English
Deutsch | German
Français | French
Česko | Czech
Magyar | Hungarian
Adatvédelmi nyilatkozat
I. Name and address of the controller
STI - Gustav Stabernack GmbH
Richard-Stabernack-Straße
D-36341 Lauterbach
Germany
Phone: +49 6641 81 0
Email: datenschutz@sti-group.com
Website: https://www.sti-group.com/
is the controller within the meaning of the EU General Data Protection Regulation (GDPR) and other national data protection laws.
II. Name and address of the data protection officer
The data protection officer of the controller is:
AGOR AG
Niddastraße 74
60329 Frankfurt am Main
Germany
Phone: +49 (0) 69 - 9494 32 410
Email: info@agor-ag.com
Website: www.agor-ag.com
General information on data processing
1. Scope of processing personal data
We only collect and use personal data from users of our website to the extent necessary to provide a functional website, our content, and our services.
As a matter of principle, the collection and use of our users' personal data only takes place with their consent. An exception to this principle applies in cases where the processing of data is permitted by law or where it is not possible to obtain prior consent for practical reasons.
2. Legal basis for the processing of personal data
The legal basis for the processing of personal data is generally derived from:
Art. 6 (1) (a) GDPR when obtaining the consent of the data subject.
Art. 6 (1) (b) GDPR for processing that serves to fulfill a contract to which the data subject is a party. This also includes processing operations that are necessary for the implementation of pre-contractual measures.
Art. 6 (1) (c) GDPR for processing that is necessary for compliance with a legal obligation.
Art. 6 (1) (d) GDPR for processing that is necessary to protect the vital interests of the data subject or another natural person.
Art. 6 (1) (f) GDPR, if processing is necessary to safeguard a legitimate interest of our company or a third party and the interests, fundamental rights, and freedoms of the data subject do not override the former interest. In order to be able to base the processing of personal data on a legitimate interest, a review is carried out for each relevant process in consultation with the data protection officer, whereby the following three conditions must be met:
1) The controller responsible for processing the personal data or a third party has a legitimate interest in the data processing.
2) The processing is necessary to safeguard the legitimate interest.
3) The interests or fundamental rights and freedoms of the data subject requiring the protection of personal data do not override this interest.
3. Data deletion and storage period
The personal data of users will be deleted or blocked as soon as the purpose of storage no longer applies. Further storage may take place if this has been provided for by the European or national legislator in Union regulations, laws, or other provisions to which the controller is subject. The data will also be blocked or deleted when a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
4. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the user's computer system. The following information may be collected:
Information about the browser type and version used, the user's operating system, the user's Internet service provider, the user's IP address, date and time of access, websites from which the user's system accesses our website, websites accessed by the user's system via our website.
The data described is stored in our system's log files. This data is not stored together with other personal data of the user.
5. Purpose and legal basis for data processing
The temporary storage of the IP address by our system is necessary to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.
The data is stored in log files to ensure the functionality of the website. In addition, the data helps us to optimize the website and ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context.
The legal basis for the temporary storage of data and log files is Art. 6 (1) (f) GDPR.
The collection of your personal data for the provision of our website and the storage of the data in log files is essential for the operation of the website. Therefore, there is no possibility for the user to object.
6. Duration of storage
Your data will be deleted as soon as it is no longer required for the purpose for which it was collected. If your data is collected to ensure the provision of the website, the data will be deleted when the respective session is ended.
If your data is stored in log files, it will be deleted after seven days at the latest. Storage beyond this period is possible, in which case the IP addresses of users will be deleted or anonymized. It will then no longer be possible to assign the data to the client that accessed the site.
General information on the use of cookies
We use cookies on our website. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When you visit a website, a cookie may be stored on your operating system. This contains a characteristic string of characters that enables the browser to be uniquely identified when the website is visited again.
We use cookies to make our homepage more user-friendly. Some elements of our website require that the browser can be identified even after a page change.
TDDDG:
The legal basis for the storage of cookies, device identifiers, and similar tracking technologies, as well as for the storage of information in the end user's terminal equipment and access to this information, is the European ePrivacy Directive in conjunction with the Telecommunications Digital Services Data Protection Act (TDDDG).
Please note that the legal basis for the processing of personal data collected in this context is then derived from the GDPR (Art. 6 (1) sentence 1 GDPR). The legal basis for the processing of personal data relevant in each specific case can be found below for the respective cookie or for the respective processing itself.
The primary legal basis for storing information on the end user's terminal equipment – in particular for storing cookies – is your consent, Section 25 (1) sentence 1 TDDDG. Consent is given when you visit our website – although this is of course not mandatory – and can be revoked at any time in the cookie settings.
According to Section 25 (2) No. 2 TDDDG, consent is not required if the storage of information in the end user's terminal equipment or access to information already stored in the end user's terminal equipment is absolutely necessary for the provider of a telemedia service to be able to provide a telemedia service expressly requested by the user. The cookie settings show you which cookies are classified as strictly necessary (often referred to as "technically necessary cookies"), and therefore fall under the exemption of Section 25 (2) TDDDG and do not require consent.
GDPR:
When cookies are used, the following data is stored and transmitted:
• Browser type and browser version Operating system used Referrer URL
• Host name of the accessing computer Time of the server request
• IP address
The legal basis for the processing of personal data using cookies is Art. 6 (1) (f) GDPR. The purpose of using technically necessary cookies is to simplify the use of our website. We would like to point out that individual functions of our website can only be offered with the use of cookies.
We do not use user data collected by technically necessary cookies to create user profiles.
Cookies are stored on the user's computer and transmitted to our site by the user. As a user, you therefore have control over the use of cookies. You can restrict or deactivate the transmission of cookies by making changes to the settings of your Internet browser. Stored cookies can also be deleted there. Please note that you may no longer be able to use all the functions of our website if you deactivate cookies.
The legal basis for the processing of personal data using cookies for analysis and advertising purposes is Art. 6 (1) (a) GDPR, provided that the user has given their consent.
Cookie consent with sgalinski:
This website uses the cookie consent technology of sgalinski Internet Services (Stefan Galinski, Bahnhofstraße Gernrode 52, 37339 Gernrode, Germany). A technically necessary cookie is set to manage your individual consents and document them in accordance with data protection regulations.
When you visit our website, this system stores a cookie in your browser that records your cookie preferences and any revocations. This information is not passed on to sgalinski itself.
The collected data is stored until you revoke your consent, delete the corresponding cookie in your browser, or the purpose for data processing no longer applies. Statutory retention obligations remain unaffected.
The use of this consent solution is based on Art. 6 (1) (c) GDPR, as we are legally obliged to obtain and document your consent for the use of cookies that are not technically necessary.
If you would like to view or change your cookie settings, click on the fingerprint icon at the bottom left of our website.
Further information can be found at: https://www.sgalinski.de/en/typo3-products-web-development/cookie-optin-for-typo3/d
Your rights / Rights of the data subject
Under the EU General Data Protection Regulation, you as the data subject have the following rights:
1. Right to information
You have the right to obtain information from us as the controller as to whether and which personal data concerning you is processed by us as well as further information in accordance with the legal requirements under Articles 13 and 14 of the GDPR.
You can assert your right to information at:
datenschutz@sti-group.com
2. Right to rectification
If the personal data we process concerning you is incorrect or incomplete, you have the right to request that we correct and/or complete it. The correction will be made without delay.
3. Right to restriction
You have the right to restrict the processing of personal data concerning you in accordance with the statutory provisions (Art. 18 GDPR).
4. Right to erasure
If the reasons set out in Art. 17 GDPR apply, you can request that the personal data concerning you be erased without delay.
Please note that the right to erasure does not apply if processing is necessary for one of the exceptions listed in Art. 17 (3).
5. Right to notification
If you have exercised your right to rectification, erasure, or restriction of processing, we are obliged to notify all recipients to whom your personal data has been disclosed of this rectification, erasure, or restriction of processing, unless this proves impossible or involves disproportionate effort. You also have the right to be informed about these recipients.
6. Right to data portability
Under the GDPR, you also have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format or to request that it be transferred to another controller.
7. Right to revoke the data protection consent declaration
You have the right to withdraw your declaration of consent under data protection law at any time. We would like to point out that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
8. Right to object
Furthermore, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) GDPR.
9. Automated decision-making in individual cases, including profiling
Under the EU General Data Protection Regulation, you also have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
10. Right to lodge a complaint with a supervisory authority
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, your place of work, or the place of the alleged infringement.
Data transfer outside the EU
The GDPR ensures a uniformly high level of data protection within the European Union. When selecting our service providers, we therefore rely on European partners wherever possible if your personal data is to be processed. Only in exceptional cases will we have data processed outside the European Union in the context of using third-party services. We only allow your data to be processed in a third country if the specific requirements of Art. 44 et seq. GDPR are met. This means that the processing of your data may then only take place on the basis of special guarantees, such as the officially recognized determination by the EU Commission of a level of data protection equivalent to that of the EU or the observance of officially recognized special contractual obligations, the so-called "standard data protection clauses."
EU-US Trans-Atlantic Data Privacy Framework
Within the framework of the so-called "Data Privacy Framework" (DPF), the EU Commission has also recognized the level of data protection for certain companies from the US as secure within the framework of the adequacy decision of July 10, 2023. The list of certified companies and further information on the DPF can be found on the website of the US Department of Commerce at www.dataprivacyframework.gov/s/participant-search (in English).
Data processing under the Swiss DSG
In principle, the use of our website is subject to the legal provisions of the GDPR. If you also visit our website from Switzerland and if the associated data processing also affects you as a Swiss citizen , the present data protection provisions also apply to you in accordance with the GDPR under the Swiss Federal Act on Data Protection ("Swiss DSG" in the version of September 1, 2023).
The Swiss DSG does not generally require a legal basis to be specified. In this respect, we only process your data from Switzerland if the processing is lawful, carried out in good faith, and proportionate in accordance with Art. 6 (1) and (2) of the Swiss DSG. Furthermore, we only collect your data for specific purposes that are recognizable to the data subject and only process it in a manner that is compatible with these purposes in accordance with Art. 6 para. 3 of the Swiss DSG.
In this context, please also note that although certain terms are formulated differently under the GDPR, they have the same legal meaning as under the Swiss FADP. For example, the GDPR terms "processing" of "personal data," "legitimate interest," and "special categories of data" used in this privacy policy correspond to the terms "processing" of "personal data," "overriding interest," and "sensitive personal data" used in the Swiss FADP.
The rights of data subjects set out here in accordance with Art. 12 ff. GDPR can also be asserted by data subjects from Switzerland in accordance with the provisions of Art. 25 ff. Swiss DSG.
Minors under the age of 16
We would like to point out that legal guardians must supervise their children's online activities. Minors under the age of 16 should not transmit any personal data to us without the consent of their parents or legal guardians. We explicitly do not request personal data from minors under the age of 16, do not knowingly collect such data, and do not pass it on to third parties.
Use of your contact details
If you have purchased goods or services from us, we are entitled to send you information about our own similar goods and services to the email address provided at the time of purchase (Section 7 (3) of the German Law against unfair competition (Gesetz gegen de unlauteren Wettbewerb - UWG)). You can object to this use of your email address at any time, either in full or for individual measures, e.g. by email, fax or letter (comment: please specify email addresses here) at any time without incurring any costs other than the transmission costs according to the basic tariffs. In accordance with the legal requirements in Section 7 (3) UWG, we therefore use the email address you provided to us in connection with the purchase or service to inform you about our promotions, products or services by email.
Newsletter
General
You can subscribe to a free newsletter on our homepage, which we use to inform you about our current interesting offers. The advertised goods and services are named in the declaration of consent. The data you enter in the input mask during registration will be transmitted to us.
We collect the following data on the basis of the consent obtained from you during the registration process:
• Email address
• Title, if applicable
• First name, if applicable
• Last name, if applicable
Your data will not be passed on in connection with data processing for the purpose of sending newsletters. The data will be used exclusively for sending the newsletter.
Double opt-in and logging
Registration for our newsletter is carried out using a so-called double opt-in procedure. After registering, you will receive an email asking you to confirm your registration. This confirmation is necessary so that no one can register with someone else's email address.
Newsletter registrations are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation, as well as the IP address.
Legal basis
The legal basis for the processing of the data is Art. 6 para. 1 sentence 1 lit. a GDPR if the user has given their consent. The user's email address is collected for the purpose of delivering the newsletter.
Deletion, revocation, and objection
Your data will be deleted as soon as it is no longer required for the purpose for which it was collected. Your email address will therefore be stored for as long as your subscription to the newsletter is active. You can unsubscribe from the newsletter at any time by revoking your consent. A link for this purpose can be found in every newsletter.
We would also like to point out that you can object to the future processing of your personal data at any time in accordance with the legal requirements of Art. 21 GDPR. In particular, you can object to processing for direct marketing purposes.
We reserve the right to send you regular email offers for similar products from our range, provided that we have received your email address in connection with the sale of a product or service and you have not objected to its use. This is done on the basis of Section 7 (3) UWG (German Unfair Competition Act). You can object to the use of your email address for advertising purposes at any time for example, by sending an informal email. You will only incur transmission costs according to the basic rates.
Shipping service provider
Inxmail
The newsletter is sent using "Inxmail," a newsletter distribution platform provided by Inxmail GmbH, Wentzingerstr. 17, 79106 Freiburg, Germany.
The email addresses of our newsletter recipients, as well as their other data described in this notice, are stored on Inxmail's servers in Germany. Inxmail uses this information to send and evaluate the newsletters on our behalf. Furthermore, anonymized data is used to optimize or improve Inxmail services, e.g., for technical optimization of the dispatch and presentation of the newsletters, for statistical purposes, or to improve IT security. However, Inxmail does not use the data of our newsletter recipients to write to them itself or pass it on to third parties.
Inxmail's privacy policy can be found at https://www.inxmail.de/datenschutz.
Statistical survey
Please note that we evaluate your user behavior when sending the newsletter. For this evaluation, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website.
The data is collected exclusively in pseudonymized form, meaning that the IDs are not linked to your other personal data and cannot be directly traced back to you.
If you do not want our newsletter to be analyzed, you must unsubscribe from the newsletter. We provide a link for this purpose in every newsletter message. You can also unsubscribe from the newsletter directly on the website. The information is stored for as long as you are subscribed to the newsletter.
Hosting
We host the content of our website with the following provider:
DomainFactory
The provider is DomainFactory GmbH, Oskar-Messter-Str. 33, 85737 Ismaning (hereinafter DomainFactory). When you visit our website, DomainFactory collects various log files, including your IP addresses.
For details, please refer to DomainFactory's privacy: www.df.eu/de/datenschutz/
The use of DomainFactory is based on Art. 6 (1) lit. f GDPR. We have a legitimate interest in ensuring that our website is displayed as reliably as possible. If consent has been requested, processing is carried out exclusively on the basis of Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's end device (e.g., for device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Order processing We have concluded a Data Processing Agreement (DPA) with the advertising agency team digital GmbH, Hopfmannsfelder Straße 7, 36341 Lauterbach, which has arranged the hosting for our website on our behalf. Within the framework of this DPA, DomainFactory GmbH acts as a subcontractor of team digital GmbH. The DPA concluded is a contract required by data protection law, which ensures that the personal data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.
Electronic contact
If you would like to contact us, a contact form is available on our homepage, which you can use to contact us electronically. The data entered in the input mask is transmitted to us and stored. This data includes:
• Title
• First name
• Last name
• Email
• Phone
• Company
• Subject of inquiry (offer/application/purchasing/accounting/information)
For quotation
• Product group (packaging/display/services)
• Details of the quote
• Project name (required field)
• Circulation (mandatory field)
• Total annual requirement
• Target price per unit (mandatory field)
• Required certificates
• Your inquiry or message
• Feedback: Please send me a quote/Please call me back
For accounting purposes
• Invoice country (e.g., Germany, Hungary, CZ, UK)
• Desired department (accounts receivable or accounts payable)
• Accounts receivable or accounts payable number
• Your request or message
For purchasing
• Product/service type (e.g., paper/cardboard, logistics, machinery, services, IT)
• Locations (Germany, Hungary, CZ, UK)
• Company certifications (e.g., ISO 9001:2015, ISO 14001, ISO 50001)
• Your inquiry or message
Personal data
• Title (Mr./Ms.) (Required field)
• Last name (required field)
• First name (required field)
• Email (required field)
• Phone number (required field)
• Company (required field)
• Department
• Industry
• Website
• Street
• City
• Postal code
• Country
The following data is also stored when the message is sent:
• Date the contact form was sent
• Email address
• Form content
You can also contact us via the email address provided. In this case, the user's personal data transmitted with the email will be stored.
Your data will not be passed on to third parties in this context; the data will be used exclusively for the purpose of processing the communication.
The legal basis for processing the contact request and its handling is generally Art. 6 (1) (b) GDPR.
If further personal data is processed during the sending process, this is only to prevent misuse of the contact form and to ensure the security of our information technology systems.
Your data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. For personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
Application form
We offer you the opportunity to apply for a job with us (e.g., by email, by post to , or via the online application form). Unsolicited applications can also be sent to us by email.
If you send us an application, we will process your associated personal data (e.g., contact and communication data, application documents, notes taken during job interviews, etc.) to the extent necessary to decide whether to establish an employment relationship.
The legal basis for this is Section 26 of the German Federal Data Protection Act (BDSG) (initiation of an employment relationship), Article 6(1)(b) of the GDPR (general contract initiation) and if you have given your consent Article 6(1)(a) of the GDPR.
Consent can be revoked at any time.
Your personal data will only be passed on within our company to persons involved in processing your application.
If your application is successful, the data you submit will be stored in our data processing systems for the purpose of implementing the employment relationship on the basis of Section 26 BDSG and Art. 6 (1) (b) GDPR.
If we are unable to offer you a position, you decline a job offer, or you withdraw your application, we reserve the right to store the data you have provided on the basis of our legitimate interests (Art. 6 (1) lit. f GDPR) for up to 6 months after notification of the rejection decision or withdrawal of the application.
provided that no other legitimate interests of the controller prevent deletion. Other legitimate interests in this sense include, for example, the burden of proof in proceedings under the General Equal Treatment Act (AGG).
Or if it is apparent that the data will still be required after the six-month period has expired, for example due to an impending or pending legal dispute.
Longer storage may also take place if you have given your consent (Art. 6 (1) (a) GDPR) or if statutory retention obligations prevent deletion.
The data will then be deleted and the physical application documents destroyed. The storage serves in particular as evidence in the event of a legal dispute.
Your personal data will not be passed on to third parties.
Inclusion in the applicant pool
If we do not offer you a job, we may include you in our applicant pool. If you are included, all documents and information from your application will be transferred to the applicant pool so that we can contact you if a suitable vacancy arises.
Inclusion in the applicant pool is based exclusively on your express consent (Art. 6 (1) (a) GDPR). Consent is voluntary and is not related to the current application process. The data subject may revoke their consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, provided there are no legal reasons for retention.
The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.
Web analytics
Google Analytics 4
This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").
The use of Google Analytics 4 enables us to use a wide range of applications. We operate Google Analytics 4 using the following technologies:
• Cookies
This stores and retrieves information on your computer, which enables us to analyze your use of the website. The information generated about your use of this website is
usually transferred to a Google server in the USA and stored there. Your IP address is anonymized by default before being transferred to us and Google. The full IP address is transferred to a Google server in the USA, but is truncated there immediately. According to Google, the IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. The legal basis for the use of Google Analytics is your consent in accordance with Art. 6 (1) (a) GDPR.
During your visit to our website, your user behavior is recorded in the form of "events." Events can include:
• Page views
• First visit to the website
• Start of session
• Your "click path," interaction with the website
• Scrolls (whenever a user scrolls to the bottom of the page (90%))
• Clicks on external links
• Internal search queries
• Interaction with videos
• File downloads
• Ads viewed/clicked
• Language settings
The following can also be recorded:
• Your approximate location (region)
• Your IP address (in abbreviated form)
• Technical information about your browser and the devices you use (e.g., language settings, screen resolution)
• Your internet service provider
• The referrer URL (the website/advertisement through which you came to this website)
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website activity and internet usage to the website operator.
Recipients of the data may include:
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (as a processor pursuant to Art. 28 GDPR)
Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
We use Google Analytics to analyze and regularly improve the use of our website. The statistics obtained enable us to improve our offering and make it more interesting for you as a user. The legal basis for the use of Google Analytics is your consent in accordance with Art. 6 (1) (a) GDPR.
We store your data for a period of 14 months.
Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
Terms of use: marketingplatform.google.com/about/analytics/terms/de/,
Overview of data protection: policies.google.com;
and privacy policy: www.google.de/intl/de/policies/privacy.
Google Tag Manager
This website uses Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage website tags via an interface. The tool itself (which implements the tags) does not use cookies and, for technical reasons, only collects your IP address. The tool triggers other tags, which in turn may set cookies and collect data. Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
If we have obtained your consent, the legal basis for the use of Google Tag Manager is Art. 6 (1) (a) GDPR. Otherwise, the legal basis for the use of the technically necessary cookie is our legitimate interest pursuant to Art. 6 (1) (f) GDPR.
Further information can be found in the provider's terms of use at: www.google.com/intl/de/tagmanager/use-policy.html.
Google Recaptcha
Furthermore, we use the Google service ReCAPTCHA on our website to determine whether a human or a computer makes a certain entry in our contact or newsletter form.
Google uses the following data to check whether you are a human or a computer: IP address of the terminal device used, the website that you visit with us and on which the captcha is embedded, the date and duration of the visit, the recognition data of the browser and operating system type used, Google account if you are logged in to Google, mouse movements on the ReCAPTCHA areas ,as well as tasks in which you have to identify images.
The legal basis for the data processing is your informed consent according to Art. 6 para. 1 p. 1 lit. a GDPR. Otherwise it is Art. 6 para. 1 p.1 lit. f GDPR. Our legitimate interest in this data processing is to ensure the security of our website and protection against automated entries (attacks).
Further information on the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland can be found at https://www.google.com/policies/privacy/.
Opt-out: adssettings.google.com/authenticated.
Social media
We currently use the following social media platforms:
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Privacy policy/opt-out: http://instagram.com/about/legal/privacy/.
YouTube (Google)
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Privacy policy: policies.google.com/privacy
Opt-out: https://adssettings.google.com/authenticated
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland
Privacy policyhttps://www.linkedin.com/legal/privacy-policy
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
New Work SE, Am Strandkai 1, 20457 Hamburg, Germany
Privacy policy/opt-out:
https://privacy.xing.com/de/datenschutzerklaerung.
X (formerly Twitter)
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland
Privacy Policy: twitter.com/de/privacy
Opt-out: https://twitter.com/settings/account/personalization
Social media presence
We maintain fan pages on various social networks and platforms with the aim of communicating with customers, interested parties, and users who are active there and informing them about our services.
We would like to point out that your personal data may be processed outside the European Union, which may entail risks for you (e.g. in enforcing your rights under European/German law). User data is generally processed for market research and advertising purposes. For example, usage profiles can be created based on user behavior and the resulting interests. These usage profiles can in turn be used, for example, to place advertisements within and outside the platforms that are likely to correspond to the interests of the users. For these purposes, cookies are usually stored on users' computers, in which the usage behavior and interests of users are stored.
Furthermore, data can also be stored in the usage profiles independently of the devices used by users (in particular if users are members of the respective platforms and are logged in to them). The processing of users' personal data is based on our legitimate interests in effectively informing users and communicating with them in accordance with Art. 6 (1) (f) GDPR. If users are asked by the respective providers for consent to data processing (i.e., they declare their consent, e.g., by ticking a checkbox or confirming a button), the legal basis for processing is Art. 6 para. 1 sentence 1 lit. a GDPR.
Further information on the processing of your personal data and your options for objection can be found under the links listed for the respective provider. The assertion of information and other rights of the data subjects can also be made against the providers, but only those who have direct access to the users' data and have the relevant information. We are of course available to answer any questions you may have and will support you if you need help.
With some social media platforms, a supplementary agreement is concluded when operating a fan page. According to this agreement, data subjects' rights can generally be asserted both with the social media platform and with us. However, the primary responsibility for the processing of insights data in accordance with the GDPR
lies with the social media platform, which fulfills all obligations under the GDPR with regard to the processing of insights data. In this context, the social media platform makes the essentials of the page insights supplement available to the data subjects.
As the operator of the fan page, we do not make any decisions regarding the processing of Insights data and all other information arising from Art. 13 GDPR, such as the legal basis, the identity of the controller, and the storage period of cookies on user devices.
Audio and video conferences
We use online conference tools, among other things, to communicate with our customers. The specific tools we use are listed below. If you communicate with us via video or audio conference over the Internet, your personal data will be collected and processed by us and the provider of the respective conference tool. The following personal data is processed in this process:
• Cloud recordings
• Chat/instant messages
• Voicemails
• Uploaded photos and videos
• Files
• Whiteboards
• Other information shared while using the service
Processing is based on voluntary consent in accordance with Art. 6 (1) (a) GDPR and Art. 7 GDPR in conjunction with § 22 KunstUrhG (German Art Copyright Act).
Insofar as special categories of personal data are concerned (e.g., conclusions about ethnic origin, religion, health), processing is based on Art. 9 (2) (a) GDPR.
The recipients are as follows:
• Microsoft Ireland Operations Limited (Office 365/Teams) as a processor pursuant to Art. 28 GDPR
• Social media for planned publication: LinkedIn, YouTube, Instagram
• In addition, we would have further recipients within the STI Group via the intranet.
Consent can be revoked in whole or in part at any time without giving reasons. In the event of withdrawal of consent, the recordings in question will no longer be used in new publications or otherwise republished for the aforementioned purposes. In addition, the video, image, and audio recordings in question will be removed from publications within two weeks of withdrawal, as far as possible and within the area of responsibility of STI - Gustav Stabernack GmbH.
The video, image, audio, and video recordings will be deleted from the servers promptly after receipt of the revocation, subject to statutory or legal retention obligations.
Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Details on data processing can be found in the Microsoft Teams privacy policy: privacy.microsoft.com/en-us/privacystatement.
We have concluded a Data Processing Agreement (DPA) with the above-mentioned provider. This is a contract required by data protection law, which ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
