Data Protection

The protection of your data is very important to us

Privacy Notice

We are pleased about your visit to our website and your interest in our company, our products, and services.

To ensure that you feel safe and comfortable when visiting our website, we take the protection of your personal data and its confidential handling very seriously.

With this notice, we inform you about data protection-related aspects as well as the measures implemented to safeguard your rights. SPH AG complies with the requirements of the German Federal Data Protection Act (BDSG) and the EU General Data Protection Regulation (EU GDPR).

1. General Information and Mandatory Notices

1.1 Information on the Responsible Entity

The responsible entity for data processing on this website is:

SPH AG
Neckarstraße 40A
71065 Sindelfingen
Germany
Phone: +49 (0)711 8905 300
Email: info@sph-ag.com

The responsible entity is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g. names, email addresses, etc.).

1.2 Employees

All employees of SPH AG are obligated to maintain data confidentiality in accordance with the GDPR.

1.3 Data Collection

You can generally use our online presence without disclosing your personal data. When accessing our website, data is stored for security purposes, such as the name of your internet service provider, the website from which you visit us, the websites you visit on our site, and your IP address.

This data could potentially allow identification; however, no personal evaluation takes place in this regard. The data may be evaluated for statistical purposes, whereby the individual user remains anonymous. Where data is passed on to external service providers, we ensure through technical and organizational measures that data protection regulations are complied with.

1.4 Purpose of Use

We will only use the personal data collected from you to provide you with the requested products or services or for other purposes for which you have given your consent, provided there are no conflicting legal obligations.

1.5 Data Retention

We store personal data only for as long as necessary to perform a service you have requested or to which you have consented, unless there are statutory retention obligations, such as in the case of ongoing legal proceedings.

1.6 Security

SPH AG implements technical and organizational security measures to protect the data you provide against accidental or intentional manipulation, loss, destruction, or unauthorized access.

In the event of the collection and processing of personal data, the information is transmitted in encrypted form to prevent misuse by third parties. Our security measures are continuously reviewed in line with technological developments.

1.7 Collection and Processing of Data

Every access to our internet portal and every retrieval of a file stored on the internet portal is logged. Storage is carried out for internal system-related and statistical purposes.

The following data is logged: name of the retrieved file, date and time of retrieval, amount of data transferred, message regarding successful retrieval, web browser, and requesting domain. In addition, the IP addresses of the requesting computers are logged.

Personal data is only collected if you voluntarily provide it, for example when registering or submitting an inquiry.

1.8 Collection and Processing of Personal Data

Personal data is only collected if you voluntarily provide it to us, for example by completing forms or sending emails, in connection with ordering products or services, submitting inquiries, or requesting information material.

The database and its contents remain with our company and our provider. Your personal data will not be disclosed to third parties by us or persons commissioned by us unless your consent has been given or a legal obligation exists.

1.9 Use and Disclosure of Personal Data

If you have provided us with personal data, we will use it only to respond to your inquiries, to process contracts concluded with you, and for technical administration.

Your personal data will only be passed on to third parties if this is necessary for contract processing – in particular for passing on order data to suppliers – is required for billing purposes, or if you have given prior consent.

Stored personal data will be deleted if you revoke your consent to storage, if knowledge of the data is no longer required to fulfill the purpose for which it was stored, or if storage is otherwise legally impermissible.

After expiration of statutory tax and commercial retention periods, the data will be deleted unless you have expressly consented to further use.

We take all necessary technical and organisational security measures to protect personal data from loss and misuse. Data is stored in a secure operating environment that is not accessible to the public. Confidential information is transmitted in encrypted form via the HTTPS protocol wherever possible.

When communicating by email, complete data security cannot be guaranteed; therefore, we recommend using postal mail or suitable encryption software for confidential information.

1.10 Revocation of Your Consent to Data Processing

You may at any time request that your stored data be blocked, corrected, or deleted and object to the anonymised or pseudonymised collection and storage of data for optimisation purposes of our website.

You have the right to revoke any consent granted for data collection and use at any time with effect for the future without giving reasons. Please contact us by email or at the postal address stated above.

1.11 Right to Lodge a Complaint with the Supervisory Authority

In the event of data protection violations, the data subject has the right to lodge a complaint with the competent supervisory authority.

The competent supervisory authority for data protection matters is the State Data Protection Commissioner of the federal state in which our company is based.

A list of data protection authorities and their contact details can be found at the following link:

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
.

1.12 Right of Access, Blocking, Deletion

Within the framework of applicable legal provisions, you have the right at any time to receive free information about your stored personal data, its origin and recipients, and the purpose of data processing, as well as a right to correction, blocking, or deletion of this data.

For this purpose and for further questions regarding personal data, you may contact us at any time at the address stated in the legal notice.

1.13 Links to Other Websites

This website may contain links to external websites (i.e. websites of companies not belonging to SPH AG). SPH AG is not responsible for the data protection measures or the content of these external websites.

For this reason, we recommend that you carefully review the privacy policies of these external websites.

2. Data Protection Officer

We have appointed a data protection officer for our company:

Datenschutzberatung Walliser GbR
Email: datenschutz@sph-ag.com

3. Cookies

Our website uses cookies. These data elements are sent by our website to your browser, where they are stored. Without explicit user interaction, only temporary cookies are used. These are deleted after leaving the site and serve solely to adapt the website to your needs, store your login during your visit, and associate visited pages.

4. Data Protection Information for Applicants (m/f/d)

The currently applicable data protection provisions for applicants of SPH AG can be viewed at the following link:
https://www.sph-ag.com/datenschutz-fuer-bewerber

5. Processing and Disclosure of Email Addresses for Webinars

As part of our invitations, particularly to webinars, we process the email addresses of participants.

Please note that these email addresses may be visible to other invited participants, as the technical capabilities of Microsoft Teams do not allow invitations/emails to be sent anonymously.

Legal Basis for Processing

The processing of your email address is based on your consent.

Purpose of Processing

The processing and disclosure of email addresses is carried out exclusively for the purpose of inviting and organizing our webinars.

Recipients of Personal Data
Email addresses may be visible to other participants of the same event. We ensure that no further personal data is disclosed without your explicit consent.

Measures to Protect Your Data
We take all necessary technical and organizational measures to protect your data and limit disclosure to the minimum necessary. This includes careful selection of our communication methods and training of our staff in handling personal data.

Your Rights
You have the right to request information about the personal data stored by us at any time, request correction of inaccurate data, and request deletion or restriction of processing. You also have the right to lodge a complaint with the competent supervisory authority.

6. Third-Party Services

6.1 Use of SalesViewer® Technology

Type and Scope of Processing
On this website, data is collected and stored for marketing, market research, and optimisation purposes using SalesViewer® technology of SalesViewer® GmbH based on the legitimate interests of the website operator (Art. 6 para. 1 lit. f GDPR). A JavaScript-based code is used for this purpose, which serves to collect company-related data and corresponding usage. The data collected using this technology is encrypted using a non-reversible one-way function (so-called hashing). The data is immediately pseudonymised and is not used to personally identify visitors to this website.

Purpose and Legal Basis
Processing is carried out for the purpose of analysing and optimising our online offering based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.

Storage Duration
The data stored within the scope of SalesViewer is deleted as soon as it is no longer required for its intended purpose and no statutory retention obligations prevent deletion.

Right to Object
You may object to the collection and storage of data at any time with effect for the future by clicking the following link
https://www.salesviewer.com/opt-out
to prevent SalesViewer® from collecting data on this website in the future. An opt-out cookie will be placed on your device. If you delete cookies in this browser, you must click this link again.

6.2 Cookiebot

Type and Scope of Processing
We have integrated Cookiebot on our website. Cookiebot is a consent solution provided by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, which is used to obtain and document consent for the storage of cookies. Cookiebot uses cookies or other web technologies to recognise users and store granted or withdrawn consent.

Purpose and Legal Basis
Use of the service is based on obtaining the legally required consent for the use of cookies in accordance with Art. 6 para. 1 lit. c GDPR and § 25 para. 2 no. 2 TDDDG.

Storage Duration
The specific storage duration of the processed data cannot be influenced by us and is determined by Cybot A/S. Further information can be found in Cookiebot’s privacy policy:
https://www.cookiebot.com/de/privacy-policy/

6.3 Adobe Typekit

Type and Scope of Processing
We use Adobe Typekit from Adobe Inc., San Jose, California, US, as a service for providing fonts for our online offering. To obtain these fonts, a connection is established to servers of Adobe Inc., whereby your IP address is transmitted.

Purpose and Legal Basis
The use of Adobe Typekit is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.

Storage Duration
The specific storage duration of the processed data cannot be influenced by us and is determined by Adobe Inc. Further information can be found in Adobe Typekit’s privacy policy:
https://www.adobe.com/de/privacy/policies/adobe-fonts.html

6.4 Google reCAPTCHA

Type and Scope of Processing
We have integrated components of Google reCAPTCHA on our website. Google reCAPTCHA is a service provided by Google Ireland Limited and enables us to determine whether a contact request originates from a natural person or is automated.

When accessing these contents, a connection is established to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. In addition, Google reCAPTCHA records dwell time and mouse movements to distinguish automated requests from human ones. This data is processed exclusively for the purposes stated above and to maintain the security and functionality of Google reCAPTCHA.

Purpose and Legal Basis
The use of Google reCAPTCHA is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.

We intend to transfer personal data to third countries outside the European Economic Area, in particular the United States. Data transfer to the United States takes place pursuant to Art. 45 para. 1 GDPR based on the adequacy decision of the European Commission. The participating US companies and/or their US subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

In cases where no adequacy decision of the European Commission exists, we have agreed on other appropriate safeguards pursuant to Art. 44 et seq. GDPR. Unless otherwise specified, these are standard contractual clauses of the European Commission in accordance with Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of the standard contractual clauses can be viewed at
https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE

In addition, prior to any such transfer to a third country, we obtain your consent in accordance with Article 49(1), first sentence, point (a) GDPR, which you provide via the consent given in the consent manager (or other forms, registrations, etc.). We would like to inform you that transfers to third countries may involve risks that are not fully known in detail (e.g. the processing of data by security authorities in the third country, the exact scope and consequences of which for you are unknown to us, over which we have no influence, and of which you may not become aware).

Storage Duration
The specific storage duration of the processed data cannot be influenced by us and is determined by Google Ireland Limited. Further information can be found in Google reCAPTCHA’s privacy policy:
https://policies.google.com/privacy?hl=en-US

6.5 Google CDN

Type and Scope of Processing
We use Google CDN to properly provide the contents of our website. Google CDN is a service provided by Google Ireland Limited and functions as a content delivery network (CDN) on our website.

A CDN helps to deliver content from our online offering more quickly, in particular files such as graphics or scripts, by using servers distributed regionally or internationally.

When accessing these contents, a connection is established to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the purposes stated above and for maintaining the security and functionality of Google CDN.

Purpose and Legal Basis
The use of the content delivery network is based on our legitimate interests, i.e. our interest in the secure and efficient provision and optimisation of our online offering in accordance with Article 6(1)(f) GDPR.

We intend to transfer personal data to third countries outside the European Economic Area, in particular to the United States. The transfer of data to the United States takes place pursuant to Article 45(1) GDPR on the basis of an adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified under the EU–U.S. Data Privacy Framework (EU–U.S. DPF).

In cases where no adequacy decision of the European Commission exists (including US companies that are not certified under the EU–U.S. DPF), we have agreed other appropriate safeguards with the recipients of the data within the meaning of Articles 44 et seq. GDPR. Unless otherwise stated, these are the European Commission’s Standard Contractual Clauses pursuant to Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these Standard Contractual Clauses can be accessed at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.

Storage Duration
The specific storage duration of the processed data cannot be influenced by us and is determined by Google Ireland Limited. Further information can be found in Google’s privacy policy:
https://policies.google.com/privacy

6.6 YouTube Video

Type and Scope of Processing
We have integrated YouTube Video on our website. YouTube Video is a component of the YouTube, LLC video platform, where users can upload and share content via the internet and receive detailed statistics.
YouTube Video enables us to integrate content from the platform into our website.

YouTube Video uses cookies and other browser technologies to analyse user behaviour, recognise users, and create user profiles. This information is used, among other things, to analyse the activity of the content accessed and to generate reports.

If a user is registered with YouTube, LLC, YouTube Video may associate the videos played with the user’s profile.

When accessing these contents, a connection is established to servers of YouTube, LLC and Google Ireland Limited, whereby your IP address and possibly browser data are transmitted.

Purpose and Legal Basis
Use of the service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.

Storage Duration
The specific storage duration is determined by YouTube, LLC. Further information can be found at:
https://policies.google.com/privacy

6.7 Google Tag Manager

Type and Scope of Processing

We use Google Tag Manager provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags via an interface and enables us to control the precise integration of services on our website.

This allows us to flexibly integrate additional services in order to analyse users’ access to our website.

Purpose and Legal Basis
Processing is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.

Storage Duration
The specific storage duration of the processed data cannot be influenced by us and is determined by Google Ireland Limited. Further information can be found at:
https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/

6.8 Google Analytics

Type and Scope of Processing
We use Google Analytics, provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland), to analyse and statistically evaluate our online offering. This includes, for example, the number of visits to our online offering, the subpages visited, and the length of time visitors spend on the site.

Google Analytics uses cookies and other browser technologies to analyse user behaviour and recognise users.

This information is used, among other things, to generate reports on website activity.

Purpose and Legal Basis
Processing is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.

6.9 AWS S3

Type and Scope of Processing
We use AWS S3 to ensure that content is provided properly on our website. AWS S3 is an Amazon Web Services, Inc. service that acts as a content delivery network (CDN) for our website.

A CDN helps to deliver content from our online offering, in particular files such as graphics or scripts, more quickly using servers distributed regionally or internationally. When you access this content, a connection is made to servers of Amazon Web Services, Inc., and your IP address and, where applicable, browser data such as your user agent are transmitted. This data is processed exclusively for the purposes stated above and for maintaining the security and functionality of AWS S3

Purpose and Legal Basis
Processing is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.

6.10 LinkedIn Insight Tag

Type and Scope of Processing

We use the LinkedIn Insight Tag provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, on our website. The LinkedIn Insight Tag is an analytics tool that enables us to obtain information about visits to our website and to evaluate the success of LinkedIn advertising campaigns.

The LinkedIn Insight Tag enables the processing of data such as IP addresses, device and browser characteristics, timestamps and page events. LinkedIn may associate this data with the user’s account if the user is registered with LinkedIn.

Purpose and Legal Basis
Processing is carried out for the purpose of analysing and optimising our marketing measures as well as for reach measurement, on the basis of your consent in accordance with Article 6(1)(a) GDPR and Section 25(1) TDDDG.

Storage Duration
The specific retention period of the processed data cannot be influenced by us and is determined by LinkedIn. Further information can be found at:
https://www.linkedin.com/legal/privacy-policy

7. Miscellaneous

We reserve the right to amend this privacy policy from time to time.

We therefore recommend reviewing this policy regularly.

Data Protection

The protection of your data is very important to us

Privacy Notice

1. General Information and Mandatory Notices

1.1 Information on the Responsible Entity

1.2 Employees

1.3 Data Collection

1.4 Purpose of Use

1.5 Data Retention

1.6 Security

1.7 Collection and Processing of Data

1.8 Collection and Processing of Personal Data

1.9 Use and Disclosure of Personal Data

1.10 Revocation of Your Consent to Data Processing

1.11 Right to Lodge a Complaint with the Supervisory Authority

1.12 Right of Access, Blocking, Deletion

1.13 Links to Other Websites

2. Data Protection Officer

3. Cookies

4. Data Protection Information for Applicants (m/f/d)

5. Processing and Disclosure of Email Addresses for Webinars

6. Third-Party Services

6.1 Use of SalesViewer® Technology

6.2 Cookiebot

6.3 Adobe Typekit

6.4 Google reCAPTCHA

6.5 Google CDN

6.6 YouTube Video

6.7 Google Tag Manager

6.8 Google Analytics

6.9 AWS S3

6.10 LinkedIn Insight Tag

7. Miscellaneous

Get In Touch

Work Inquiries

Data Protection

The protection of your data is very important to us

Privacy Notice

1. General Information and Mandatory Notices

1.1 Information on the Responsible Entity

1.2 Employees

1.3 Data Collection

1.4 Purpose of Use

1.5 Data Retention

1.6 Security

1.7 Collection and Processing of Data

1.8 Collection and Processing of Personal Data

1.9 Use and Disclosure of Personal Data

1.10 Revocation of Your Consent to Data Processing

1.11 Right to Lodge a Complaint with the Supervisory Authority

1.12 Right of Access, Blocking, Deletion

1.13 Links to Other Websites

2. Data Protection Officer

3. Cookies

4. Data Protection Information for Applicants (m/f/d)

5. Processing and Disclosure of Email Addresses for Webinars

6. Third-Party Services

6.1 Use of SalesViewer® Technology

6.2 Cookiebot

6.3 Adobe Typekit

6.4 Google reCAPTCHA

6.5 Google CDN

6.6 YouTube Video

6.7 Google Tag Manager

6.8 Google Analytics

6.9 AWS S3

6.10 LinkedIn Insight Tag

7. Miscellaneous

Get in Touch

Beratung anfragen

Get In Touch

Work Inquiries