Data privacy statement

I Controller name and contact details

Responsible for data processing within the meaning of data protection law:

 

Company:
Address:
Tel.:
Fax:
Email:

SITEC Industrietechnologie GmbH
Bornaer Straße 192, 09114 Chemnitz
+49 371 4708 241
+49 371 4708 240
info@sitec-technology.de

II Data Protection Officer

If you have any questions about data protection, please feel free to contact our Data Protection Officer:

 

Name:
Email:

Ms Kerstin Hösel
datenschutz@sitec-technology.de

III General information on data processing

Scope of and legal bases for processing personal data

When you use our website, your personal data (hereinafter simply “data”) will be processed. This data can include such items as your name, address, email address and other personal information. In this context, processing essentially means any manner of handling this data whatsoever.

We process our users’ data only to the extent necessary to provide our content and services and a fully functioning website. As a rule, we process our users’ data only with the user’s consent. Art. 6 (1) a) GDPR provides the legal basis for this. An exception to this rule applies in those cases where it is not possible to obtain prior consent for practical reasons and where statutory regulations permit the data to be processed. Such cases are covered primarily by Art. 6 (1) b) GDPR and Art. 6 (1) f) GDPR. Art. 6 (1) b) GDPR provides the legal basis for the processing of personal data that is necessary to perform a contract to which the data subject (the user) is party. This also applies for processing that is necessary for implementing measures prior to entering into a contract, for example tendering processes. Art. 6 (1) f) GDPR provides the legal basis where processing is necessary to safeguard the legitimate interests of our company or a third party, and where such interests are not outweighed by the interests or fundamental rights and freedoms of the data subject (the user).

In Section IV you can find more detailed information on how your data is processed when you use the www.sitec-technology.de or configurator.sitec-technology.de websites and in Section V on further data processing outside our website.

 

 

Transferring data

In order to be able to offer you all of the features on the www.sitec-technology.de and configurator.sitec-technology.de websites, we also use the services of selected service providers who process data on our behalf and in our name. In this case, we transfer data only within the scope of legally permissible contract processing to service providers who have been carefully selected by us and with whom we have written service agreements. These providers receive only the data necessary to fulfil the contract. This includes the following categories of contractors:

 

  • Web hosting services
  • Website analysis services
  • Multimedia platforms

In addition, data may be transferred to service providers (representatives) who assist us with the implementation of measures prior to entering into a contract (tendering processes). These providers are also carefully selected by us. Art. 6 (1) f) GDPR provides the legal basis for such data transfer, whereby our legitimate interest lies in the prompt processing of your requests and the regional proximity to our potential clients. In this case, too, only the data that is necessary to fulfil the contract is transferred.

As SITEC Automation GmbH is also advertised on this website, relevant data will also be transferred to our subsidiary.

 

 

Transfer of data outside the borders of the EU

In general, the data we collect is stored exclusively on servers located within the European Union. As stated in Section IV and, where applicable, V of this data privacy statement, we occasionally use services whose providers are sometimes located in so-called third countries (such as the USA), i.e. countries in which the level of data protection is not equivalent to that of the European Union. Where this is the case and the European Commission has not adopted an adequacy decision (Art. 45 GDPR) for these countries, we have taken appropriate precautionary measures to improve the level of data protection for any and all data transfers, such as agreeing on standard European Union contractual clauses with the respective provider. Where this is not possible, we base the transfer of data on the derogations of Art. 49 GDPR, particularly your express consent. Insofar as data is to be transferred to a third country where no adequacy decision or appropriate safeguards are in place, it is possible and there is a risk that authorities in the respective third country (e.g. intelligence services) could gain access to the transferred data in order to collect and analyse it, and that your ability to enforce your rights as the data subject may not be guaranteed. Where your consent is obtained by way of the cookie banner, you will also be informed of this accordingly.

 

 

Duration of storage

The data will be erased as soon as the reason for its storage no longer applies. You can find more information on the individual types of processing in Sections IV and V. Data may be stored beyond this period where stipulated by the European or national legislators in EU legal regulations, laws or other regulations to which the Controller is subject. Data will also be blocked or erased upon expiry of a storage period dictated by the aforementioned standards, unless it is necessary to continue to store the data for the purpose of entering into or fulfilling a contract.

 

 

Data security

All data stored with SITEC, data processors or representatives (where applicable) is protected against unauthorised access, loss and alteration using the latest security standards.

This involves taking extensive technical and organisational security precautions at a standard that is at least adequate to satisfy the legal requirements.

 

 

Your rights and options for lodging complaints

You have the following rights vis-à-vis our company in respect of the data relating to you:

 

  • Right of access to information regarding the processing of your data
  • Right to rectification in the event that data stored by us is incorrect or out of date
  • Right to erasure unless other legal purposes require us to continue storing your data
  • Right to restriction of processing, for example if you are of the opinion that data stored by us is out of date
  • Right to data portability
  • Right to object to processing, for example where such is performed on the basis of Art. 6 (1) f) GDPR
  • Right to withdraw your consent

You can exercise all of these rights by contacting our Data Protection Officer at datenschutz@sitec-technology.de.

You also have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your personal data. The competent supervisory authority in Saxony is: The Data Protection Officer for Saxony, Devrientstraße 5, 01067 Dresden, Germany.

 

 

 

IV Data processing in detail

Provision of our website and IT security

Ultimately, we process data in your and our interest in order to ensure the integrity, confidentiality and availability of the data-processing systems, i.e. particularly the security and availability of your data on  

Art. 6 (1) f) GDPR provides the legal basis for processing this data, whereby our legitimate interest lies in the maintenance and secure provision of our services.

We do not permanently store or analyse log files for reasons of data protection.

 

 

Email contact

At various points in our website, it is possible to contact us by email using the email address provided. This data is not transferred to third parties or is only transferred to SITEC Automation GmbH and our representatives. The data is used exclusively to process the request.

Art. 6 (1) f) GDPR provides the legal basis for processing in this case. Our legitimate interest in processing the data lies in establishing contact. Art. 6 (1) b) GDPR provides the legal basis for processing data where the purpose of the email contact is to conclude a contract.

The data is deleted once the purpose no longer exists or the communication has been terminated. If a tendering process occurs in the course of the communication, the processed data will be deleted when the retention periods provided for this purpose have expired.

 

 

Email contact for job applications

The website provides an email address for job applications. The data entered here and the attached documents, provided they contain personal data, will be forwarded to the in-box provided for this purpose. The legal basis is Art. 6 (1) b) and Art. 88 (1) GDPR in connection with Section 26 (1) sentence 1 of the German Federal Data Protection Act (BDSG). If no contractual relationship is established on the basis of your application, the data will be deleted after six months at the latest as the purpose for processing the data no longer exists. Where you have given us your separate consent to do so, we will store your data for a further 24 months to enable us to contact you within this period if we have any other suitable positions for you.

 

 

Contact form

We also use contact forms on our website so that you can arrange appointments for online presentations with us, for example. In this case, we only collect the data provided by you that is necessary to process your request. The fields for the necessary data are marked as mandatory. If we ask you for more details, this information is voluntary. We only use this information to tailor the requested service (via the contact form) even better to your needs.

Art. 6 (1) a) GDPR provides the legal basis for data processing in this case. Before the contact form is transmitted, we will obtain your consent for the processing of the data and refer you to this data privacy statement. The data is deleted once the purpose no longer exists or the communication has been terminated. Art. 6 (1) b) GDPR provides the additional legal basis where contractual relationships, tendering processes, etc., are formed on the basis of the communication, and the data will only be deleted when the retention periods provided for this purpose have expired.

Further, you also have the option of withdrawing your consent as described under Section III. In this case, all personal data stored as a result of your contacting us will be erased. In such cases, the conversation cannot be continued.

 

 

LS product configurator

SITEC offers you a product configurator for submitting individualised requests for quotations. Personal data is collected (company, name, email address, telephone number) in the final step of this process. The data entered here and the attached documents are stored on the server of the hosting provider and then forwarded via email to the in-box provided for this purpose. This process is purely internal to the server, which effectively rules out any risk to the privacy of your data.

The legal basis for processing is provided by Art. 6 (1) f) GDPR as we have a legitimate interest in being able to advise and contact you individually and personally. The data is deleted once the purpose no longer exists or the communication has been terminated. Art. 6 (1) b) GDPR provides the additional legal basis where contractual relationships, tendering processes, etc., are formed on the basis of the communication, and the data will only be deleted when the retention periods provided for this purpose have expired.

 

 

Embedding videos via Vimeo

We use videos on this website. Videos are a good way to convey content better and make it more understandable. They give you a better insight into our technologies, products and services. We use the service provider Vimeo (Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA) for this purpose. Where videos are embedded, a request is sent to the Vimeo server in the USA for technical reasons. As regards the use of data sent from your browser or end device in such cases, we refer you to Vimeo’s Privacy policy at https://vimeo.com/privacy as they are the party responsible for the processing of data in this case.

The legal basis is provided by Art. 6 (1) f) GDPR, whereby the legitimate interest lies in the transmission of the technically essential data to Vimeo. Further, we embed the videos strictly in “Do Not Track” mode so that only a minimum amount of personal data is transmitted to Vimeo.

 

 

Link to our social media presence by way of graphics

On our website we also advertise our presence on the LinkedIn, Xing and YouTube (the website operated by Google) social networks in order to raise our company’s profile. The legal basis is Art. 6 (1) f) GDPR, whereby the underlying commercial purpose serves as the legitimate interest.

The social networks listed above are integrated into our website by means of a linked graphic. This prevents a connection being automatically established to the social network server when you call up our website. You will only be forwarded to a social network if you click on the corresponding graphic. After the user has been forwarded, the following data may be collected by the respective network: IP address, date, time and webpage visited. If you are logged into your user account with the respective social media service, the information collected may be assigned to your personal account. In this case, the possibility cannot be ruled out the data collected in this way may be processed in the USA, depending on the provider.

If you leave our website in the manner described above, the terms of use of the respective social networks apply. You can therefore find more information on data privacy under the following links:

 

  • YouTube
    Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland,
    a subsidiary of
    Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA
    Privacy policy: https://policies.google.com/privacy
  • LinkedIn
    LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Irland,
    a subsidiary of
    LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085 USA.
    Privacy policy: https://www.linkedin.com/legal/privacy-policy

 

 

Use of cookies

Our website and the LS product configurator (see Point 5.) use cookies. Cookies are small text files that are stored in the browser of your end device when you visit our website and that allow us to recognise you on your next visit. All cookies are listed in the SITEC data privacy settings (“cookie banner”).

We use the following cookies:

 

  • Necessary cookies

These cookies (also known as technically essential cookies) are necessary to operate the website and cannot be disabled. The purpose of these cookies is to make it easier for the user to use the relevant webpages. Art. 6 (1) f) GDPR provides the legal basis for this processing; our legitimate interest lies in the user-friendly design of our website. If your browser is configured to generally disable cookies, you may not be able to use parts of this website.

You can find specific information on the cookies used (e.g. name, purpose, lifetime/duration of storage) under the following link:

 

Edit Cookie-Settings

 

  • Analysis cookies

These cookies (also known as statistics cookies) collect anonymous information that helps us to understand how you use our website. This enables us to improve both quality and content. When you access our website, we inform you that we use analysis cookies and obtain your consent for processing your data. The legal basis is thus Art. 6 (1) a) GDPR.

Please use the following link to check the specific information on the cookies used (e.g. name, purpose, lifetime/duration of storage), to change the cookie settings or to withdraw your consent at any time:

 

Edit Cookie-Settings

 

Data processing for web analysis

We use the services of the following providers for the processing of data for the purpose of web analysis:

 

  • etracker

On our website we use the technologies of etracker GmbH (Erste Brunnenstraße 1, 20459 Hamburg, Germany) to analyse user data. Specifically, this data comprises the number of visits, the length of the visit, device, origin, movement data during the visit to our homepage, and browser. We do not use etracker cookies for web analysis by default. Where we use analysis and optimisation cookies, Point 10. of this data privacy statement applies and we will obtain your separate explicit consent in advance. etracker cookies do not contain any information that would allow a user to be identified.


The data generated with etracker is processed and stored by etracker on our behalf in Germany only and is, as such, subject to the strict German and European data privacy laws and standards. In this regard, etracker has been independently screened, certified and awarded the data privacy seal of approval, ePrivacyseal.

The legal basis is Art. 6 (1) f) GDPR; our legitimate interest lies in optimising our range of online services and our website. As the privacy of our visitors is important to us, the data that could potentially be associated with a specific individual, such as IP address, login or device identifiers, is anonymised or pseudonymised as early as possible. This data is not used for any other purpose, combined with other data or forwarded to third parties. You can object to the above data processing at any time. Your objection will have no adverse consequences.

You can find more information about etracker’s data privacy policy at https://www.etracker.com/datenschutz/.

 

  • Google Analytics

We use the analysis service Google Analytics for our LS product configurator. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The contact for data protection is Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses cookies (see Point 10.) to analyse and enable the improvement of our website based on your user behaviour. The information generated by the cookie about your use of the configurator is generally sent to a Google server in the USA and stored there. Google will use this information on our behalf to evaluate your use of the website, to compile reports on activities on this website and to offer us other services relating to the use of this website and the Internet. In the process, pseudonymous user profiles may be created using the processed data.

We only use Google Analytics with the IP anonymisation feature enabled. This means that the user’s IP address will be truncated by Google within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. The IP address transmitted by the user’s browser will not be associated with any other data held by Google. Users can prevent the installation of cookies by setting their browser software accordingly. Additionally, transmission of the data generated by the cookie and related to the use of the configurator to Google, and the processing of this data by Google, can be prevented by downloading and installing the following browser plug-in: https://tools.google.com/dlpage/gaoptout?hl=de.

As an alternative to the browser plug-in, you can click on this link to prevent Google Analytics from collecting data on this website in the future. This installs an opt-out cookie on your end device. If you delete your cookies, you will have to click on the link again.

The legal basis is Art. 6 (1) a) GDPR as your data is processed as described above only with your explicit consent. You can also withdraw your consent as described under Point 10.

You can find more information about Google Analytics and privacy settings in Google Inc.’s Privacy Policy https://policies.google.com/privacy and Terms of Service https://www.google.com/analytics/terms/de.html.

 

 

V Internal Data Protection Regulations

 

In cases where we collect and process your personal data not only via our website, we refer you to our Internal Data Protection Information.