Privacy Policy
1 AT A GLANCE
Thank you for your interest in our company. The protection of your privacy and your personal data is very important to us.
The following information provides a simple overview of what we do with your personal data when you visit this website and in our company. Personal data is any data that can be used to identify you personally. For detailed information related to privacy, please refer to our privacy policy listed below this text.
1.1 RESPONSIBLE FOR DATA PROCESSING
Sinus GmbH i.L.
Postfach 1102
26198 Wardenburg
Germany
Phone: +49 (4402) 98 93 97
email: info@sinus-europe.com
Website: www.sinus-europe.com
1.2 NOTES ON DATA ACQUISITION
On the one hand, we use information you provide us. This can be, for example, data that you enter in a contact form.
Other data is collected automatically or after your consent when you visit our website by our IT systems. This is mainly technical data (e.g., Internet browser, operating system or time of page view). The acquisition of this data happens automatically as soon as you enter this website.
1.3 USE OF DATA
Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyze user behavior.
1.4 YOUR RIGHTS TO YOUR PERSONAL DATA
Depending on your geographical location and citizenship, your rights are subject to local data privacy regulations. These rights may include:
• Right to Access (GDPR Article 15)
You have the right to request a copy of the personal data we are processing about you.
• Right to Rectification (GDPR Article 16)
You have the right to have incomplete or inaccurate personal data that we process about you rectified.
• Right to be Forgotten (right to erasure) (GDPR Article 17)
You have the right to request that we delete personal data that we process about you, except we are not obliged to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.
• Right to Restriction of Processing (GDPR Article 18)
You have the right to restrict our processing of your personal data where you believe such data to be inaccurate; our processing is unlawful; or if we no longer need to process such data for a particular purpose unless we are not able to delete the data due to a legal or other obligation or because you do not wish us to delete it.
• Right to Portability (GDPR Article 20)
You have the right to obtain personal data we hold about you, in a structured, electronic format, and to transmit such data to another data controller, where this is (a) personal data which you have provided to us, and (b) if we are processing that data based on your consent or to perform a contract with you
• Right to Objection (GDPR Article 21)
Where the legal justification for our processing of your personal data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defense of a legal claim.
Withdrawing Consent
If you have consented to our processing of your personal data, you have the right to withdraw your consent at any time, free of charge, such as where you wish to unsubscribe from marketing messages that you receive from us. If you wish to withdraw your consent, please contact us using the information found at the bottom of this page.
How to Exercise Your Rights
You can make a request to exercise any of these rights in relation to your personal data by sending the request to our privacy team.
For your own privacy and security, at our discretion, we may require you to prove your identity before providing the requested information.
1.5 RETENTION & DELETION
We will only retain your personal data for as long as necessary for the purpose for which that data was collected and to the extent required by applicable law. When we no longer need personal data, we will remove it from our systems and / or take steps to anonymize it.
1.6 PURPOSE AND LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
We collect and use personal data about you with your consent to provide, maintain, and develop our products and services and understand how to improve them.
These purposes include:
• to deliver your product or service
• to fulfill orders including electronic and non-electronic shipment
• building a safe and secure environment
• to verify or authenticate your identity; and
• investigate and prevent security incidents such as breaches, attacks and hacks.
• providing, developing, and improving our products and services
• deliver, maintain, debug and improve our products and services.
Where we process your personal data to provide a product or service, we do so because it is necessary to perform contractual obligations. All of the above processing is necessary in our legitimate interests to provide products and services and to maintain our relationship with you and to protect our business for example against fraud. Consent will be required to initiate services with you. New consent will be required If any changes are made to the type of data collected.
1.7 COMPLAINTS
If you have a complaint about this Policy or any element of your personal information that we hold then please contact us below. If you are not satisfied, then you have the right to lodge a complaint with the local data protection authority.
1.8 OBJECTION TO ADVERTISING EMAILS
The use of contact data published within the framework of the imprint obligation to send advertising and information materials not expressly requested is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
2 HOSTING
alfahosting
We host our website with Alfahosting GmbH, Edmund-von-Lippmann-Straße 13-15, 06112 Halle (Saale).
When you visit our website, the hosting provider may create various log files that contain, among other things, your IP addresses.
The use of alfahosting is based on §6 para. 1(f) GPDR. We have a legitimate interest in the most reliable and consistent presentation of our website.
Insofar as a corresponding consent has been requested, the processing is carried out exclusively based on §6 para. 1(a) GPDR and §25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g., device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
Data processing agreement
We have made a data processing agreement (DPA) with the above-mentioned provider. This is an agreement required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
3 DATA ACQUISITION ON THIS WEBSITE
Our Internet pages use so-called "cookies". Cookies are small text files and do not cause any damage to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them. Other cookies are used to evaluate user behavior or to display advertising.
Technical necessary cookies are stored based on §6 para 1(f) GPDR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is based exclusively on this consent (§6 para 1(a) GPDR and §25 para. 1 TTDSG); the consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When deactivating cookies, the functionality of this website may be limited.
4 CONTACT BY E-MAIL, PHONE OR FAX
If you contact us by e-mail, telephone or fax, your inquiry including all resulting personal data (name, details of your inquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
The processing of this data is based on §6 para. 1(b) GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests sent to us (§6 para. 1(f) GDPR) or on your consent (§6 para. 1(a) GDPR) if this has been requested; the consent can be revoked at any time.
The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g., after your request has been processed). Mandatory legal provisions - in particular legal retention periods - remain unaffected.
5 AUDIO AND VIDEO CALLS
Among other tools, we use online conferencing tools to communicate with our customers. The tools we use in detail are listed below. If you communicate with us via video or audio conference via the Internet, your personal data will be collected and processed by us and the provider of the respective conference tool.
In doing so, the conferencing tools collect all data that you provide/enter to use the tools (e.g., email address and/or phone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other "context information" related to the communication process (metadata).
Furthermore, the provider of the tool processes all technical data required to handle the online communication. This includes IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.
If content is exchanged, uploaded or otherwise made available within the tool, this is also stored on the servers of the tool providers. Such content includes cloud recordings, chat/ instant messages, voicemails uploaded photos and videos, files, whiteboards, and other information shared while using the service.
Please note that we do not have full control over the data processing operations of the tools used. Our options are largely based on the company policy of the respective provider. For further information on data processing by the conference tools, please refer to the privacy statements of the respective tools used, which we have listed below this text.
The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers ($6 para. 1(b) GPDR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of $6 para. 1(f) GPDR). Insofar as consent has been requested, the tools in question are used based on this consent; consent can be revoked at any time with effect for the future.
The data collected directly by us via the video and conference tools is deleted from our systems as soon as you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal retention periods remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.
We use the following conference tools:
• Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Ireland Operations Ltd, One Microsoft Place, South County Business Park Leopardstown Dublin 18, D18 P521 Ireland. For details on data processing, please see the Microsoft Teams privacy policy: https://privacy.microsoft.com/de-de/privacystatement.
We have made a data processing agreement (DPA) with the above-mentioned provider. This is an agreement required by data protection law, which ensures that this provider only processes the personal data in accordance with our instructions and in compliance with the GDPR.
6 HANDLING APPLICANT DATA
We offer you the opportunity to apply to us (e.g., by e-mail or post). In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other statutory provisions and that your data will be treated in strict confidence.
Scope and purpose of data collection
If you send us an application, we will process your associated personal data (e.g., contact and communication data, application documents, notes taken during interviews, etc.) insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is §26 BDSG (§88 GPDR) under German law (initiation of an employment relationship), §6 para. 1(b) GPDR (general contract initiation) and - if you have given your consent - §6 para. 1(a) GPDR. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons involved in processing your application.
If the application is successful, the data submitted by you will be stored in our data processing systems based on §26 BDSG (§88 GPDR) and §6 para. 1(b) GPDR for the purpose of implementing the employment relationship.
Data retention period
If we are unable to make you a job offer, if you reject a job offer, or if you withdraw your application, we reserve the right to retain the data you have provided based on our legitimate interests (§6 para. 1(f) GPDR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted and the physical application documents destroyed. This storage serves as evidence in the event of a legal dispute. If it is apparent that the data will be required after the 6-month period has expired (e.g., due to an impending or pending legal dispute), the data will not be deleted until the purpose for continued storage no longer applies.
Longer storage may also take place if you have given your consent (§6 para. 1(a) GPDR) or if legal storage obligations prevent deletion.
7 COMMUNICATION
To contact you, we will write you an e-mail with further information, to process your inquiry, your order or in the context of our general business relationship. For this purpose, your e-mail address, the e-mail content and the history of the communication are recorded. The e-mails are hosted by an external service provider. The provider is Microsoft, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.
We have made a data processing agreement (DPA) with the above-mentioned provider. This is an agreement required by data protection law, which ensures that this provider only processes the personal data in accordance with our instructions and in compliance with the GDPR.
For more information about Microsoft's privacy practices, please visit: https://privacy.microsoft.com/de-de/privacystatement.
Furthermore, we can also call you by phone or mobile.
The processing of the data is based on the fulfillment of the contract according to §6 para. 1(b) GPDR, which allows the processing of data for the fulfillment of a contract or pre-contractual measures (customer relationship, contracts with business partners).
Data will only be passed on if this has been agreed with you or is necessary for the current business transaction.
Your data will be stored by us on our systems within the scope of the statutory retention obligation.
8 FINANCIAL ACCOUNTING
To handle financial accounting we use personal data of contact persons and other invoice information (name, address, e-mail address, telephone number, cell phone number).
The processing is based on a legal requirement according to §6 para. 1(c) GPDR. The processing is necessary for compliance with a legal obligation to which the controller is subject (principles of proper accounting).
A forwarding takes place to our responsible tax consultant. The data will be stored within the scope of the statutory retention obligations.
9 ORDER ENTRY AND ORDER PROCESSING
To process your order or inquiry, we collect personal data of contact persons (name, e-mail address, telephone number, responsibility in your company) as part of the process.
The processing is based on a contract or pre-contractual measure according to $6 para. 1(b) GPDR.
A forwarding takes place to the annual financial statement / tax return to the tax consultant. The data is stored within the scope of the statutory retention obligations.
Stand : 2022