Data protection

Data protection 2018-07-02T12:49:26+00:00

1         Introduction and general provisions

Thank you for your interest in our company. The management of sanotact GmbH takes your privacy and the protection of your data very seriously. While it is, in principle, possible to use the websites of sanotact GmbH without disclosing any personal data, the processing of personal data may be required where visitors wish to use specific services offered by our company through the website. If the processing of personal data is necessary and there is no legal basis for such processing, we will seek the consent of the data subject.

We process personal data, e.g. the name, address, email address or telephone number of a data subject, strictly in accordance with the General Data Protection Regulation (GDPR) and any applicable national data protection provisions. The purpose of this privacy policy is to provide the public with information about the nature, scope and purpose of the collection, use and processing of personal data, and to inform website users about their rights.

Sanotact GmbH, as the data controller, has implemented a range of technical and organisational measures to ensure that the personal data processed via this website are protected to the fullest extent possible. However, it should be noted that transfer of data over the Internet can pose a security risk and cannot be fully protected against third-party access. For this reason, data subjects are may use alternative means, e.g. telephone to communicate personal data to us.

1.1     Name and address of the data controller

The data controller within the meaning of the General Data Protection Regulation (GDPR), other data protection laws applicable in the member states of the European Union and other data protection provisions is:

sanotact GmbH
Hessenweg 10
48157 Münster

Telephone: +49 (0)251 1421.0
Email: info@sanotact.de

 

1.2     Name and address of the data protection officer

Our data protection officer can be reached through the following address:

DMK Deutsches Milchkontor GmbH
Flughafenallee 17
28199 Bremen

Email: datenschutz@dmk.de

Visitors to our website and any other interested parties can contact our data protection officer at any time with any questions or suggestions regarding data protection they may have.

1.3     Disclosure of data

We will not transmit your personal data to third parties for purposes other than those listed below.

We will pass your personal data to third parties only if

  • you have given your explicit consent in accordance with Article 6(1)(a) GDPR for us to disclose your data e.g. to a carrier by ordering goods to be posted to you or by agreeing to separate terms to take part in competitions,
  • the disclosure is necessary in accordance with Article 6(1)(f) GDPR and there is no reason to assume that you have an overriding legitimate interest in non-disclosure of your data,
  • the disclosure is necessary for compliance with a legal obligation in accordance with Article 6(1)(c) GDPR, or
  • it is legally permissible and necessary for the performance of a contract with you in accordance with Article 6(1)(b) GDPR.

2         Data collection policy

2.1     Cookies

The websites of sanotact GmbH use cookies. Cookies are text files that are placed and stored on a computer system by a browser.

Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which websites and servers can be assigned to the specific browser in which the cookie was stored. This allows the visited websites and servers to distinguish the concrete browser of the website visitor from other browsers that contain other cookies. A specific browser can be recognised and identified using the unique cookie ID.

By using cookies, sanotact GmbH can provide users of this website with more user-friendly services that would not otherwise be possible.

Website users can prevent cookies from being installed by our website by changing the settings of their browser to block the acceptance of cookies. Furthermore, users can delete cookies already stored on their computers through their browser or other software. While all popular browsers offer this option, if used, some features of this website may no longer function properly.

2.2     Collection of data and information

a)            When visiting the website

When you visit our website, the browser on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:

  • Name of the accessed file
  • Date and time of the access
  • Amount of data transferred
  • Message indicating whether the access attempt was successful
  • Type of web browser used
  • Type of operating system used
  • Referring website
  • Name of your ISP
  • Your IP address

We process this data for the following purposes:

  • Ensure a smooth connection to the website,
  • Make our website more user-friendly,
  • Evaluate the security and stability of the system
  • and for other administrative purposes.

The legal basis for data processing is Article 6(1)(f) GDPR. The purposes listed above constitute legitimate interests as defined by GDPR. We will not, under any circumstances, use the data collected to identify you.

b)            When using our contact form

If you have any questions, you can use the form provided on our website to contact us. If a website visitor contacts us, the personal data transmitted by him or her to us on a voluntary basis will be automatically stored – for the purpose of processing or establishing contact. We do not pass personal data on to third parties. We process the data you provide in the contact form based on your consent to the processing of personal data in accordance with Article 6(1)(a) GDPR.

3         Web analysis and website optimisation

This website uses Matomo (formerly Piwik), an open-source web analytics tool (http://mamoto.org), to collect and store data for marketing and optimisation purposes. This data can be used to create user profiles under a pseudonym. Cookies in the user browser may be used for this purpose. Cookies are small text files stored locally in the cache of the browser used by the website’s visitors. We use cookies to recognise your browser when you return to the website. Unless a separate consent is obtained from the data subject, the data collected by Piwik will not be used to identify the visitor of this website or linked with any personal data about the bearer of the pseudonym.

You can prevent cookies from being used by setting your browser to reject cookies. Please note that if you do this, some features of this website may no longer function properly.

4         Google’s (re)marketing services

For the purposes of our legitimate interests (i.e. our interest in analysing, optimising and running our Websites in a commercially viable manner within the meaning of Article 6(1)(f) GDPR), we use the marketing and remarketing services (hereinafter referred to in short as “Google marketing services”) provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).

Google is certified under the Privacy Shield framework, which offers a guarantee of compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google marketing services enable us to display ads on our website in a more targeted fashion to show you only ads you that are potentially of interest to you. The method we use, known as remarketing, involves, for example, showing you ads for products in which you have already shown an interest on other websites. For this purpose, our websites and other websites which use Google marketing services contain a snippet of code, which is executed directly by Google. This integrates what are known as (re)marketing tags in the website (invisible image files or code, also known as “web beacons”). With the help of these tags, an individual cookie, i.e. a small file, is saved on your device (comparable technologies may also be used instead of cookies). These cookies may be placed by a range of different domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com and googleadservices.com. This file stores information about the websites you visit, the content you are interested in and on which offers you have clicked, as well as technical information on the browser and operating system, referring websites, visit length and other data on the use of the website. While your IP address will also be recorded, the IP address collected by Google Analytics will be truncated within the member states of the European Union or other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to Google servers in the US and truncated there. Google will not associate your IP address collected by Google Analytics with any other data held by Google. Google may also link the above information with similar information from other sources. If you subsequently visit other websites, you may see ads tailored to you based on your interests.

We process your data in a pseudonymised manner as part of Google marketing services, i.e. Google does not store and process details such as your name or email address, but instead processes the relevant data within pseudonymised user profiles based on cookies. This means that, from Google’s perspective, the ads are not managed or displayed for a concrete, identifiable person, but rather a cookie holder, irrespective of who this cookie holder is. This does not apply if you have explicitly given Google your consent to process the data without pseudonymisation. The information collected about users through Google Marketing Services is transmitted to Google and stored on Google’s servers in the US.

Among the Google marketing services we use is the online advertising service “Google AdWords”. In the case of Google AdWords, each AdWords customer receives a different “conversion cookie”. This is why cookies cannot be tracked using the websites of AdWords customers. The information collected by the conversion cookie is used to create conversion statistics for AdWords customers, who have opted-in to conversion tracking. In this way, AdWords customers learn how many users who clicked on their ad have then been redirected to a conversion tracking tag page. However, they do not receive any information that could be used to identify any particular user.

For more information on how Google uses data for marketing purposes, please refer to https://www.google.com/policies/technologies/ads, and Google’s privacy policy https://www.google.com/policies/privacy.

If you wish to opt-out from interest-based advertising by Google marketing services, you can change your settings and take advantage of the opt-out option, at: http://www.google.com/ads/preferences.

5         Twitter feed integration

We may integrate content and related features of Twitter, which may, for example, be displayed as a feed. Twitter is operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. As part of this use, content such as images, videos and texts as well as buttons for liking and subscribing to Twitter may be downloaded.

If you use these features and have an account on the Twitter platform itself, Twitter can use your account to link your activities to your profile. For more information about Twitter’s privacy policy, please refer to https://twitter.com/en/privacy; in addition, Twitter is certified under the Privacy Shield Agreement, which guarantees compliance with European data protection laws and regulations.

You can disable the transmission of data to Twitter by installing an opt-out cookie by clicking on the following link: https://twitter.com/personalization.

6         Rights of data subjects

As a data subject you have the following rights:

a)            Right of access

You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed.

b)            Rectification/ erasure/ restriction of processing

Furthermore, you have the right to obtain from us

  • without any undue delay the rectification of inaccurate personal data concerning you (right to rectification);
  • the erasure of personal data concerning you without undue delay (right to erasure) and
  • restriction of processing of your personal data (right to restriction of processing).

c)            Right to data portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

d)            Right of withdrawal

You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

e)            Right to object

You have the right to object if the processing of your personal data is necessary for the performance of a task carried out in the public interest (Article 6(1)(e) GDPR) or for the purposes of our legitimate interests (Article 6(1)(f) GDPR).

f)             Right to lodge a complaint

Without prejudice to any other legal remedy, you have the right to lodge a complaint with a supervisory authority, if you consider that the processing of personal data relating to you infringes the GDPR; for information about the competent supervisory authority, please visit http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm