Data protection

Your privacy as a visitor to our website

PRIVACY POLICY OF SUND

Thank you for your interest and your visit to our website. The protection of your personal data is of particular concern to us at every stage of the cooperation. Therefore, the following explains which data from your visit is used for which purposes.

Personal data within the meaning of the General Data Protection Regulation is any information relating to an identified or identifiable natural person (hereinafter "data subject"). This includes, for example, your name, your address or your e-mail address.

Data processor

The data processor pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is

SUND GmbH + Co. KG
Lademannbogen 65
22339 Hamburg
Germany
Phone: +49 40 53 80 96-0
Fax: +49 40 53 80 96-253
E-Mail: info@sund-group.com

How to contact the data protection officer

You can reach our data protection officer at datenschutz@sund-group.com or our postal address with the addition of "data protection officer".

Informational use of our websites

In the case of merely informative use of the website, i.e. if you do not send us any personal data via our contact form or otherwise transmit information, we only collect the personal data that your browser transmits to our server. The following data is collected:

  • Information about the browser type and version used
  • The user's operating system
  • The user's internet service provider
  • The user's IP address
  • Date and time of access
  • Websites from which the user's system accesses our website
  • Websites that are accessed by the user's system via our website

This data is technically required to display the website to you and to ensure the security of our website. We evaluate this data exclusively for statistical purposes in order to correct possible technical errors and, if necessary, to be able to identify and ward off attacks and security risks. This data is not stored together with other user data. The data is also deleted after an evaluation.

The legal basis for the temporary storage of the data is our legitimate interest in the security and stability of our website (Art. 6(1)(f) GDPR). The user's interest is taken into account by the fact that the data is not used to identify the user.

Use of cookies

When you use our website, cookies are stored on your computer. Cookies are small text files that are stored on your hard drive and associated with the browser you are using, and through which certain information flows to the body that sets the cookie. Cookies cannot run programs or transmit viruses to your computer. They serve to make the internet offer as a whole more user-friendly and effective.

This website uses the following types of cookies, the scope and functionality of which are explained below:

TRANSIENT COOKIES

These cookies are automatically deleted when you close the browser. This particularly includes session cookies. Session cookies store a session ID, with which different requests from your browser can be assigned to the common session. This means that your computer can be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.

PERSISTENT COOKIES

These cookies are automatically deleted after a predefined period of time, which may differ depending on the cookie. You can delete cookies at any time in your browser’s security settings.

PREVENTION OF COOKIES

You can configure your browser settings according to your wishes and refuse the acceptance of third party cookies or all cookies, for example. Please note that you may then not be able to use all the functions of this website.

LEGAL BASIS AND STORAGE PERIOD

The legal bases for possible processing of personal data and their storage period vary and are presented in the following sections.

Contact

When you contact us by e-mail or via our contact form, the data you provide (your e-mail address, your name if applicable and your telephone number) will be stored by us in order to answer your questions. Insofar as we request input via our contact form that is not required for contacting us, we have always marked this as optional. Data are transmitted in unencrypted form. This information is used to specify your request and to improve the processing of your request. If you wish to receive information material, we need your postal address. Any communication of this information is expressly on a voluntary basis and with your consent, Art. 6(1)(a) GDPR. Insofar as this involves information on communication channels (e.g. e-mail address, telephone number), you also consent to us contacting you via this communication channel, if necessary, in order to answer your request. Of course, you can revoke this consent at any time for the future. To do so, you can send a message to the contact details provided in Section 1.

When you contact us by e-mail or via a contact form, the data you provide (in particular your e-mail address, your name if applicable, your telephone number and the content of other entries in the contact form) will be stored by us in order to answer your questions.

Application procedure

You can apply to us electronically by e-mail. We will of course only use your details to process your application and will not pass them on to third parties. Please note that unencrypted e-mails are not transmitted with access protection.

If you have applied for a specific position and it has already been filled or we consider you equally or even more suitable for another position, we would be happy to forward your application within the company. Please let us know if you do not agree to forwarding.

Your personal data will be deleted immediately after completion of the application process, or after a maximum of 6 months, unless you have given us your express consent to store your data for longer or a contract has been concluded. You are under no legal or contractual obligation to provide us with your data. However, this data is necessary for the decision on your application. Without this information, the application process and possible recruitment cannot take place.

The legal basis for Art. 6(1)(a, b) GDPR and Section 26 German Federal Data Protection Act (BDSG).

Website analysis

For the purpose of analysing and optimising our websites, we use various services which are described below. For example, we can analyse how many users visit our site, which information is most in demand or how users find the offer. Among other things, we collect data about the website from which a data subject has accessed a website (so-called referrer), which sub-pages of the website have been accessed or how often and for how long a sub-page has been viewed. This helps us to design and improve our offers in a user-friendly way. The data collected in this process is not used to personally identify individual users. The legal basis is your consent in accordance with Art. 6(1)(1)(a) GDPR. You can revoke this consent at any time.

Matomo

Our website uses the open source web analytics service Matomo, a service provided by "InnoCraft Ltd", a company based at 150 Willis St, 6011 Wellington, New Zealand. As InnoCraft is located outside the EU, InnoCraft has appointed a representative in the EU (privacy@innocraft.com).Matomo uses cookies, which enable an analysis of the use of the website. For this purpose, the usage information collected in the cookie (including your shortened IP address) is transmitted to Matomo's server located in the EU and stored for usage analysis purposes. Matomo does not transmit data to servers that are outside of our control. Your IP address is immediately anonymised during this process, so that you as a user are not identifiable to us. The information collected about your use of this website is not shared with third parties. We use the collected data for statistical analysis of user behaviour for the purpose of optimising the functionality and stability of the website and for marketing purposes. Our interest in and purpose of the data processing lies in the optimisation of our website, the adaptation of the contents and the improvement of our offer. The interests of the users are sufficiently protected by anonymisation.

We only store the analysis data for as long as the purpose of the data processing requires, but for a maximum of 6 months. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can change your cookie settings for this website here.

Google Maps

This site uses the map service Google Maps. Google Maps is a mapping service provided by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The responsible entity for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

In order to use the Google Maps functions, information, including the IP address and the address entered as part of the route function, may be transmitted to the servers of the provider. This information is usually transferred to a Google server in the USA and stored there. When you visit a website that contains Google Maps, your browser establishes a direct connection with Google's servers, whereby the map content is sent to your browser and integrated by it. The provider of this site has no influence on this data transfer. According to current knowledge, this includes the following data:

  • Date and time of the visit to the website in question
  • Internet address or URL of the accessed website
  • IP address, (start) address entered as part of route planning

Google Maps is used in the interest of an attractive presentation of our online offers and to make it easy to find the places we indicate on the website. If you do not wish Google to process data via this service, you can deactivate the use of JavaScript in your browser settings. Please note that in this case the interactive map function of Google Maps cannot be used.

Insofar as data is processed outside the European Economic Area / the EU, where there is no level of data protection corresponding to the European standard, Google states that it uses standard contractual clauses.

More information on the handling of user data can be found in Google's privacy policy: https://policies.google.com/privacy?hl=en&gl=en.

The collection and storage of data only takes place after explicit consent in accordance with Art. 6(1)(1)(a) GDPR. This consent can be revoked at any time with effect for the future.

Data transmission

We work with a number of service providers who take on technical and content-related tasks in the provision of our website. This includes services such as hosting and maintenance of our website. The following service providers are currently used:

1&1 Internet SE, Elgendorfer Str 57, 56410 Montabaur, Germany

Homepage Helden GmbH, Poststraße 20, 20354 Hamburg, Germany

Your rights

You have the following rights with us regarding your personal data:

GENERAL RIGHTS

You have the right of access, rectification, erasure, restriction of processing, objection to processing and data portability. Insofar as processing is based on your consent, you have the right to revoke this with effect for the future.

RIGHTS IN DATA PROCESSING ACCORDING TO LEGITIMATE INTEREST

In accordance with Article 21(1) GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) GDPR (data processing in the public interest) or on the basis of Article 6(1)(f) GDPR (data processing for the protection of a legitimate interest); this also applies to profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can prove compelling reasons for processing worthy of protection which outweigh your interests, rights and freedoms, or if the purpose of processing is the assertion, exercise or defence of legal claims.

RIGHTS IN DIRECT ADVERTISING

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing in accordance with Article 21(2) GDPR; this also applies to profiling insofar as it is associated with such direct marketing.

In the event of your objection to processing for the purpose of direct marketing, we will no longer process your personal data for these purposes.

RIGHT TO COMPLAIN TO A SUPERVISORY AUTHORITY

You also have the right to complain to a competent data protection supervisory authority about the processing of your personal data by us if you believe that the processing of your personal data violates data protection regulations.

If you have any questions about data protection and the processing of your personal data, please contact our data protection officer. They will also be happy to assist you with applications, requests for information, suggestions or complaints.

Status is July 2021

Your privacy as a visitor to our Instagram account

GENERAL INFORMATION

Social media have become an integral part of the internet and modern communication. In order to stay in touch with our customers and interested parties, we have also set up our own profile on Instagram. Instagram is an online service of Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

We expressly draw your attention to the fact that Facebook stores the data (e.g. IP address, preferences and personal interests, behaviour on Instagram pages, any personal information stored on Instagram, etc.) of users and uses it for business purposes.

We have no influence on the processing and further use of this data, as Facebook alone determines the processing. To what extent, where and for how long the data is stored, to what extent the data is linked and evaluated and to whom the data is passed on is currently not comprehensible to us. We also have no insight or influence with regard to deletion periods, i.e. whether and to what extent deletion periods are adhered to.

Details from Facebook itself about what information is collected can be found in Instagram's privacy policy, which can be viewed here: https://help.instagram.com/519522125107875. There you will also find information on how to contact Facebook and on the setting options for ads.

If you are an Instagram member and logged into your Instagram user account, Facebook can associate your visit to our site with your user account. If you would like to prevent Facebook from linking data about your visit to our profile with your membership data stored on Facebook, you must:

  • Log out of Instagram before each visit to our profile.
  • Delete the cookies present on the device.
  • Close and restart your browser.

In this way, according to Facebook, all information through which you can be identified by Facebook is deleted.

SCOPE OF DATA COLLECTION AND STORAGE

You do not need to be a member of Instagram to see the content on our Instagram profile. However, data is collected, stored and used by Facebook every time you visit our site. The moment you access our profile, your browser establishes a connection with a Facebook server. In the process, data may be transferred to countries outside the European Union. In any case, whether you are registered with Instagram or not, your IP address will be transmitted and cookies will be set. If you are an Instagram member and logged into your Instagram user account, Facebook can associate your visit to our site with your user account.

The cookies used include session cookies, which are deleted when the browser is closed, and persistent cookies, which remain on the end device until they expire or are deleted by the user. A cookie is a tiny text file that allows a website to recognise a browser. Cookies are stored on the computer when a website is called up and are called up and read the next time the web server is called up. You can decide for yourself via your browser settings whether and which cookies you want to allow, block or delete. Alternatively, you can also install so-called ad blockers, such as Ghostery.

According to Facebook, the cookies used by Instagram are for authentication, security, website and product integrity, advertising and measurement, website features and services, performance, and analytics and research. Details of the cookies used by Facebook (e.g. names of the cookies, integration, function duration, recorded content and purpose, control options) can be viewed here: https://help.instagram.com/help/instagram/1896641480634370/?locale=en_GB

You can make settings for which advertisements are to be displayed or no longer displayed by Facebook at https://help.instagram.com/help/instagram/1896641480634370/?locale=en_GB and at http://www.youronlinechoices.com. You can manage your preferences regarding usage-based online advertising via the aforementioned link. If you object to usage-based online advertising with a particular provider using the preference manager, this only applies to the particular business data collection via the web browser you are currently using. Preference management is cookie-based. Deleting all browser cookies will also remove the preferences you have set with the preference manager.

Data that is collected:

  • User interactions (postings, likes etc.) for user communication 

  • Facebook cookies* for target group advertising

  • Demographic data (e.g. based on age, place of residence, language or gender) for target group advertising

  • Statistical data on user interactions in aggregated form, i.e. without personal reference for us (e.g. page activities, page views, page previews, likes, recommendations, posts, videos, page subscriptions incl. origin, times of day) for target group advertising

An automated decision-making including profiling according to Art. 22 GDPR does not take place.

As a matter of principle, we only store personal data until the respective purpose for which the data was collected has been achieved. In the context of a business relationship with you, we store your personal data for as long as the business relationship lasts, this also includes the initiation and the processing of a contract as well as the regular limitation period. In addition, we store the data if and insofar as we are subject to statutory retention obligations. These can result, for example, from the German Commercial Code (HGB) or the German Fiscal Code (AO).

If you have given us consent for a processing operation, the data related to the granting of consent will be stored until revoked or at the longest for the duration of the processing operation and after its termination within the scope of the statute of limitations.

DISCLOSURE AND USE OF PERSONAL DATA

Insofar as you interact within the framework of Instagram, Facebook naturally also has access to your data. Facebook is located in an insecure third country where the level of data protection is lower. For this reason, the European standard contractual clauses were concluded with Facebook.

LEGAL BASIS

If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6(1)(f) GDPR is the legal basis for the processing. We see our legitimate interest for data processing in the presentation of our company and our products as well as services for your information and in particular in the provision of up-to-date communication options for and with you.

JOINT DATA PROCESSOR

SUND GmbH + Co. KG
Lademannbogen 65
22339 Hamburg
Germany

and

Facebook Ireland Ltd.
4 Grand Canal Square, Grand Canal Harbour,
D2 Dublin
Ireland

We are jointly responsible with Instagram for the processing of your personal data according to the European Court of Justice (ECJ). The decision of the ECJ dated 5 June 2018 can be found here.

In view of Art. 26 of the GDPR, we inform you below about the essentials of the joint responsibility agreement in place between us and Facebook: https://www.facebook.com/legal/terms/page_controller_addendum

Status is July 2021