Privacy law
1. Data protection at a glance
General information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is all data that can be used to identify you personally. Detailed information about data protection is provided in our Privacy Policy beneath this text.
Data collection on this website
Who is the data controller responsible for data collection on this website?
Data on this website is processed by the website operator. You can find the website operator's contact details in the "Information about the data controller" section of this Privacy Policy.
How do we collect your data?
In the first instance, we collect you data when you provide it to use. This may be data that you enter on a contact form, for example
Other data is collected automatically or with your consent by our IT systems when you visit the website. This is primarily technical data (e.g. web browser, operating system and time that a page is accessed). This data is collected automatically as soon as you access this website.
What do we use your data for?
Some data is collected to ensure that the website is provided without errors. Other data may be used to analyse your user behaviour. If contracts can be entered into or steps prior to entering in a contract can be completed via the website, the data that is sent is also processed for contract offers, orders and other order enquiries.
What rights do you have regarding your data?
You have the right at any time to obtain information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to request that such data is corrected (rectified) or deleted (erased). If you have given your consent to data processing, you may withdraw such consent at any time with effect for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time if you have further questions about data protection.
Analysis tools and tools from third-party providers
When you visit this website, your browsing behaviour can be analysed statistically. This analysis is mainly run using analytics programs.
Detailed information about these analytics programs is provided in the Privacy Policy below.
2. Hosting
We host the content of our website with the following provider:
External hosting
This online shop is hosted externally. The personal data collected on this website is stored on the servers of the host(s). This may include IP addresses, contact requests, metadata and communication data, contract data, contact details, names, website views and other data generated via a website.
External hosting is for the purpose of performing a contract with our potential and existing customers (Article 6(1)(b) GDPR) and in the interest of providing our online presence securely, quickly and efficiently using a professional provider (Article 6(1)(f) GDPR). If applicable consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG), insofar as the consent includes storing cookies or accessing information on the user's device (e.g. device fingerprinting) within the meaning of the German Telecommunications Digital Services Data Protection Act (TDDDG). Such consent can be withdrawn at any time.
Our host(s) shall only process your data to the extent necessary to fulfil their performance obligations and they follow our instructions with regard to such data.
We use the following host(s):
e-vendo AG
Storkower Str. 207
10369 Berlin, Germany
3. General and mandatory information
Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this Privacy Policy.
When you use this website, a range of personal data is collected. Personal data is data that can be used to identify you personally. This Privacy Policy explains what data we collect and what we use it for. It also explains how and for what purpose we collect and use your data.
Please note that sending data over the Internet (e.g. when communicating by email) may not be secure. It is not possible to protect data completely from being accessed by third parties.
Information about the data controller
The data controller responsible for the processing of data on this website is:
SKS metaplastScheffer-Klute GmbH
Zur Hubertushalle 4
59846 Sundern, Germany
Phone: +49 (0) 2933 831-0
Email: service@sks-germany.com
The data controller is the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).
Storage period
Unless a more specific storage period has been specified in this Privacy Policy, we retain your personal data until the purpose for processing the data no longer applies. If you make a justified request for deletion (erasure) or you withdraw your consent to the processing of data, your data shall be deleted, unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data shall be deleted (erased) once these reasons no longer apply.
General information regarding the legal bases for processing data on this website
If you have consented to data being processed, we process your personal data on the basis of Article 6(1)(a) GDPR or on the basis of Article 9(2)(a) GDPR if special categories of data in accordance with Article 9(1) GDPR are processed. With express consent to transfer personal data to third countries, data is also processed on the basis of Article 49(1)(a) GDPR. If you have consented to cookies being stored or to information being accessed on your device (e.g. via device fingerprinting), data is also processed on the basis of Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG). Such consent can be withdrawn at any time. If your data is required to perform a contract or to take steps prior to entering into a contract, we process your data on the basis of Article 6(1)(b) GDPR. We also process your data if necessary to fulfil a legal obligation on the basis of Article 6(1)(c) GDPR. We may also process data on the basis of our legitimate interest in accordance with Article 6(1)(f) GDPR. Information about the relevant legal bases in each individual case is provided in the paragraphs of this Privacy Policy below.
Data protection officer
We have appointed a data protection officer for our company. You can contact the data protection officer by email at: datenschutz@sks-germany.com
Recipients of personal data
In the course of our business, we work with various external organisations. In some cases, it is also necessary to transfer personal data to these external organisations. We only disclose personal data to external organisations if this is necessary to perform a contract, if we are legally obliged to do so (e.g. disclosing data to tax authorities), if we have a legitimate interest in disclosing data in accordance with Article 6(1)(f) GDPR or if another legal basis permits us to disclose data. When we use processors to process data on our behalf, we only disclose our customers' personal data on the basis of a valid data processing agreement with the processor. Where we are joint controllers, we conclude a joint processing agreement.
Withdrawal of your consent to data processing
Many data processing operations are only possible with your express consent. You can withdraw consent you have given in the past at any time. The lawfulness of the data processing that is carried out prior to withdrawal remains unaffected by withdrawal.
Right to object to the collection of data in particular cases and to direct marketing (Article 21 GDPR)
If data is processed on the basis of Article 6(1)(e) or (f) GDPR, you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation, including to profiling based on those provisions. The legal basis for processing in each case is provided in this Privacy Policy. If you object, we will no longer process your personal data that is affected, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the processing is for the establishment, exercise or defence of legal claims (objection according to Article 21(1) GDPR).
Where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object, your personal data shall then no longer be used for the purpose of direct marketing (objection according to Article 21(2) GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of infringements of GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement. The right to lodge a complaint is without prejudice to any other administrative or judicial remedies.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or to perform a contract provided to you or to a third party in a commonly used and machine-readable format. If you request that the data is transmitted directly to another controller, this will only be done to the extent that it is technically feasible.
Access, rectification (correction) and erasure (deletion)
Under applicable statutory provisions, you have the right at any time to obtain information free of charge about your stored personal data, its origin and recipients and the purpose of the data processing; you also, if relevant, have a right to such data being rectified (corrected) or erased (deleted). You can contact us at any time if you have further questions about personal data.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. You have the right to obtain the restriction of processing in the following cases:
- If you contest the accuracy of your personal data that we store, we usually need time to verify the accuracy of the data. For the period we need to verify the accuracy, you have the right to request that the processing of your personal data is restricted.
- If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of erasure (deletion).
- If we no longer need your personal data, but you need it for the establishment, exercise or defect of legal claims, you have the right to request the restriction of the processing of your personal data instead of its erasure (deletion).
- If you have made an objection in accordance with Article 21(1) GDPR, a balance must be struck between your interests and our interests. While it has not yet been determined whose interests are overriding, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, such data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.
SSL/TLS encryption
This site uses SSL/TLS encryption for security reasons and to protect the transfer of confidential content, such as orders or enquiries that you send to us, as the site operator. You can see whether a connection is encrypted in the address line of your browser, which changes from "http://" to "https://", and from the lock icon on your browser bar.
If SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Encrypted payment transactions on this website
If you are required to provide us with your payment details (e.g. account number for direct debit authorisation) after concluding a contract for a charge, this data is required for payment processing.
Payment transactions via the usual means of payment (Visa/MasterCard; direct debit) are processed exclusively over an encrypted SSL/TLS connection. You can see whether a connection is encrypted in the address line of your browser, which changes from "http://" to "https://", and from the lock icon on your browser bar.
Using encrypted communication, the payment details you transmit to us cannot be read by third parties.
Objection to advertising emails
We hereby object to the use of contact details published in our legal notice to send unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action in the event of that unsolicited advertising information, such as spam emails, are sent to us.
4. Data collection on this website
Cookies
Our website uses cookies. Cookies are small data packets and do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or until they are deleted automatically by your web browser.
Cookies may originate from us (first-party cookies) or from third-party companies (third-party cookies). Third-party cookies allow us to integrate certain services from third-party companies into the website (e.g. cookies for processing payment services).
Cookies have various functions. A lot of cookies are necessary for technical reasons, as certain website functions would not work without them (e.g. the shopping basket function or displaying videos). Other cookies can be used to analyse user behaviour or for advertising purposes.
Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping basket function) or to optimise the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Article 6(1)(f) GDPR, unless another legal basis is stated. The website operator has a legitimate interest in the storage of necessary cookies in order to provide its services free of technical errors and with optimisation. If consent to the storage of cookies and comparable recognition technologies has been requested, the data is processed exclusively on the basis of such consent (Article 6(1)(a) GDPR and Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG)); such consent can be withdrawn at any time.
You can change the settings on your browser so that you are informed when cookies are created and only allow cookies in individual cases, exclude cookies from being accepted in certain cases or in general and enable automatic deletion of cookies when you close your browser. If cookies are disabled, the functionality of this website may be restricted.
This Privacy Policy describes the cookies and services that are used on this website.
Server log files
The website provider automatically collects and stores information in server log files, which your browser sends to us automatically. This means the following information:
- Browser typeand browser version
- Operatingsystem you are using
- Referrer URL
- Host name ofthe accessing computer
- Time of theserver request
- IP address
This data is not combined with other sources of data.
This data is collected on the basis of Article 6(1)(f) GDPR. The website operator has a legitimate interest in presenting its website free of errors and in optimising its website – the server log files have to be recorded for this purpose.
Contact form
If you send us enquiries using the contact form, we store your details from the enquiry form, including the contact details you provide on the form, for the purpose of processing the enquiry and in the event of any follow-up queries. We do not disclose this data without your consent.
This data is processed on the basis of Article 6(1)(b) GDPR if your enquiry is related to the performance a contract or is necessary in order to take steps prior to entering into a contract. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries that are addressed to us (Article 6(1)(f) GDPR) or based on your consent (Article 6(1)(a) GDPR) if consent has been requested; such consent can be withdrawn at any time.
We retain the data you provide on the contact form until you request that it is erased (deleted), withdraw your consent to the data being stored, or the purpose for storing the data no longer applies (e.g. after we have finished processing your enquiry). Mandatory statutory provisions – in particular retention periods – remain unaffected.
Enquiry by email, phone or fax
If you contact us by email, phone or fax, we process and store your enquiry, including all personal data (name and details of enquiry), for the purpose of processing your request. We do not disclose this data without your consent.
This data is processed on the basis of Article 6(1)(b) GDPR if your enquiry is related to the performance a contract or is necessary in order to take steps prior to entering into a contract. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries that are addressed to us (Article 6(1)(f) GDPR) or based on your consent (Article 6(1)(a) GDPR) if consent has been requested; such consent can be withdrawn at any time.
We retain the data you send to us in contact requests until you request that it is erased (deleted), withdraw your consent to the data being stored, or the purpose for storing the data no longer applies (e.g. after we have finished processing your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
5. Analytics tools and advertising
Google Analytics
This website uses functions provided by the Google Analytics web analytics service. The service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyse the behaviour of website visitors. For this purpose, the website operator receives a range of different usage data, such as page views, session length, operating systems used and origin of the user. This data is combined in a user ID and assigned to the relevant device of the website visitor.
We can also use Google Analytics to record your mouse and scroll movements and clicks, as well as other data. Google Analytics also uses a range of modelling approaches to supplement the collected datasets and uses machine learning technologies for data analysis.
Google Analytics uses technologies that enabled the user to be recognised again for the purpose of analysing user behaviour (e.g. using cookies or device fingerprinting). The information collected by Google about use of this website is usually transferred to a Google server in the USA and stored there.
This service is used on the basis of your consent in accordance with Article 6(1)(a) GDPR and Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG). Such consent can be withdrawn at any time.
The data is transferred the USA on the basis of the standard contractual clauses of the EU Commission. For details, go to: https://privacy.google.com/businesses/controllerterms/mccs/
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to complying with these data protection standards. For more information from the provider, go to the following link: https://www.dataprivacyframework.gov/participant/5780.
IP anonymisation
Google Analytics IP anonymisation is enabled. This means that your IP address is truncated by Google within Member States of the European Union or in other signatory states to the Agreement on the European Economic Area before being sent to the USA. Only in exceptional cases is your full IP address transferred to a Google server in the USA and truncated there. On behalf of the operator of this website, Google uses this information to analyse your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The IP address sent by your browser for Google Analytics is not combined with other Google data.
Browser plugin
You can prevent your data being collected and processed by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
For more information about how Google Analytics handles user data, see Google's privacy policy at: https://support.google.com/analytics/answer/6004245?hl=en
Processing on behalf of the data controller
We have concluded a data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads makes it possible for us to display adverts in the Google search engine or on third-party websites when users enter specific search terms in Google (keyword targeting). Targeted adverts can also be displayed based on the user data that is available at Google (e.g. location data and interests) (audience targeting). As the website operator, we can assess this data quantitatively by analysing e.g. which search terms led to our ads being displayed and how many ads produced clicks.
This service is used on the basis of your consent in accordance with Article 6(1)(a) GDPR and Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG). Such consent can be withdrawn at any time.
The data is transferred the USA on the basis of the standard contractual clauses of the EU Commission. For details, go to: https://policies.google.com/privacy/frameworks and https://business.safety.google/controllerterms/.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to complying with these data protection standards. For more information from the provider, go to the following link: https://www.dataprivacyframework.gov/participant/5780.
Google Ads remarketing
This website uses the Google Ads remarketing features. The service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
We can use Google Ads remarketing to assign people who interact with our online offering to specific target groups so that we can then display interest-based advertising for them on the Google advertising network (remarketing/retargeting).
We can also link the advertising target groups created with Google Ads remarketing to Google's cross-device features. This means that interest-based, personalised advertising messages that have been customised for you depending on your previous usage and surfing behaviour on one device (e.g. mobile phone) can also be displayed on another device you use (e.g. tablet or PC).
If you have a Google account, you can object to personalised advertising by clicking on the following link: https://adssettings.google.com/anonymous?hl=en.
This service is used on the basis of your consent in accordance with Article 6(1)(a) GDPR and Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG). Such consent can be withdrawn at any time.
You can find more information and the data protection terms in Google's privacy policy at: https://policies.google.com/technologies/ads?hl=en.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to complying with these data protection standards. For more information from the provider, go to the following link: https://www.dataprivacyframework.gov/participant/5780.
Google Conversion Tracking
This website uses Google Conversion Tracking. The service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Using Google Conversion Tracking means that we and Google can recognise whether a user has performed certain actions. For example, we can analyse the buttons on our website that are clicked and how often and the products that are viewed or purchased particularly frequently. This information is used to create conversion statistics. We can see the total number of users who have clicked on our ads and what actions they have performed. We do not get any information that we can use to identify the user personally. Google itself uses cookies or comparable recognition technologies for identification purposes.
This service is used on the basis of your consent in accordance with Article 6(1)(a) GDPR and Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG). Such consent can be withdrawn at any time.
For more information about Google Conversion Tracking, see Google's privacy policy at: https://policies.google.com/privacy?hl=en.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to complying with these data protection standards. For more information from the provider, go to the following link: https://www.dataprivacyframework.gov/participant/5780.
Google DoubleClick
This website uses features provided by Google DoubleClick. The service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland (hereafter referred to as "DoubleClick").
DoubleClick is used to show you interest-based ads throughout the Google advertising network. Using DoubleClick means that the ads can be customised to the interests of each ad viewer. For example, our ads can be displayed in Google search results or on ad banners that are connected to DoubleClick.
To be able to display interest-based advertising to users, DoubleClick has to be able to recognise each viewer and link the websites visited, clicks and other information about user behaviour to users. DoubleClick uses cookies or comparable recognition technologies for this purpose (e.g. device fingerprinting). The information that is combined in a pseudonymous user profile to display interest-based advertising to the relevant user.
This service is used on the basis of your consent in accordance with Article 6(1)(a) GDPR and Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG). Such consent can be withdrawn at any time.
For more information about how to object to the ads displayed by Google, go to the following links:
https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated.
7. Newsletter
Newsletter data
If you would like to receive the newsletter we provide on the website, we require an email address from you, as well as information that allows us to verify that you are the owner of the email address that provided and that you consent to receiving the newsletter. Other data is not collected or is only collected on a voluntary basis. We use newsletter service providers, as described below, to process the newsletter.
rapidmail
This website uses rapidmail to send newsletters. The provider is rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg im Breisgau, Germany.
rapidmail is a service that can be used to organise and analyse the sending of newsletters. The data that you enter in connection with the newsletter is stored on rapidmail's servers in Germany.
Data analysis by rapidmail
For the purpose of the analysis, the emails sent with rapidmail contain a "tracking pixel", which connects to the servers of rapidmail when the email is opened. In this way, it is possible to determine if a newsletter message has been opened.
Furthermore, we can use rapidmail to determine whether and which links are clicked on in the newsletter message. All links in the email are tracking links, which can be used to count your clicks. If you do not want rapidmail to run any analysis, you have to unsubscribe from the newsletter. We provide a corresponding link to unsubscribe in each newsletter message.
For more information about rapidmail's analysis functions, go to the following link: https://de.rapidmail.wiki/kategorien/statistiken/.
Legal basis
The data is processed on the basis of your consent (Article 6(1)(a) GDPR). You can withdraw this consent at any time. The lawfulness of the data processing operations that are carried out prior to withdrawal remains unaffected by withdrawal.
Storage period
The data that we store in connection with the newsletter is saved by us or the newsletter service provider until you unsubscribe from the newsletter, and is removed from the newsletter distribution list after you have unsubscribed. Data that has been stored by us for other purposes remains unaffected by this.
After you have been removed from the newsletter distribution list, we or the newsletter service provider store your email address on a blacklist, as necessary to prevent you receiving mailings in future. The data on the blacklist is only used for this purpose and is not combined with other data. This is both in your interest and is in our interest in complying with the statutory requirements regarding sending newsletters (legitimate interest in accordance with Article 6(1)(f) GDPR). Data can be stored on the blacklist for an indefinite period of time. You may object to the storage of data if your interests outweigh our legitimate interests.
For more information, please refer to rapidmail's data privacy notice at: https://www.rapidmail.de/datensicherheit.
Processing on behalf of the data controller
We have concluded a data processing agreement for using the above service. This is a contract required by data protection law, which ensures that the service provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with GDPR.
8. Plugins and tools
YouTube
This website embeds videos from the YouTube website. The operator of the website is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit one of our websites that has embedded YouTube videos, a connection to the YouTube servers is established. This includes telling the YouTube server which of our pages you have visited.
YouTube may also store various cookies on your device or use comparable technologies to recognise you (e.g. device fingerprinting). This is how YouTube is able to obtain information about visitors to this website. Such information is used, among other things, to record video statistics, improve user-friendliness and to prevent attempts at fraud. The data that is collected is also processed in the Google advertising network.
If you are logged in to your YouTube account, you allow YouTube to associate your surfing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.
We use YouTube in the interest of presenting our online services in an appealing manner. This is a legitimate interest within the meaning of Article 6(1)(f) GDPR. If applicable consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG), insofar as the consent includes storing cookies or accessing information on the user's device (e.g. device fingerprinting) within the meaning of the German Telecommunications Digital Services Data Protection Act (TDDDG). Such consent can be withdrawn at any time.
For more information about how this user data is handled, see YouTube's privacy policy at: https://policies.google.com/privacy?hl=en.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to complying with these data protection standards. For more information from the provider, go to the following link: https://www.dataprivacyframework.gov/participant/5780.
Google Maps
This website uses the Google Maps service. The service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. This service allows to embed map data into our website.
Your IP address has to be stored in order to use the Google Maps functions. This information is usually transferred to a Google server in the USA and stored there. The provider of this website has no influence over the transfer of this data. If Google Maps is enabled, Google may use Google Fonts for the purpose of displaying fonts consistently. When you access Google Maps, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
We use Google Maps in the interest of presenting our online services in an appealing manner and to make it easy to find the places we refer to on the website. This is a legitimate interest within the meaning of Article 6(1)(f) GDPR. If applicable consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG), insofar as the consent includes storing cookies or accessing information on the user's device (e.g. device fingerprinting) within the meaning of the German Telecommunications Digital Services Data Protection Act (TDDDG). Such consent can be withdrawn at any time.
The data is transferred the USA on the basis of the standard contractual clauses of the EU Commission. For details, go to: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
For more information about how this user data is handled, see Google's privacy policy at: https://policies.google.com/privacy?hl=en.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to complying with these data protection standards. For more information from the provider, go to the following link: https://www.dataprivacyframework.gov/participant/5780.
Zendesk
We use the Zendesk CRM system to process user enquiries. The service is provided by Zendesk, Inc., 1019 Market Street in San Francisco, CA 94103, USA.
We use Zendesk to process your enquiries quickly and efficiently. This is a legitimate interest within the meaning of Article 6(1)(f) GDPR.
You can send enquiries by just entering your email address – you do not need to provide your name.
We will keep the messages you send to us until you ask us to delete them or the purpose for storing the data no longer applies (e.g. after your enquiry has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.
Zendesk has Binding Corporate Rules (BCR) that have been approved by the Irish Data Protection Authority. These are binding policies within a business that allow data to be transferred lawfully within a business to third countries outside the EU and the EEA. For details, go to: https://www.zendesk.de/blog/update-privacy-shield-invalidation-european-court-justice/.
If you do not agree to us processing your enquiry via Zendesk, you can communicate with us alternatively by email, phone or fax.
For more information, see Zendesk's privacy policy at: https://www.zendesk.de/company/customers-partners/privacy-policy/.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to complying with these data protection standards. For more information from the provider, go to the following link: https://www.dataprivacyframework.gov/participant/5304.
Zendesk chat functions
Our website allows to send us messages via a chat window. The chat functions are provided by Zendesk. If you use this chat window, we save your IP address in addition to your chat messages. You do not need to enter your name to use chat.
Processing on behalf of the data controller
We have concluded a data processing agreement for using the above service. This is a contract required by data protection law, which ensures that the service provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with GDPR.
9. ecommerce and payment providers
Processing customer data and contract data
We collect, process and use personal customer and contract data to establish, organise the content of and amend our contractual relationships (including enquiries about and the processing of any existing warranty and service disruption claims, as well as any statutory obligations to provide updates) and to arrange contracts between customers and dealers. We collect, process and use personal data about how this website is used (usage data) only to the extent necessary to allow the user to use the service or to allow us to charge the user. The legal basis for this is Article 6(1)(b) GDPR.
The customer data that is collected is deleted after the order is complete or the business relationship has ended and after any existing statutory retention periods have expired. Statutory retention periods remain unaffected.
If you have given your consent in accordance with Article 6(1)(a) GDPR by selecting the "Mr" or "Mrs" form of address, we use this form of address for the purpose of communicating with our customers using a polite, personalised form of address. You can withdraw your consent at any time by, for example, contacting our customer service or changing the settings in your customer account.
Customer account
If you have given us your consent in accordance with Article 6(1)(a) GDPR by deciding to open a customer account, we use your data to open a customer account for you and to store your data for future orders on our website. You also have the ability to view and change your personal data, track orders and use the reminder function.
You can request that your customer account is deleted at any time. Simply send a message by email to the following email address: service@sks-germany.com. Once your customer account has been deleted, your data is deleted, unless you have expressly consented to any further use of your data. We reserve the right to use data for other purposes, if permitted by law and about which we inform you in this Privacy Policy.
Transfer of data for reservations and arranging a contract
If you reserve a product via the marketplace or conclude a contract with a third party, we send your personal data to the applicable dealer, insofar as this is necessary to take steps prior to entering into a contract and to establish the contract. The legal basis for this is Article 6(1)(b) GDPR.
The customer data that is collected is deleted after the order is complete or the business relationship has ended and after any existing statutory retention periods have expired. Statutory retention periods remain unaffected.
Transfer of data for shipping goods
If you order goods from us, we pass on your personal data to the transport company that is to carry out the delivery and to the payment service provider appointed to process the payment. Only the data required by the applicable service provider to perform its task is disclosed. The legal basis for this is Article 6(1)(b) GDPR, which permits data to be processed for the performance of a contract or to take steps prior to entering into a contract.
If you have given your consent in accordance with Article 6(1)(a) GDPR, we pass on your email address to the transport company that is used to carry out the delivery so that it can inform you by email about the dispatch status of your order; you can withdraw your consent at any time.
We use the following shipping service providers:
DHL
DHL Paket GmbH is a company of the Deutsche Post DHL Group.Personal data is sent to DHL to process the delivery. This is the full address and other data required for delivery.
DHL's privacy policy also applies.
DPD
DPD is a subsidiary of GeoPost S.A.Personal data is sent to DPD to process the delivery. This is the full address and other data required for delivery.
DPD's privacy policy also applies.
UPS
United Parcel Service (UPS), with its European headquarters in Brussels (UPS Europe SA), is a global shipping company.Personal data is sent to UPS to process the delivery. This is the full address and other data required for delivery.
UPS's privacy policy also applies.
Hermes
Hermes is a global shipping company.Personal data is sent to Hermes to process the delivery. This is the full address and other data required for delivery.
Payment services
We integrate third-party payment services into our website. When you make a purchase from us, your payment details (e.g. name, payment amount, account details and credit card number) are processed by the payment service provider for the purpose of processing the payment. The applicable contract provisions and data policies of the relevant providers apply to these transactions. We use the payment service providers on the basis of Article 6(1)(b) GDPR (performance of a contract) and in the interest of a smooth, convenient and secure payment process (Article 6(1)(f) GDPR). Where your consent is requested for certain actions, Article 6(1)(a) GDPR is the legal basis for processing the data; consent can be withdrawn at any time with effect for the future.
We use the following payment services/payment service providers on this website:
PayPal
This payment service is provided by PayPal (Europe) S.Ã .r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as "PayPal").
The data is transferred the USA on the basis of the standard contractual clauses of the EU Commission. For details, go to: https://www.paypal.com/en/webapps/mpp/ua/pocpsa-full.
For details, refer to PayPal's privacy policy: https://www.paypal.com/en/webapps/mpp/ua/privacy-full.
10. Our own services
Applications
We provide you with the opportunity to apply to us (e.g. by email, post or online application form). Below, we inform you about the scope, purpose and use of your personal data that is collected in the course of the application process. We assure you that your data is collected, processed and used in accordance with applicable data protection law and all other statutory provisions and that your data is treated as strictly confidential.
We use the Talentstorm applicant management system provided by ontavio GmbH, Hundemstraße 2, 57368 Lennestadt, Germany, to handle the application process. We have concluded a data processing agreement for the use of the service. This is a contract required by data protection law, which ensures that the service provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with GDPR.
Scope and purpose of data collection
If you send us an application, we process your associated personal data (e.g. contact and communication details, application documents, notes taken during job interviews, etc.) to the extent necessary to decide whether to employ you. The legal basis for this is Section 26 of the German Federal Data Protection Act (BDSG) under German law (taking steps prior to employment), Article 6(1)(b) GDPR (taking general steps prior to entering into a contract) and – if you have given your consent – Article 6(1)(a) GDPR. Such consent can be withdrawn at any time. Your personal data is only disclosed within our company to the people who are involved in processing your application.
If your application is successful, the data you have submitted is stored on our data processing systems on the basis of Section 26 German Federal Data Protection Act (BDSG) and Article 6(1)(b) GDPR for the purpose of implementing the employment relationship.
Data retention period
If we are not able to offer you a job, you reject a job offer or you withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Article 6(1)(f) GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data is then deleted (erased) and the physical application documents are destroyed. Such storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. because of impending or pending legal dispute), the data is only deleted (erased) when the purpose for further storage no longer applies.
The data may also be retained for a longer period if you have given your consent (Article 6(1)(a) GDPR) or if statutory retention obligations prevent it being deleted (erased).
Being added to the applicant pool
If we do not offer you a job, you may be able to join our applicant pool. If you are added to the pool, all the documents and details from your application are transferred to the applicant pool so that you can be contacted when there are suitable vacancies.
You are added to the applicant pool exclusively on the basis of your express consent (Article 6(1)(a) GDPR). Giving your consent is voluntary and has no connection to the ongoing application process. The data subject may withdraw their consent at any time. In this case, the data is irrevocably deleted (erased) from the applicant pool, provided there are no statutory grounds for retention.
The data from the applicant pool is irrevocably deleted (erased) no later than two years after consent has been given.
Carrying out repairs
For the purpose of carrying out repairs, it may be necessary for us to pass on your personal data to authorised dealers or workshops. This data is passed on exclusively to ensure efficient and qualified processing of your repair enquiries. The data that is sent usually includes information such as your name, your contact details and specific details about the repair. It may also be necessary to check and process statutory warranty and manufacturer's warranty claims in the course of the repair. Our partners are under contractual obligation to use the data only in the course of the agreed services and to take appropriate measures to protect your data.
The legal basis for this processing of data is Article 6(1)(b) GDPR (performance of contract) and our legitimate interest in processing the repair order as quickly and effectively as possible, within the meaning of Article 6(1)(f) GDPR.
10. Our social media pages
This privacy policy applies to the following social media pages
https://www.facebook.com/sksgermany
https://www.instagram.com/sks_germany/
https://de.linkedin.com/company/sks-metaplast-scheffer-klute-gmbh
Data processing by social networks
We maintain publicly accessible profiles on social networks. The specific social networks that we use can be found below.
Social networks such as Facebook, X, etc. can generally analyse your user behaviour in full when you use their website or a website with integrated social media content (e.g. Like buttons or advertising banners). Visiting our social media pages triggers numerous data protection-related processing operations. Specifically:
If you are logged in to your social media account and visit our social media pages, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed inside and outside the respective social media page. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are logged in or were logged in.
Please also note that we cannot trace all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details about this, please see the terms of use and privacy policies of the respective social media portals.
Legal basis
Our social media pages are designed to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Article 6(1)(f) GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Article 6(1)(a) GDPR).
The data controller and asserting your rights
If you visit one of our social media pages (e.g. Facebook), we are a joint data controller with the operator of the social media platform for the data processing operations triggered during this visit. You may in principle exercise your rights (access, rectification (correction), erasure (deletion), restriction of processing, data portability and the right to lodge a complaint) against us and the operator of the respective social media portal (e.g. against Facebook).
Please note that, despite being a joint data controller with the social media portal operators, we do not have full influence over the data processing operations of the social media portals. Our options are based on the company policy of the respective provider.
Storage period
The data collected directly by us via the social media page will be deleted from our systems as soon as you request us to delete it, withdraw your consent to the storage or the purpose for the data storage ceases to exist. Stored cookies remain on your device until you delete them. Mandatory statutory provisions – in particular retention periods – remain unaffected.
We have no influence on the storage period of your data, which are stored by the operators of the social networks for their own purposes. For details about this, please obtain information directly from the operators of the social networks (e.g. in their privacy policy; see below).
Your rights
You have the right at any time to obtain information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to object, to data portability and to lodge a complaint with the competent supervisory authority. You may also request the correction, blocking, deletion and, in certain circumstances, the restriction of the processing of your personal data.
Social networks in detail
We have a profile on Facebook. This service is provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (hereinafter referred to as "Meta"). According to Meta, the data collected will also be transferred to the USA and other third countries.
We have entered into a joint processing agreement with Meta (Controller Addendum). This agreement defines the data processing operations for which we or Meta is responsible when you visit our Facebook page. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can customise your ad settings on your own in your user account. To do this, click on the following link and log in:https://www.facebook.com/settings?tab=ads.
The data is transferred the USA on the basis of the standard contractual clauses of the EU Commission. For details, go to: https://www.facebook.com/legal/EU_data_transfer_addendum and https://en-gb.facebook.com/help/566994660333381.
For details, refer to Facebook's privacy policy: https://www.facebook.com/about/privacy/.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to complying with these data protection standards. For more information from the provider, go to the following link: https://www.dataprivacyframework.gov/participant/4452.
We have a profile on Instagram. This service is provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.
The data is transferred the USA on the basis of the standard contractual clauses of the EU Commission. For details, go to: https://www.facebook.com/legal/EU_data_transfer_addendum and https://en-gb.facebook.com/help/566994660333381.
For details about how your personal data is handled, see Instagram's privacy policy: https://privacycenter.instagram.com/policy/.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to complying with these data protection standards. For more information from the provider, go to the following link: https://www.dataprivacyframework.gov/participant/4452.
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you would like to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
The data is transferred the USA on the basis of the standard contractual clauses of the EU Commission. For details, go to: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
For details about how your personal data is handled, see LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to complying with these data protection standards. For more information from the provider, go to the following link: https://www.dataprivacyframework.gov/participant/5448.