WEBSITE DATA PROTECTION DECLARATION AND AT THE SAME TIME INFORMATION FOR DATA SUBJECTS PURSUANT TO ARTICLE 13 AND ARTICLE 14 OF THE EU GENERAL DATA PROTECTION REGULATION
GENERAL INFORMATION
Details of the responsible body
Company:
SAE Applications for Digitalization GmbH
Legal representative:
Dipl. Ing. Erich Schaarschmidt
Susanne Henkel
Address:
Seegarten 12 – 14, 84187 Weng
Contact details data protection officer:
Robert Aumiller
E-mail: r.aumiller@r-au.de
GENERAL DATA PROCESSING INFORMATION
DATA CONCERNED:
Personal data is only collected if you provide it to us voluntarily. No other personal data is collected. Any processing of your personal data that goes beyond the scope of the statutory permissions will only take place on the basis of your express consent.
Processing purpose:
Contract execution.
Categories of recipients:
Public authorities in the case of overriding legal provisions. External service providers or other contractors. Other external bodies if the data subject has given their consent or transmission is permitted for reasons of overriding interest.
Third country transfers:
Processors outside the European Union may also be used in the performance of the contract.
Duration of data storage:
The duration of data storage depends on the statutory retention obligations and is generally 10 years.
SPECIFIC INFORMATION ON THE WEBSITE
HOSTING & CONTENT DELIVERY NETWORK
If you as a visitor neither contact us via the contact form, the appointment booking or the live chat function, nor make a purchase, we collect the following data in so-called log files, which your browser transmits: IP address, date and time of the request, time zone difference to Greenwich Mean Time, content of the request, HTTP status code, amount of data transferred, website from which the request comes and information about the browser and operating system. This is necessary to display our website and to ensure stability and security so that our hoster can bill us for the services provided and to enable efficient delivery of the website. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR. We use the following hoster to provide our website. Kinsta Inc.
Attn: Privacy and Data Protection Team
8605 Santa Monica Blvd #92581
West Hollywood, CA 90069
USA
privacy@kinsta.com Kinsta mainly uses the Google Cloud Platform service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google) for its infrastructure. Kinsta has implemented compliance measures for international data transfers with Google. These apply to all global activities where Kinsta processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs) and the EU-US Data Privacy Framework. Kinsta is a recipient of your personal data and acts as a processor on our behalf. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR in not having to maintain a server on our premises ourselves. The server location is Frankfurt, Germany. Further information on objection and removal options vis-à-vis Kinsta Inc. can be found at: https://kinsta.com/legal/privacy-policy/ You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests. The data will be deleted after 30 days. The processing of the data specified in this section is not required by law or contract. The functionality of the website is not guaranteed without the processing.
CLOUDFLARE
We use the Content Delivery Network (CDN) of Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich Germany (Cloudflare) to increase the security and delivery speed of our website. This corresponds to our legitimate interest (Art. 6 para. 1 lit. f GDPR). A CDN is a network of [weltweit] distributed servers that is able to deliver optimized content to the website user. For this purpose, personal data may be processed in Cloudflare server log files. Please refer to the explanations under “Hosting”. Cloudflare is the recipient of your personal data and acts as a processor for us. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR not to operate a content delivery network ourselves. You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests. The processing of the data specified in this section is not required by law or contract. The functionality of the website is not guaranteed without the processing. Your personal data will be stored by Cloudflare for as long as is necessary for the purposes described. Further information on objection and removal options vis-à-vis Cloudflare can be found at Cloudflare DPA Cloudflare has implemented compliance measures for international data transfers. These apply to all global activities where Cloudflare processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). Further information can be found at: https://www.cloudflare.com/cloudflare_customer_SCCs-German.pdf
CONTACT FORM
This website provides a contact form. This contact form collects personal data such as your name and email address, as well as your IP address (at the time the contact form is submitted), which is collected and stored electronically. The legal basis for the processing of this data is Art. 6 para. 1 lit. a) GDPR. This data is not passed on to third parties and is used to answer and organize the contact request, as well as for internal statistics. By using the contact form, you agree that you consent to this. Furthermore, by using the contact form, you agree that SAE Applications for Digitalization GmbH will inform you by e-mail about SAE’s product portfolio, SAE events and other relevant topics such as publications (e.g. success stories, white papers, etc.). You can revoke this consent at any time by e-mail to kontakt@sae-portal.de, by fax or by post. We expressly point out that you are not obliged to use the contact form. You can also use other ways to contact us. You will also find this information under the menu item “Contact”.
PROVISION OF CONTENT AFTER TRANSMISSION OF DATA
This website provides various content, files and information that can only be accessed after successfully submitting a form and providing personal data such as name, e-mail address and IP address (at the time the form is submitted). This data is collected and stored electronically. The legal basis for the processing of this data is Art. 6 para. 1 lit. a) GDPR. This data is not passed on to third parties and is used to answer and transmit the requested content, files and information, as well as for internal statistics. By using the form, you agree that you consent to this. Furthermore, by using the form, you agree that SAE Applications for Digitalization GmbH may inform you by e-mail about SAE’s product portfolio, SAE events and other relevant topics such as publications (e.g. success stories, white papers, etc.). You can revoke this consent at any time by e-mail to kontakt@sae-portal.de, by fax or by post.
USE OF GOOGLE ANALYTICS
This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which enables your use of our website to be analyzed. By default, Google Analytics sets 4 cookies when you visit the website, which are stored as small text modules on your end device and collect certain information. The scope of this information also includes your IP address, which, however, is shortened by Google by the last digits in order to exclude a direct personal reference. The information is transferred to Google servers and processed there. Transmission to Google LLC, based in the USA, is also possible. Google uses the information collected to evaluate the use of the website. These reports on website activity are compiled for the purpose of providing other services relating to website activity and internet usage. The data collected as part of the use of Google Analytics 4 is stored for a period of two months and then deleted. All processing described above, in particular the setting of cookies on the terminal device used, is only carried out with your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future. To exercise your right of withdrawal, please deactivate this service via the “Cookie Consent Tool” provided on the website. We have concluded a data processing agreement with Google. (Data Privacy Framework)
Further legal information on Google Analytics 4 can be found at https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites.
- Demographic characteristics
Google Analytics 4 uses the special function “demographic characteristics” and can use it to create statistics that make statements about the age, gender and interests of site visitors. This is done by analyzing advertising and information from third-party providers. This allows target groups to be identified for marketing activities. However, the data collected cannot be assigned to a specific person and is deleted after being stored for a period of two months. - Google Signals
As an extension to Google Analytics 4, Google Signals will be used on this website to generate cross-device reports. If you have activated personalized ads and have linked your devices to your Google account, Google may, subject to your consent to the use of Google Analytics in accordance with Art. 6 para. 1 lit. a GDPR, analyze your usage behavior across devices and create database models, including cross-device conversions. We only receive statistics from Google. If you wish to stop the cross-device analysis, you can deactivate the “Personalized advertising” function in the settings of your Google account. To do this, follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de. You can find more information about Google Signals at the following link: https://support.google.com/analytics/answer/7532985?hl=de.
GOOGLE ADS CONVERSION TRACKING
This website uses Google Ads Conversion Tracking, a web analysis service of Google Inc (“Google”). Google Ads Conversion Tracking also uses “cookies”, which are stored on your computer and enable your use of the website to be analyzed. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Under no circumstances will Google link the data with other Google data. You can generally prevent the use of cookies by prohibiting the storage of cookies in your browser.
GOOGLE reCAPTCHA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
GOOGLE TAG MANAGER
This website uses the “Google Tag Manager”, a service of the following provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”). Google Tag Manager provides a technical basis for bundling various web applications, including tracking and analysis services, and for calibrating, controlling and linking them to conditions via a uniform user interface at
. Google Tag Manager itself does not store or read any information on user devices. The service also does not carry out any independent data analyses. However, Google Tag Manager transmits your IP address to Google when you access a page and may store it there. Transmission to servers of Google LLC. in the USA is possible. This processing will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. Without this
consent, Google Tag Manager will not be used during your visit to our website. You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “cookie consent tool” provided on the website. We have concluded an order processing contract with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties. For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of
an adequacy decision by the European Commission. Further legal information on Google Tag Manager can be found at https://business.safety.google/intl/de/privacy/ and
GOOGLE ADS REMARKETING
This website uses retargeting technology from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland For this purpose, Google sets a cookie in the browser of your end device, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you visit. Any further data processing will only take place if you have consented to Google linking your internet and app browsing history to your Google account and using information from your Google account to personalize ads that you view on the web. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, Google temporarily links your personal data with Google Analytics data in order to create target groups. As part of the use of Google Ads Remarketing, personal data may also be transmitted to the servers of Google LLC. in the USA. All processing described above, in particular the setting of cookies for reading information on the terminal device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a GDPR. Without this consent, retargeting technology will not be used during your visit to the website. You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “cookie consent tool” provided on the website. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission. Details on the processing initiated by Google and how Google handles data from websites can be found here: https://policies.google.com
https://business.safety.google
USE OF THE META PIXEL
Within our online offering, we use the “Meta Pixel” service of the following provider: Meta Platforms Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland (“Meta”) If a user clicks on an advertisement placed by us on Facebook and/or Instagram, “Meta Pixel” is used to add a parameter to the URL of our linked page. This URL parameter is then entered into the user’s browser after redirection by a cookie that our linked page sets itself. This makes it possible for Meta to determine the visitors to our online offer as a target group for the display of advertisements (so-called “ads”). Accordingly, we use the service to display the Facebook and/or Instagram ads placed by us only to those users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited), which we transmit to Meta (so-called “custom audiences”). On the other hand, the “Meta Pixel” can be used to track whether users have been redirected to our website after clicking on an advertisement and what actions they take there (so-called “conversion tracking”). The data collected is anonymous to us and does not allow us to draw any conclusions about the identity of the user. However, the data is stored and processed by Meta so that a connection to the respective user profile is possible and Meta can use the data for its own advertising purposes. All processing described above, in particular the setting of cookies for reading information on the terminal device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the “cookie consent tool” provided on the website. The information generated by Meta is usually transferred to a Meta server and stored there; in this context, it may also be transferred to Meta Platforms Inc. servers in the USA. Further information can be found here: https://www.meta.com/de-de/help/quest/articles/accounts/privacy-information-and-settings/meta-privacy-policies/ For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission. This website is not part of the Facebook website or Facebook Inc. Furthermore, this website is not supported by Facebook in any way. Facebook is a brand of Facebook, Inc. We use remarketing pixels/cookies from Google and Google Marketing Platform tools such as Doubleclick pixels/cookies on this website to re-communicate with visitors to our website and ensure that we can reach them with relevant messages and information in the future.
Google places our ads on third-party websites on the Internet to communicate our message and reach the right people who have shown interest in our information in the past.
LINKEDIN INSIGHT
This website uses retargeting technology from the following provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland This makes it possible to target visitors to our website with personalized, interest-based advertising who have already shown an interest in our website and our products. The advertising material is displayed on the basis of a cookie-based analysis of previous and current usage behavior, but no personal data is stored. In the case of retargeting technology, a cookie is stored on your computer or mobile device in order to collect pseudonymized data about your interests and thus adapt the advertising individually to the stored information. These cookies are small text files that are stored on your computer or mobile device. They are used to display advertising that is highly likely to match your product and information interests. All processing described above, in particular the setting of cookies for reading information on the terminal device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a GDPR. Without this consent, retargeting technology will not be used during your visit to the website. You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “cookie consent tool” provided on the website.
USE OF SALESVIEWER® TECHNOLOGY
This website uses SalesViewer® technology from SalesViewer® GmbH to collect and store data for marketing, market research and optimization purposes on the basis of the website operator’s legitimate interests (Art. 6 (1) (f) GDPR); however, this data is not used for advertising purposes. For this purpose, a Javascript-based code is used to collect company-related data and use it accordingly. The data collected using this technology is encrypted using a non-reversible one-way function (known as hashing). The data is pseudonymized and is not used to personally identify the visitor to this website. The data stored by Salesviewer is deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. You can object to the collection and storage of data at any time with effect for the future by clicking on this link https://www.salesviewer.com/opt-out to prevent SalesViewer® from collecting data on this website in the future. An opt-out cookie for this website will be stored on your device. If you delete your cookies in this browser, you must click this link again.
USE OF THE USERLIKE CHAT SOFTWARE
SAE uses chat software from the company Userlike UG (haftungsbeschränkt), Probsteigasse 44-46, 50670 Cologne, Germany. You can use the chat like a contact form to chat with our employees almost in real time. The following personal data is collected when you start the chat:
- Date and time of the call
- URL of the previously visited website
- If indicated: First name, last name and e-mail address
Depending on the course of the conversation with our employees, further personal data may be collected in the chat and entered by you. The nature of this data depends largely on your query or the problem you describe to us. The purpose of processing all this data is to provide you with a quick and efficient means of contact and thus improve our customer service. All our employees have been and will continue to be trained in data protection and how to handle customer data securely and confidentially. All of our employees are obliged to maintain confidentiality and have signed an addendum to their employee contracts to commit to confidentiality and compliance with data protection.
By accessing the website www.sae-portal.de, the chat widget is loaded in the form of a JavaScript file from AWS Cloudfront. The chat widget technically represents the source code that is executed on your computer and enables the chat.
In addition, SAE stores the chat history for a period of 12 months. This serves the purpose of sparing you extensive explanations of the history of your request and for the constant quality control of our chat offer. Processing is therefore permitted in accordance with Art. 6 para. 1 letter f GDPR. If you do not wish this, you are welcome to inform us using the contact details below. We will then delete saved chats immediately. The storage of chat data also serves the purpose of ensuring the security of our information technology systems. This is also our legitimate interest, which is why processing is permitted under Art. 6 (1) (f) GDPR.
Further information can be found in the privacy policy of Userlike UG (haftungsbeschränkt).
APPOINTMENT BOOKING VIA CALENDLY
This website uses Calendly for the online appointment booking service. This site offers an external platform for making appointments. The appointment scheduling function is integrated into the source code of our website via a script. By using the appointment scheduling function, you automatically use the services of Calendly LLC(https://calendly.com/). Data is transferred there for security and documentation purposes of SAE Applications for Digitalization GmbH. The data collected includes: Name, e-mail address, company, department/position, telephone number, IP address (at the time the appointment is made), agreed date and agreed time. This data is not passed on to third parties and is only used for the administration and organization of appointments and for internal statistics. By using the appointment booking service, you agree that you consent to this. You can find more information from Calendly here: https://calendly.com/pages/privacy We expressly point out that you are not obliged to use this service to make an appointment. You can also use other options that we have indicated under the menu item “Contact”.
BORLABS COOKIE
This website uses Borlabs Cookie, which sets a technically necessary cookie (borlabs-cookie) to store your cookie consent. Borlabs Cookie does not process any personal data. The borlabs cookie stores the consent you gave when you entered the website. If you wish to revoke this consent, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked for your cookie consent again. Borlabs stores the data for 1 year.
USE OF OWN “COOKIES
This website uses its own “cookies” to increase user-friendliness (“cookies” are data records that are sent from the web server to the user’s browser and stored there for later retrieval). No personal data is stored in our own cookies. You can generally prevent the use of cookies by prohibiting the storage of cookies in your browser.
HANDLING OF BUSINESS CARDS
When handing over or exchanging business cards, you provide us with personal data such as your telephone number or e-mail address. We will only use this information to stay in contact with you. If you do not purchase any products or services from our range, we will delete your contact details after a reasonable period of time.
You have the right to information, deletion or correction at any time.
INFORMATION ON FURTHER DATA PROCESSING PROCEDURES
SPECIFIC INFORMATION ON THE APPLICATION PROCEDURE
Data concerned:
Application details
Processing purpose:
Implementation of the application procedure
Categories of recipients:
Public authorities in the case of overriding legal provisions. External service providers or other contractors. Other external bodies if the data subject has given their consent or transmission is permitted for reasons of overriding interest.
Third country transfers:
Processors outside the European Union may also be used in the performance of the contract.
Duration of data storage:
Application data will generally be deleted within six months of notification of the decision, unless consent to longer data storage has been given.
SPECIFIC INFORMATION ON THE PROCESSING OF CUSTOMER DATA/PROSPECT DATA
Data concerned:
Data provided for the performance of the contract; any additional data for processing on the basis of your express consent.
Processing purpose:
Contract execution.
Categories of recipients:
Public authorities in the event of overriding legal provisions External service providers or other contractors. Other external bodies if the data subject has given their consent or transmission is permitted for reasons of overriding interest.
Third country transfers:
Processors outside the European Union may also be used in the performance of the contract.
Duration of data storage:
The duration of data storage depends on the statutory retention obligations and is generally 10 years.
SPECIFIC INFORMATION ON THE PROCESSING OF EMPLOYEE DATA
Data concerned:
Data provided for the performance of the contract; any additional data for processing on the basis of your express consent.
Processing purpose:
Contract execution.
Categories of recipients:
Public authorities in the case of overriding legal provisions. External service providers or other contractors. Other external bodies if the data subject has given their consent or transmission is permitted for reasons of overriding interest.
Third country transfers:
Processors outside the European Union may also be used in the performance of the contract.
Duration of data storage:
The duration of data storage depends on the statutory retention obligations and is generally 10 years.
SPECIFIC INFORMATION ON THE PROCESSING OF SUPPLIER DATA
Data concerned:
Data provided for the performance of the contract; any additional data for processing on the basis of your express consent.
Processing purpose:
Contract execution.
Categories of recipients:
Public authorities in the case of overriding legal provisions. External service providers or other contractors. Other external bodies if the data subject has given their consent or transmission is permitted for reasons of overriding interest.
Third country transfers:
Processors outside the European Union may also be used in the performance of the contract.
Duration of data storage:
The duration of data storage depends on the statutory retention obligations and is generally 10 years.
SPECIFIC INFORMATION ON THE USE OF VIDEO CONFERENCING SOFTWARE AND WEBINAR SOFTWARE
Data concerned:
Data provided for the use of the video conference software or the webinar software (in particular first name, surname, e-mail address; optional – after consent: Audio transmission; optional – after consent: Image transmission; optional: questions when using chat functions); to the extent technically necessary, processing of data from your system to establish the connection with the provider of the video conferencing software or the webinar software.
Processing purpose:
Conducting video conferences and webinars.
Categories of recipients:
Public authorities in the event of overriding legal provisions. External service providers or other contractors, including data processing and hosting. Other external bodies if the data subject has given their consent or transmission is permitted for reasons of overriding interest.
Third country transfers:
Processors outside the European Union are used (here: United States of America); standard contractual clauses have been concluded with the service provider accordingly.
Duration of data storage:
Video conferences or webinars will only be recorded with the prior documented consent of the participants. The technical data will be deleted if it is no longer required. The duration of data storage is otherwise based on the statutory retention obligations and is generally 10 years.
FURTHER INFORMATION AND CONTACTS
In addition, you can assert your rights to rectification or erasure or to restriction of processing or to exercise your right to object to processing as well as the right to data portability at any time. You can contact us by e-mail or letter here. You also have the right to contact the data protection supervisory authority if you have a complaint.