Protección de datos

In the following we describe the processing operations in connection with the use of our website.  

Purposes and legal basis  

Log data 

Every time you visit a website, your internet browser automatically transmits information to our web server for technical reasons (so-called log data). We store some of this information in log files, e.g. 

• Date of access 
• Time of access 
• URL of the referring website 
• File accessed
• Amount of data transferred
• Browser type and version
• operating system
• IP address  

In principle, we only evaluate log data in order to rectify faults in the operation of our website or to clarify security incidents.  

For troubleshooting purposes or to preserve evidence in the event of security incidents, it may be necessary for us to collect additional personal data with the log data. In these cases, we base the processing of the log data on a legal permit. 

Legal basis 

This processing is based on Art. 6 para. 1 lit. f DSGVO, our interest is the technical provision, security and optimisation of the website. 

Storage period 

The data that is processed in connection with the collection of server log files is stored for as long as is necessary for the stated purposes. 

Contact form 

You can contact us via the contact form. Your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. 

Categories of personal data 

When an enquiry is made via the contact form, the following personal data is processed. 

• Your request  
• Name  
• Address  
• Telephone number
• E-mail address 

Legal basis 

The data entered in the contact form is processed on the basis of our legitimate interest in offering our customers an easy way to contact us, as well as to improve the quality of our advice, and for contractual purposes (Art. 6 para. 1 lit. f DSGVO). You can provide us with information over and above the mandatory information on a voluntary basis. The legal basis for this information is Art. 6 para. 1 lit. a) DSGVO, your consent. The data processing of the voluntary information serves to improve our service to you and to enable us to provide you with more comprehensive support. You can revoke your consent to the processing of the voluntarily provided data at any time. To do so, please contact us using the above-mentioned contact option. 

Revocation of your consent to data processing 

Some data processing operations are only possible with your consent. You can revoke consent you have already given at any time. To do so, simply send an informal e-mail to one of the above e-mail addresses. The legality of the data processing carried out until the revocation remains unaffected by the revocation. 

Forwarding of e-mails in the context of an establishment of contact  

When contacting our service team via e-mail, the contact data transmitted by the customer via e-mail may be used for the current enquiry as well as other digitally transmitted processes in order to automatically forward the enquiry to the responsible internal department, if possible. This is to ensure the proper processing of these business transactions and to guarantee a faster handling of customer enquiries. The contact data provided will be transferred to our customer database and stored there. 

Legal basis 

The processing of the data you provide in this context is based on our legitimate interest in accelerating and further optimising our process flows for our customers (Art. 6 para. 1 lit. f DSGVO). 

Storage period 

The personal data processed in this context will be retained for the duration of your business relationship with us or until you request us to delete it. Statutory storage obligations remain unaffected. 

Cookies 

The websites of SANHA GmbH & Co. KG partly use so-called cookies. Cookies are small text files that we store on your terminal device when you visit our website. Each time you visit our website again, these cookies are sent back to us. This enables us to recognise you, for example, or to make navigation easier for you with the help of the information in the cookies. 

Cookies cannot be used to start programmes or transfer viruses to a computer. Cookies can only be read by the web server from which they originate. 

We do not pass on the information in the cookies to third parties without your express consent. You can also view our website without cookies. Internet browsers are regularly set to accept cookies. In order to prevent the use of cookies by your Internet browser, you can (1) reject the use of cookies when calling up our website via the cookie layer (if available) or (2) deactivate the use of cookies via the settings of your Internet browser. You can find out how to deactivate and/or delete cookies in your browser by using the help functions of your Internet browser. Please note that deactivating/deleting cookies may mean that individual functions of our website no longer work as expected. Cookies that may be required for certain functions of our website are shown below. In addition, the deactivation/deletion of cookies only affects the Internet browser used for this purpose. For other Internet browsers, the deactivation/deletion of cookies must therefore be repeated accordingly. Cookies that we use for certain functions, without personal reference: 

• Cookies that store certain user preferences (e.g. search or language settings). 
• Cookies that store data to ensure the trouble-free playback of video or audio content. 
• Cookies that temporarily store certain user inputs (e.g. contents of a shopping basket or an online form).  
• Cookies that we use for certain functions, with personal reference  
• Cookies that serve to identify or authenticate our users 

We store the data until the end of the term of a respective cookie or until the cookies are deleted by you. This processing is based on Art. 6 para. 1 lit. f DSGVO. Our interest is the ongoing optimisation of the website and the improvement of user-friendliness. 

Statistical evaluation with Matomo 

We use the analysis service Matomo for statistical evaluation of the use of our website. The provider is InnoCraft Ltd, 7 Waterloo Quay, PO Box 625, 6140 Wellington, New Zealand. We have concluded an order processing contract with Matomo. In the course of using Matomo, personal data may also be transmitted to the servers of ePrivacy GmbH in Germany.  

You can view the Matomo privacy policy at the following link:  

Privacy Policy - Analytics Platform - Matomo 

Legal basis  

The use of Matomo for statistical evaluation of our website is based on Art. 6 para. 1 lit. a DSGVO, your consent. 

You can prevent the use of cookies by not giving us your consent. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. 

Revocation of your consent to data processing 

Some data processing operations are only possible with your consent. You can revoke consent you have already given at any time. To do so, simply send an informal e-mail to one of the above e-mail addresses. The legality of the data processing carried out until the revocation remains unaffected by the revocation. 

For marketing purposes, to communicate with our customers or to arouse interest in our company, we present ourselves on social networks. In the following points we inform you about the associated processing activities.  

Data processing for presentation and communication 

Social networks enable us to present our company to persons who have an account with the social network (hereinafter "user") and to all visitors to our profiles without an account with the social network (hereinafter "guest"). Furthermore, customers and interested parties can contact us via this profile. Our profiles and posts are generally viewable by users and guests (hereinafter users and guests are collectively referred to as "visitors"). If you comment on our posts or send us a message, this data is stored by the social network and can be viewed by us. We can reply to your comment or message. For posts, your comment and our reply may still be visible to all users of the social network or to all visitors. 

Data processing for statistical and promotional purposes 

If you access our profile, the social network can store and evaluate your access and all further interactions of you on the website of the social network. As a rule, our profiles and posts can be viewed by users and guests (hereinafter referred to collectively as "visitors"). If you comment on our posts or send us a message, this data is stored by the social network and can be viewed by us. We can reply to your comment or message. For posts, your comment and our reply may still be visible to all users of the social network or to all visitors. 

If you have an account with the social network and are logged in when you visit our profile, the provider of the social network may link your interactions with our profile to your account data and process it further. However, it is also possible that data about your interactions with our profile will be stored by the social network for the duration of your visit and processed for further purposes if you are not logged in there or do not have an account. In this case, an allocation can take place, for example, through the use of cookies, small files which are stored on your end device, or in connection with your IP address. 

With this data processing, the platform pursues the purpose of creating an interest profile of the visitor in order to use this for advertising purposes. When the person calls up certain websites, information about this call is evaluated and the provider assigns certain interests to the visit. Based on the assigned interests, advertisements are displayed to the visitor. Interest-based advertisements can be displayed by the provider both within and outside the web pages of the social network. 

Categories of persons concerned 

People who access our profile on the relevant social network (both users with an account with the social network provider and visitors without an account). 

Assertion of your rights as a data subject 

For information requests or to exercise your other rights as a data subject, we recommend that you contact the provider directly, as only the provider has full access to the data processed in connection with a call to our profile or interaction with us on the social network. The contact information of the social networks for exercising your rights as a data subject can be found under the item "Information on the social networks used by us". In the case of data processing where there is joint responsibility between the social network provider and us, you also have the right to exercise your rights as a data subject against us. In such a case, we will forward your request to the social network, insofar as the request concerns data or processing activities that are processed by the social network. 

Further information on the processing activities of the social networks and the existing objection options can be found under the item "Information on the social networks we use". 

Facebook: 

Provider 

Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland (nachfol-gend Facebook) 

Website 
https://de-de.facebook.com/ 

Form for contacting the Facebook data protection officer 
https://www.facebook.com/help/contact/540977946302970 

Facebook Data Policy 
https://de-de.facebook.com/policy.php 

Our profile 

https://www.facebook.com/sanhagmbh 

Joint officer  

We have entered into a shared responsibility agreement with Facebook which applies to the processing of data in connection with our profile on Facebook (the "Page") for the purpose of providing the profile and statistical analysis of the interactions of visitors to our profile. This agreement sets out the obligations to be fulfilled by either Facebook or us in relation to the processing of data and which party is responsible for each processing activity. 

Agreement on joint responsibility for data processing for Page Insights between Facebook and us as the owner of a profile on Facebook pursuant to Art. 26 DSGVO: https://www.facebook.com/legal/terms/page_controller_addendum 

Purposes and legal basis 

• Presentation of our company, legitimate interest ((Art. 6 para. 1 p. 1 lit. f) DSG-VO) 
• Communication with customers and interested parties, legitimate interest ((Art. 6 para. 1 p. 1 lit. f) DSGVO) 
• Statistical purposes, legitimate interest ((Art. 6 para. 1 p. 1 lit. f) DSGVO) 

Insofar as Facebook carries out further processing activities or processes data for statistical or advertising purposes, Facebook is the controller of the processing and the processing may be based on other legal bases. For more information, please refer to the "Facebook Data Policy" section. 

Possibility of objection 

If you wish to object to processing by Facebook, you can find this under the following link for the different processing activities:  

https://www.facebook.com/help/contact/367438723733209?no_redirect  

If you would like to receive the newsletter offered on the website, we require an e-mail address from you and that you agree to receive the newsletter. Further data will not be collected or only on a voluntary basis.  

The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the email address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. 

Revocation of your consent to data processing 

Some data processing operations are only possible with your consent. You can revoke consent you have already given at any time. To do so, simply send an informal e-mail to one of the above e-mail addresses. The legality of the data processing carried out until the revocation remains unaffected by the revocation. 

Newsletter dispatch by Rapidmail 

To send the newsletter, SANHA GmbH & Co. KG uses the Rapidmail service. The provider of this service is rapidmail GmbH, Wentzingerstraße 2, 79106 Freiburg im Breisgau, Germany. 

Rapidmail is a service with which, among other things, the sending of newsletters can be organised and analysed. The data you enter for the purpose of receiving the newsletter is stored on Rapidmail's servers in Germany. 

If you do not wish to have your data analysed by Rapidmail, you must unsubscribe from our newsletter. You will find the link for this in every newsletter message. 

Data analysis by Rapidmail 

In order to analyse the success of our newsletter, the e-mails sent with Rapidmail contain a so-called web beacon or a "tracking pixel", which reacts to interactions with the newsletter. In this way, it can be determined whether a newsletter message was opened, whether links were clicked or at what time the newsletter was read. 

Within the framework of the success analysis, the following data are processed by Rapidmail: 

• Master data (e.g. name, address) 
• Contact data (e.g. e-mail address, telephone number) 
• Meta and communication data (e.g. device information, IP address) 
• Usage data (e.g. interests, access times) 

Legal basis 

The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. The legality of the data processing already carried out remains unaffected by the revocation. 

Revocation of your consent to data processing 

Some data processing operations are only possible with your consent. You can revoke consent you have already given at any time. To do so, simply send an informal e-mail to one of the above e-mail addresses. The legality of the data processing carried out until the revocation remains unaffected by the revocation. 

Storage period 

The data you provide us with for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for registration in the online shop) remain unaffected by this. 

Conclusion of a contract for commissioned data processing 

We have concluded a contract with rapidmail GmbH in accordance with Art. 28 Para. 3 DSGVO, in which we oblige Inxmail to protect our customers' data and not to pass it on to third parties. 

Disclosure to other third parties

With regard to newsletter, press and investor distribution lists, we use the following external service providers in part to fulfil our contractual and legal obligations:

EQS Group AG, Karlstraße 47, 80333 Munich, Germany, website: https://www.eqs.com/de/

IR.on AG, Mittelstraße 12-14, Haus A, 50672 Cologne, Germany, website: https://www.ir-on.com/

The data you provide to us via the newsletter registration form will be transmitted to the aforementioned service providers. The legal basis for the data processing is Art. 6 para. 1 lit. b and f DSGVO. Our service providers will only process your data to the extent that this is necessary for the fulfilment of their service obligations and follow our instructions with regard to this data. To ensure data protection-compliant processing, we have concluded a contract on commissioned processing with our service providers.

YouTube 

We have integrated YouTube videos on our website, these videos are stored on www.youtube.com. If you use these videos, you will be redirected to the YouTube platform. The provider of this platform is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. While using YouTube, personal data may also be transmitted to Google LLC. These companies are based in the USA. The processing of personal data is governed by so-called standard contractual clauses concluded with us by the Commission of the European Union. https://privacy.google.com/businesses/processorterms/. 

The YouTube videos on our website are all embedded in extended data protection mode, which means that no data about you as a user or personal data in general is transmitted to YouTube unless you play the videos. If you play the videos offered, data will be transmitted. We have no influence on the transmitted data. The transfer of data takes place regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, the following data will be assigned to your user account.  

If you do not want the data transfer with the assignment to your profile to YouTube, you must log out of your Google account before playing the videos. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or designing its website to meet your needs. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right. 

The processing is based on the legal basis Art. 6 para. 1 lit. a). You can revoke your consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation. 

Revocation of your consent to data processing 

Some data processing operations are only possible with your consent. You can revoke consent you have already given at any time. To do so, simply send an informal e-mail to one of the above e-mail addresses. The legality of the data processing carried out until the revocation remains unaffected by the revocation.  

You can view further information on YouTube and Google here:  

https://www.google.com/intl/de/policies/privacy/ (General Google Privacy Policy) 
https://policies.google.com/terms?hl=de#toc-software (Terms of use Google services) 
https://www.youtube.com/static?gl=DE&template=terms&hl=de (Terms of Use YouTube) 

PayPal 

On our website we offer, among other things, payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as "PayPal"). 

Legal basis 

If you select payment via PayPal, the payment data you enter will be transmitted to PayPal. 

Credit card 

On our website we offer, among other things, payment by credit card via our payment service provider Computop Paygate GmbH, Schwarzenbergstr. 4, D-96050 Bamberg. 

If you select payment by credit card, personal and payment-relevant data that are requested and required for processing the transaction are transmitted directly to your banking institution or credit card company or Computop. Credit card data is collected exclusively by Computop and stored in encrypted form. 

Legal basis 

The transfer of your data to Computop takes place for contractual purposes. 

We also collect, process and use personal data outside the environment of the online shop, insofar as they are necessary for the establishment, content or amendment of the contract. 

Data categories  

We need the following data to register you as a customer with us: 

• Company name with legal form (e.g. GmbH) 
• Company headquarters (street / house number / postcode / town)
• Name and first name of contact person
• Telephone number
• Surname and first name of the managing director/owner of the commercial enterprise 

You can voluntarily provide us with the following data: 

• E-mail address - Please note, however, that we need this to access our online shop. 
• Fax 
• Billing address, if different 
• Mobile phone number 
• Date of birth of the managing director/owner of the commercial enterprise 

Storage period 

The collected data will be stored by us as long as you have a business relationship with us. After termination of the business relationship, your data will be deleted. Statutory retention periods remain unaffected by this. 

Data categories 

Within the framework of the processing of customer personal data, the following personal data are processed.  

• Customer number 

• Company 
• Street number 
• House number 
• Postcode 
• City
• Contact person
• Function
• Telephone number
• E-Mail 

Legal basis 

The processing of personal data is carried out for contractual purposes, the legal basis for the processing for these purposes is, 

• if you are a registered trader or freelancer, Art. 6 para. 1 lit. b DSGVO, the data processing is for the purpose of implementing the contract or pre-contractual measures with the data subject; or 

if you are an employee of a company, e.g. an employee in purchasing, Art. 6 para. 1 lit. f DSGVO, the legitimate interest ofSANHA GmbH & Co. KG is. The legitimate interest of SANHA GmbH & Co. KG. is the preparation of the sale of products or services of companies of the SANHA GmbH & Co. KG., which is based in particular on entrepreneurial freedom and professional freedom. 

Storage period 

The transmitted data is already available to us and is only transmitted to the respective company; the duration of storage by SANHA GmbH & Co. KG depends on the storage period for the original processing purpose. The duration of storage at the receiving company depends on the data protection information of the respective company. 

Información sobre protección de datos para concursos y promociones de conformidad con el artículo 13 del Reglamento general europeo de protección de datos (RGPD)

De vez en cuando, SANHA GmbH & Co. KG organiza concursos y promociones en los que pueden participar clientes e interesados. A continuación le informamos sobre el tratamiento de sus datos personales en relación con estos concursos y promociones de conformidad con el artículo 13 del GDPR. La siguiente "Información sobre protección de datos para concursos y promociones" se aplica además de nuestra información sobre protección de datos, disponible en Protección de datos (sanha.com).

1 Responsable del tratamiento y encargado de la protección de datos

1.1 Nombre y dirección del responsable del tratamiento

El controlador en el sentido del GDPR y otras leyes nacionales de protección de datos de los estados miembros, así como otras regulaciones de protección de datos es

SANHA GmbH & Co. KG

Im Teelbruch 80

45219 Essen, Alemania

Teléfono: +49 2054 9509-212

Correo electrónico: gdpr@sanha.com

2 Información general sobre el tratamiento de datos

2.1 Alcance del tratamiento de datos personales

Cuando participa en un concurso o promoción, tratamos los datos y la información que nos facilita en el formulario de inscripción. Esto incluye los datos necesarios para la participación, tales como

• su nombre y apellidos
• su dirección
• nombre en las redes sociales (Facebook, Instagram, TikTok)

así como cualquier dato e información facilitados voluntariamente por usted como parte de su participación.

2.2 Finalidad del tratamiento de los datos personales

Sus datos personales se tratarán con el fin de organizar el concurso o la promoción, en particular para determinar y notificar los ganadores.

Posteriormente, podremos recoger y tratar datos adicionales, por ejemplo, su dirección postal, con el fin de enviar y entregar los premios.

2.3 Base jurídica del tratamiento

La base jurídica del tratamiento es el cumplimiento de la obligación contractual derivada de la participación en el concurso (Art. 6 párrafo 1 frase 1 lit. b GDPR)

2.4 Posibilidad de oponerse

Puede oponerse al tratamiento de sus datos en cualquier momento. Para ello, envíe un mensaje a gdpr@sanha.com o a una de las direcciones de contacto indicadas anteriormente.

Le informamos de que, en caso de oposición, queda excluida la participación en el concurso o la promoción.

2.5 Supresión de datos y plazo de conservación

Los datos procesados se borrarán una vez finalizado o expirado el concurso o la promoción y el envío de los premios.

Si un participante ha dado su consentimiento para recibir información sobre los productos y servicios de SANHA GmbH & Co KG al registrarse, los datos y la información cubiertos por este consentimiento se procesarán de conformidad con las disposiciones legales. Para obtener información sobre el tratamiento de sus datos con fines publicitarios, consulte también nuestra información sobre protección de datos, disponible en Protección de datos (sanha.com).

3 Derechos del interesado

Si se procesan sus datos personales, usted es un interesado en el sentido del GDPR y tiene los siguientes derechos frente a nosotros como responsables del tratamiento

• Derecho de acceso
• Derecho de rectificación
• Derecho a la limitación del tratamiento
• Derecho de supresión
• Derecho de información
• Derecho a la portabilidad de los datos
• Derecho de oposición
• Derecho a revocar la declaración de consentimiento en virtud de la ley de protección de datos
• Derecho a presentar una reclamación

Para más información sobre sus derechos como interesado, consulte nuestra información sobre protección de datos, disponible en Protección de datos (sanha.com).