfilment of commercial and tax withholding periods, which are between two and 10 years.

Other legal grounds for withholding may include the provision of evidence for the duration of the applicable statute of limitations. These periods are usually between two and 30 years.

Your rights in relation your personal data

You have the following legal rights regarding your personal data. You can contact our Data Protection Officer, also if you want further details about what these rights mean. As the legal details are quite complicated, below we provide you with the most important information about these rights. Please tell us in what form you want the information. If you do not specify otherwise, we usually answer your request in the same form as it was received. You will receive a response within one month. In the case of manifestly unfounded or excessive requests, we are entitled to demand a reasonable fee or refuse your request. 

Access to your data, Art.15 GDPR

You have the right to request information about whether we process personal data about you or not. When we process your personal data, you will receive information about the specific data and additional information.

Correction of your data, Art. 16 GDPR

You have the right to ask us to correct your data if it is incorrect, inaccurate and/or incomplete; the right to rectification includes the right of completion using supplementary statements or communications.

Deletion of your data, Art. 17 GDPR

You have the right to ask us to delete your personal data, as long as there is no reason to keep it.

Restriction of the processing of your data by us. Art. 18 GDPR

You have the right to restrict processing of your personal data in certain cases within a specific scope.

Data portability, Art. 20 GDPR

Under certain circumstances, you may be entitled to demand that your data be provided in a common electronic, machine-readable data format.

The right to transfer data includes the right to transfer the data to another manager; upon request, we will (as far as technically possible) transfer data directly to a person named or to be named by you. The right to transfer data exists only for data provided by you, and requires processing to be carried out based on consent or to carry out a contract, using automated procedures.

Objection to our processing of your data, Art. 21 GDPR

In the case of the processing of personal data for the undertaking of public interest tasks (Art. 6, Par. 1, Let. e of the GDPR) or for the undertaking of legitimate interests (Art. 6, Par. 1, Let. f of the GDPR), you may object to the processing of personal data concerning you at any time with future effect, if there is no reason for further processing.

(Please note that you are not entitled to the right to object if the processing is based on consent. However, because you have a right to revoke your consent with future effect whenever data is processed with your consent, you can achieve a comparable outcome to objection via revocation.)

Revocation of consent 

If you have given us consent to process your personal data, you can revoke it at any time and without stating any reasons with future effect. Please contact the contact centre where you gave your consent or directly through the Data Protection Officer.

Complaints

You have the right to file a complaint with the competent monitoring authority regarding the processing of your personal data, Art. 77 GDPR.