Privacy Policy

We respect your privacy and share your concern about the security of data you may submit to our website. We only process your data according to the General Data Protection Regulation (GDPR). Subsequently we would like to inform you about the nature and extent of personal data that we process on this website pursuant to Article 13 of the GDPR.

I. Controller Details

Siegfried Jacob GmbH & Co. KG
Wilhelm-Bergner-Straße 13
21509 Glinde
T: +49 (0) 40 789 708 0
E: info@sj-hamburg.de
E: security@sj-hamburg.de

II. Data Protection Officer

Name and contact details of the Data Protection Officer:
Mr Arndt Halbach, GINDAT GmbH
Wetterauer Str. 6, 42897 Remscheid, Germany
Email: datenschutz@sj-hamburg.de
Tel.: +49-2191 / 909 430

III. Personal data we collect automatically

Your visit to our website is recorded. We generally collect the following data that your browser sends to us:
• IP address currently used by your computer or your router
• Date and time
• Browser type and version
• Operating system of your computer
• Webpages you visit
• Name and size of requested file(s)
• URL of the referral website, if applicable
This data is only collected for the purposes of data security, improving our website offer and analysing errors based on Art. 6 (1) f) GDPR. The IP address of your PC is only analysed in anonymised form (shortened by the last three digits). In all other respects, you are able to visit our website without providing information on your identity.
We would like to point out that data transmission on the Internet (such as email communication) is subject to security vulnerabilities. It is not possible to completely protect data from access by third parties. Confidential data should therefore be sent to us by other means, such as by post.
Contact
Personal data (such as your name, address data or contact details) which you voluntarily disclose to us, for example in connection with a request or otherwise, will be stored by us and only processed for correspondence with you and only for the purpose for which you have provided us with this data. This data is processed on the basis of Art. 6 (1) a) and Art. 6 (1) f) GDPR.
Secure data transmission
In order to protect the security of your data during transmission, we use encryption techniques (SSL) via HTTPS, which accord with state-of-the-art technology.
Processing of data (customer and contract data)
We collect, process, and use personal data only insofar as it is necessary to establish, or modify legal relationships with us (master data). This is done based on Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract. We collect, process and use your personal data when accessing our website (usage data) only to the extent required to enable you to access our service or to bill you for the same. Collected customer data shall be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.

IV. Recipients of personal data

We may utilise service providers in connection with data processing in order to perform and execute processes.
Specifically, we have involved service providers for the purposes of hosting our website.
Contractual relationships are established with our service providers, which meet the requirements of Art. 28 GDPR; the contractual provisions contain the statutorily required points on data protection and data security.
Without your consent or contractual necessity, data will only be transferred outside the European Union (EU) and the European Economic Area (EEA) to countries with an adequate level of data protection or on the basis of suitable guarantees. These can be of a legal, technical or organisational nature.

V. Your rights

According to Articles 15–21 GDPR you are entitled to the following rights associated with the processing of your personal data:
You may request information pursuant to article 15 of the GDPR regarding your personal data processed by us. Should incorrect personal data be processed, you have the right to demand correction in accordance with Article 16 of the GDPR. If the legal requirements are met, you can request deletion or restriction of processing (Articles 17, 18 of the GDPR).
You have the right to revoke your declaration of consent under the GDPR at any time. Revocation of your consent does not affect the lawfulness of the processing carried out on the basis of your consent until revocation.
Right to object subject to Article 21 of the GDPR
The data subject shall have the right to object at any time, for reasons arising from his particular situation, to the processing of personal data relating to him carried out pursuant to Article 6(1) (e) or (f) of the GDPR, including profiling based on these provisions.

VI. Statutory deadlines fort he erasure of data

Insofar as no statutory retention obligation applies, the data shall be deleted or destroyed once it is no longer required for fulfilling the purpose of data processing. Various deadlines apply to the retention of personal data. For instance, data of tax relevance is generally stored for ten years, while other data is typically retained for six years in accordance with provisions under the Commercial Code. Furthermore, the storage period may also be determined by statutory limitation periods, which may generally amount to three years in the case of Articles 195 et seqq. of the Civil Code, for example, or in certain cases up to even thirty years.

VII. Right to lodge a complaint with a supervisory authority

In accordance with Art. 77 GDPR, each data subject has the right to lodge a complaint with a supervisory authority, if they believe that the processing of their personal data is in violation of the GDPR. The competent supervisory authority in data protection matters is the state data protection officer of the federal state in which our company has its registered office.