Data protection information

Thank you for your interest in our website and the associated data processing. The following data protection information contains, among other things, information on which personal user data is processed when you visit our website, the legal basis for this data processing and the rights to which you are entitled as a data subject. With this information, we take into account our transparency obligations in accordance with Art. 12 and 13 of the European General Data Protection Regulation (EU GDPR).


The data controller in the sense of the GDPR, the Federal Data Protection Act and other data protection regulations for this website is:

SOLLICH KG
Siemensstraße 17-23
32105 Bad Salzuflen
Germany
Phone: +49 5222 9500
info@sollich.com

 

Further information about our company and contact details can be found in our legal note. We have appointed a data protection officer for our company. You can contact our DPO via the following contact details:

Ms Jessica Konopka
SOLLICH KG
Siemensstr. 17-23
32105 Bad Salzuflen
Germany
Phone: +49 5222 9500
datenschutz@sollich.com

Provision of our website and log files

Description and scope of data processing

Our website is hosted by a service provider (external hosting). For this purpose, we use the technical services of Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4-6, 32339 Espelkamp (hereinafter "Mittwald"). Each time you visit our website, the web server automatically collects the following information from your system and stores it:

  • IP adress
  • Date and time of request
  • Time zone difference from GMT
  • Content of the website
  • Access status (HTTP status)
  • Volume of data transferred
  • Request website
  • Web browser
  • Operating system
  • Browser language and version

Legal basis for data processing

The legal basis of the hosting and the temporary storage of the aforementioned data as well as their logging in log files is our legitimate interest as website operator per Art. 6 (1) lit. f GDPR in conjunction with. § 25 (2) no. 2 TDDDG [German telecommunications-telemedia data protection act] in optimising our online presence.

Insofar as consent has been requested, the processing is carried out in accordance with Art. 6 (1) lit. a GDPR in conjunction with. § 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information in your end device (e.g. device fingerprinting) within the meaning of the TDDDG. You can withdraw your consent at any time.

We have concluded an order processing agreement with Mittwald. In this respect, your data will only be processed to the extent necessary for the provision of the service.

Purpose of data processing

The temporary storage of your IP address by the web server is necessary to implement delivery of the website to your computer. To do so, your IP address must remain stored for the duration of your website visit.

The storage of data in log files enables us to ensure the functionality of our website. Furthermore, they enable us to optimise our website and to ensure the security of our information technology systems (e.g. for attack detection). This data is not evaluated for marketing purposes.

Duration of storage

The aforementioned data will be deleted as soon as it is no longer required for the aforementioned purpose fulfilment. For data processing used for the provision of the website, this is the case after you have finished visiting the website.

Data stored in log files is deleted after 7 days at the latest. Storage beyond this can take place. In this case, your IP address is deleted or anonymised so that it is no longer possible to make a personal reference to your system.

Cookies

Description and scope of data processing

We use cookies on our website. Cookies are text files that are stored on your end device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted after your visit. Permanent cookies remain on your end device until you delete them yourself or until they are automatically deleted by your web browser. A distinction is made between technically necessary cookies and cookies from possible third-party providers.

Legal basis for data processing

The legal basis for the use of functionally necessary cookies is our legitimate interest as website operator per Art. 6 (1) lit. f GDPR in conjunction with. §25 (2) no. 2 TDDDG.

The legal basis for setting third-party cookies, which are not subject to any technical necessity, but serve our analysis and marketing interests, is based on the consent you granted per Art. 6 (1) lit. a GDPR in conjunction with. §25 (1) TDDDG [German telecommunications and telemedia data protection act]. You can withdraw this consent at any time. The legality of any data processing that took place prior to consent being revoked remains unaffected.

Purpose of data processing

Technically necessary cookies enable us to provide the website in an error-free, secure and user-friendly manner.

The use of cookies for marketing and analysis purposes enables us to continuously improve the user experience of the website and to generate individual offers.

Duration of storage and opportunity to object

Please refer to the Cookie settings for the storage period of the individual cookies.

You can delete stored cookies at any time in your browser settings or via the settings in the cookie consent area. In addition, you can set individual preferences in your browser by generally objecting to the setting of cookies by websites or third-party providers. We would like to point out that by excluding cookies you may not be able to use our website to its full extent. 

Cookie consent with "Cookiebot by Usercentrics"

Description and scope of data processing

This website uses the cookie consent technology "Cookiebot by Usercentrics" to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in compliance with data protection regulations. The provider of this technology is Usercentrics A/S, Havnegade 39, 1058 Copenhagen (hereinafter referred to as "Usercentrics"). The following personal data is processed:

  • Your consent(s) or the revocation of your consent(s)
  • Your anonymised IP address
  • Information about your browser
  • Information about your end device
  • Information about your location
  • Time of your visit to the website

Usercentrics stores a cookie in your browser in order to be able to assign the consents you have given or to revoke them. The data collected in this way is stored for 12 months. 

Legal basis for data processing

Usercentrics is used to obtain the legally required consent for the use of cookies. The legal basis is Art. 6 para. 1 sentence 1 lit. c GDPR in conjunction with §25 para. 1 TDDDG. You can withdraw this consent at any time. The legality of any data processing that took place prior to consent being revoked remains unaffected.

We have concluded an order processing contract with Usercentrics.

Further information on data processing

Usercentrics A/S is responsible for further data processing. Further information on security and data protection at Usercentrics GmbH can be found via the following link https://www.cookiebot.com/de/privacy-policy/ .

Description and scope of data processing

We use "hCaptcha" to check whether the data entries on our website (e.g. in a contact form) are made by a human or abusively by an automated program. hCaptcha is used to check whether user actions on our website (e.g. submitting a contact form) meet our security requirements. To do this, hCaptcha analyses the behaviour of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website with activated hCaptcha. The provider of this service is Intuition Machines Inc, 350 Alabama St., San Francisco, CA 94110, USA (hereinafter referred to as "hCaptcha"). The following personal data may be processed:

  • IP address
  • Time spent by the visitor on the website
  • Browser type, internet service provider, platform type, device type, operating system, date and timestamp of access and other similar information
  • Mouse movements made by the user, scroll position, keystroke events, touch events and similar information

Legal basis for data processing

The processing of your data is technically necessary for the execution of our security tool and therefore follows §25 para. 2 TDDDG. The processing of your data is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR to protect the website from abusive automated crawling, spam and other forms of misuse that may harm our website or other users of our website.

The transfer of data to hCaptcha servers in the USA, is based on the standard contractual clauses of the EU Commission. For further information, visit https://newassets.hcaptcha.com/dpa/IMI_Data_Processing_Addendum_4.20.2023.pdf

We have concluded an order processing contract with hCaptcha.

Purpose of data processing

The use of the Captcha service and the associated data processing serves our security interests, in particular to protect our web services from automated spying and spam.

Duration of storage

The aforementioned data will be deleted as soon as it is no longer required for the aforementioned purpose fulfilment.

Further information

You can view the hCaptcha data protection information at https://www.hcaptcha.com/privacy

 

Matomo

Description and scope of data processing

We use "hCaptcha" to check whether the data entries on our website (e.g. in a contact form) are made by a human or abusively by an automated program. hCaptcha is used to check whether user actions on our website (e.g. submitting a contact form) meet our security requirements. To do this, hCaptcha analyses the behaviour of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website with activated hCaptcha. The provider of this service is Intuition Machines Inc, 350 Alabama St., San Francisco, CA 94110, USA (hereinafter referred to as "hCaptcha"). The following personal data may be processed:

  • IP address
  • Time spent by the visitor on the website
  • Browser type, internet service provider, platform type, device type, operating system, date and timestamp of access and other similar information
  • Mouse movements made by the user, scroll position, keystroke events, touch events and similar information

Legal basis for data processing

The processing of your data is technically necessary for the execution of our security tool and therefore follows §25 para. 2 TDDDG. The processing of your data is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR to protect the website from abusive automated crawling, spam and other forms of misuse that may harm our website or other users of our website.

The transfer of data to hCaptcha servers in the USA, is based on the standard contractual clauses of the EU Commission. For further information, visit https://newassets.hcaptcha.com/dpa/IMI_Data_Processing_Addendum_4.20.2023.pdf

We have concluded an order processing contract with hCaptcha.

Purpose of data processing

The use of the Captcha service and the associated data processing serves our security interests, in particular to protect our web services from automated spying and spam.

Duration of storage

The aforementioned data will be deleted as soon as it is no longer required for the aforementioned purpose fulfilment.

Further information

You can view the hCaptcha data protection information at https://www.hcaptcha.com/privacy

 

Contacting us by email or contact form

Description and scope of data processing

You can contact us via the following methods:

  • Contact form
  • E-mail address provided in the legal note
  • Via the electronic contact details of our employees

If you contact us via these channels, your personal data transmitted with the enquiry will be processed by us. You can find out which data this concerns in detail in the input fields of our form. In addition, all other data that you voluntarily provide to us as part of your enquiry will be transmitted.

Legal basis for data processing

The legal basis for the processing of your data from the enquiry is your voluntary consent in accordance with Art. 6 (1) lit. a) GDPR. You can withdraw this consent at any time. The legality of any data processing that took place prior to consent being revoked remains unaffected.

If your enquiry is aimed at the conclusion of a contract, the additional legal basis for this data processing is the initiation or fulfilment of a contract pursuant to Art. 6 (1) lit. b) GDPR.

Purpose of data processing

The processing of the aforementioned personal data is solely for the purpose of handling your contact.

Duration of storage

The aforementioned data will be deleted as soon as it is no longer required for the aforementioned purpose fulfilment. For the personal data that you have sent us by e-mail or our contact form, this is the case when the respective conversation with you has ended. Correspondence is deemed to be ended when it is clear from the circumstances that the matter in question has been definitively clarified.

Revocation option

You have the option to object to this data processing at any time. You can send an objection to the following e-mail address: datenschutz@sollich.com

All personal data stored during the course of contact will be deleted in this case.

Integration of MyFonts

Description and scope of data processing

We use MyFonts for the uniform display of fonts. The provider of this service is Monotype Imaging Holdings Inc, 600 Unicorn Park Drive, Woburn, Massachusetts 01801 USA (hereinafter “MyFonts”). When you call up our website, the required web fonts are loaded into your own browser cache. This serves the uniform presentation and display of our script. In order to check compliance with the licence conditions and the number of monthly page views, a web fonts tracking script or similar technology is embedded on our site. According to the information provided by MyFonts, the IP address of website visitors is transmitted to servers outside the EU only in anonymised form. No personal data is collected or processed.

Legal basis for data processing

The legal basis for the integration of MyFonts and thus for the needs-based design of our website is our legitimate interest as website operator pursuant to Art. 6 para. 1 lit. f) GDPR.

Further information on data processing

Further information on how MyFonts handles your data is available at https://www.monotype.com/legal/privacy-policy/web-font-tracking-privacy-policy or at https://www.monotype.com/legal/privacy-policy.

Description and scope of data processing

If required, we publish job advertisements on our website for which you can apply by post or electronically. If you submit your application data electronically, we will collect and store all the personal data you have provided to us.

Legal basis for data processing

We process your applicant data in accordance with Art. 6 (1) lit. f) GDPR out of our legitimate interest in filling vacant positions in our company in a task-oriented and qualified manner.

Should employment result from your application, the processing of your applicant data is to be legally recognised as the implementation of pre-contractual measures in accordance with Art. 6 (1) lit. b) GDPR.

Purpose of data processing

With the help of your applicant data, we are able to make a candidate selection for vacant positions.

Duration of storage

Your data will be stored by us until the application process is completed. If no employment results from your application, we will delete or destroy your data after rejection, taking into account the legally defined objection periods.

If you have given us consent to store data beyond this, the storage period defined therein applies.

Revocation option

You can revoke any consent you have given us to continue storing your applicant data at any time without giving reasons. To do so, please contact us by post or send your objection to the following address: datenschutz@sollich.com.

Description and scope of data processing

We operate profiles on social networks. To do so, we use the technical infrastructure of the respective platform operator. The operators of social networks usually provide their customers with extensive analyses of profile visitors and also use the personal data for their own purposes, such as advertising. The data processing procedures are not always transparently traceable, but include at least the following data protection-relevant processing activities:

  • Processing of interests and visited profiles (especially if you are logged into your own profile on the social network)
  • Collection of your IP address and other information stored on your end device, e.g. via cookies
  • Information about your end device and, if applicable, your location

The operators of social networks use this data, among other things, to send you interest-based advertising and to compile extensive data about visitors and users. For further information on the data processing procedures and terms of use, please refer to the data protection and terms of use of the respective platform operator.

Legal basis for data processing

The legal basis for the use of Vimeo is our legitimate interest as website operator pursuant to Art. 6 (1) f) GDPR in the illustrative presentation of our company and our product and service portfolio.

Shared responsibility and data subject rights

We are jointly responsible with the operator of the respective social network for the processing of your personal data pursuant to Art. 26 GDPR. You can assert your data subject rights both against the platform operator and against us. Please note that we cannot guarantee that you will be able to enforce your data protection rights with the provider of the social network.

Duration of storage

If you do not delete the cookies, they will remain on the device you are using. You have the possibility to prevent the storage of cookies by means of a setting in your browser. Please refer to the help area of your web browser for this and follow the corresponding instructions. We would like to point out that in this case it may not be possible to use all the functions offered on the website to their full extent.

The data collected from you via our profiles on social networks will be deleted after the purpose has been fulfilled or you request us to delete your data. If you have given your consent to data processing, you have the right to revoke this consent at any time. In these cases, we will also delete your data. The statutory retention periods remain unaffected.

LinkedIn

We operate a company profile on LinkedIn. To do so, we use the technical services of the operator LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland (hereinafter "LinkedIn"). We have entered into a Page Insights Joint Controller Addendum (hereafter "Addendum") with LinkedIn. You can find the agreement at https://legal.linkedin.com/pages-joint-controller-addendum.

We would like to point out that LinkedIn has its headquarters in the USA. Your personal data is stored and processed on servers in the USA. The European Court of Justice (ECJ) has ruled that the USA is not a safe third country within the meaning of the GDPR and that a different level of data protection prevails than in the EU. US providers are legally obliged to release personal data without the consent of the data subjects, e.g. to security authorities. We would like to point out that it can therefore not be ruled out that your data located on the US servers may be processed, evaluated and permanently stored for monitoring or other purposes.

We have no influence on the transmitted content and the data processing by LinkedIn. If you do not want data to be assigned to your user account, please log out of your own profile before visiting our LinkedIn profile. LinkedIn is responsible for the further processing of your personal data. For further information on data processing by the social network LinkedIn, please refer to the LinkedIn privacy policy https://www.linkedin.com/legal/privacy-policy.

XING

We operate a company profile on XING. For this purpose, we use the technical services of the operator New Work SE, Am Strandkai 1, 20457 Hamburg (hereinafter "XING"). We are jointly responsible with the platform operator XING for the processing of your personal data pursuant to Art. 26 GDPR. As soon as you visit and interact with our company profile on XING, your personal data will be processed by XING. If you contact us via your own XING profile, your activities with our profile will be processed by the platform operator. The operator also processes all personal data that you provide during registration, information that you provide in your profile and data that is transmitted during communication. We have no influence on the data processing by the platform operator. Furthermore, XING also transmits user data to third countries. We would like to point out that third countries are generally not subject to the legal obligations of the European General Data Protection Regulation. As a result, the enforcement of your data subject rights, for example, cannot be fully guaranteed.

If you do not want data to be assigned to your user account, please log out of your own profile before visiting our XING profile.

XING is responsible for the further processing of your personal data. For further information on data processing by the social network XING, please refer to the XING privacy policy https://privacy.xing.com/en.

YouTube

We operate a channel on the social video network "YouTube". The provider of this service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google"). When you visit our channel or play our videos, your personal data is processed and transmitted to Google's servers. This data includes:

  • The device you are using (e.g. desktop computer, smartphone, tablet, smart speakers)
  • Your IP address
  • Access date and time
  • Your browser and browser type, as well as settings implemented
  • The website from which you wish to view the video
  • The videos you watch

If you are connected to your YouTube account while watching our videos, the information may be linked to your user account. 

The transfer of data to Google servers outside the European Economic Area, in particular to the USA, is based on the standard contractual clauses of the EU Commission. For further information, visit https://privacy.google.com/businesses/processorterms/mccs/.

Google Ireland Limited is responsible for further data processing. Further information on how Google handles your data is available at https://policies.google.com/privacy.

Instagram

We operate a company account on the social network "Instagram". The operator of the platform is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (hereinafter "Meta"). When you visit and interact with our company profile on the social network, your personal data is processed by us and by Meta. This data includes:

  • The device you are using including information about the software used (e.g. desktop computer, smartphone, tablet, smart speakers)
  • Your IP address
  • Family device IDs
  • Your activities and content, e.g. posts, comments, reactions, audio, photos
  • Sent messages
  • Your browser and browser type, as well as settings implemented
  • Location data

If you have your own account on "Instagram" and you are logged into it while visiting our company profile, these information will be linked to your user account. The information may be used to provide you with personalised advertising and products. Your data is collected across all Meta products and all devices used. Meta shares your data with other Meta companies. We have no influence on data processing at Meta. We recommend that you check your browser or account settings related to the processing of your data and restrict these settings if necessary. 

The transfer of data to Meta servers outside the European Economic Area, in particular to the USA, is based on the standard contractual clauses of the EU Commission. For further information, visit https://de-de.facebook.com/help/instagram/272603474673152/?helpref=uf_share.

The EU Commission has decided that the "EU-US Data Privacy Framework" ("DPF") ensures an adequate level of protection for the transfer of personal data from the EU to the USA. Meta is a company certified in accordance with the "EU-US Data Privacy Framework" (DPF).

Meta Platforms Ireland Limited is responsible for further data processing. Further information on how Meta handles your data is available at https://privacycenter.instagram.com/policy/.

If personal data is processed by you as a user, you are considered a data subject in accordance with the GDPR. Data subjects have the following rights vis-à-vis the controller:

  • Right of access (Art. 15 GDPR)
  • Right to correction or erasure of personal data (Art. 16, 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to communication in connection with the correction or erasure of your personal data or the restriction of processing (Art. 19 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to revoke consent given. The lawfulness of the data processing carried out until the revocation remains unaffected due to the consent valid up to that point. (Art. 7 (3) GDPR)
  • Right to complain to the supervisory authority (Art. 77 GDPR)
  • Right to object to the collection of data in special cases (Art. 21 (1) GDPR): If the data processing is based on our legitimate interest pursuant to Art. 6 (1) lit. f) GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. If you register an objection, we will no longer process your personal data unless we can verify compelling legitimate grounds for the processing, that outweigh your interests, rights and freedoms, or if the processing serves the assertion, exercising or defence of legal claims.
  • Right to object to direct marketing (Art. 21 (2) of the GDPR): If your personal data is processed for the purpose of direct marketing, you have the right to object to this processing at any time. After an objection has been issued, your personal data will no longer be used for the purpose of direct marketing.

External links

Our website may contain links to websites of third parties subject to data protection law. If you access these links and you thereby enable third parties to process your personal data (e.g. your IP address), we have no influence on this processing and can therefore accept no responsibility for it.

We indicate the forwarding to other telemedia providers at the appropriate places symbolically or by textual design.

Safety

The protection of your privacy is a serious concern for us. We therefore take appropriate technical and organisational measures to protect your personal data from misuse, alteration and loss.

Your data is protected during transmission on our website by means of an SSL or TLS certificate. You can recognise that such a certificate is in use by the web address as https:// or a closed lock symbol next to the web address.

Despite carefully selected security precautions, we would like to point out that, especially when transmitting via e-mail or our web forms, one hundred percent protection cannot be guaranteed. When transmitting confidential information, please send it by post to the address provided in our legal note.

Advertising by e-mail pursuant to § 7 (3) of the UWG [unfair competition act] and your right to object

Within the scope of the legal permission per § 7 (3) UWG, we are entitled to use the e-mail address that you have given us when purchasing a service or product subject to a charge for direct advertising for our own similar products or services. If you no longer wish to receive advertising for similar products or services, you can object to the corresponding use of your e-mail address at any time. To do so, you can unsubscribe by clicking on the unsubscribe link included in each mailing or by contacting datenschutz@sollich.com with your email address.

RIGHT TO OBJECT TO THE COLLECTION OF DATA IN SPECIAL CASES AND TO DIRECT ADVERTISING (ART. 21 GDPR)

IF THE DATA PROCESSING IS PROCESSED PER ART. 6 (1) PT. E) OR F) OF THE GDPR, YOU MAY OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION. THIS ALSO APPLIES TO PROFILING. PLEASE REFER TO THE DATA PROTECTION REGULATIONS FOR THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE PROCESSED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 (1) OF THE GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR MARKETING PURPOSES. THIS ALSO APPLIES TO PROFILING, INSOFAR AS THIS IS CONNECTED TO SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21 (2) OF THE GDPR).

Objection to advertising emails

We hereby object to the use of published contact data in our legal note for sending advertising and information material that has not been expressly requested. The operators of this website reserve the explicit right to take legal steps in the event of receiving unsolicited advertising information, for example through spam emails, etc.

Up-to-dateness of our data protection information

Our website is subject to the technological progress that accompanies the operation and usage options of websites. We therefore reserve the right to adapt our data protection information in accordance with changes to our security and data protection measures and possible extended data processing and to make it available to you here in the currently valid version.



Top