Data Protection Notice

Version 1.5

We take the protection of your personal data very seriously and strive to provide you with comprehensive information about the processing of your personal data. The following privacy policy explains how and for what purposes we process your personal data when you visit our website or contact us.

As a rule, the personal data of yours that we collect is obtained directly from you. The statutory basis is, in particular, the EU General Data Protection Regulation (GDPR).

1.1. Controller within the meaning of Article 4(7) GDPR

The controller within the meaning of Article 4(7) GDPR is:

Schwarz IT KG
Stiftsbergstraße 1
74172 Neckarsulm

Email: personalmarketing@mail.schwarz

2. Communication by email

2.1. Purpose of data processing and legal basis

We treat all personal data that we receive from you by e-mail confidentially. We use your data solely for the limited purpose of processing your inquiry.

The legal basis for the processing is Article 6(1)(f) GDPR. Our legitimate interest arises from the interest in responding to your inquiries so that the satisfaction of our website users is ensured and promoted.

2.2. Recipients / categories of recipients

As a rule, we do not transfer the data to third parties outside Schwarz IT KG. In exceptional cases, we will have a processor process the data on our behalf. Such processors are carefully selected and bound by contract in accordance with Article 28 GDPR.

2.3. Obligation to provide your data

You are under no statutory or contractual obligation to provide personal data to us. However, if you do not provide us with the data required to process your request, we will not be able to process or respond to it.

2.4. Storage duration / criteria for determining the storage duration

We delete or securely anonymize all personal data we receive from you when you make inquiries no later than 90 days after the final response is sent to you. The information is retained for 90 days in case you contact us again after a receiving a response from us on the same matter and we need to refer to our previous correspondence. Based on experience, we generally do not receive any questions concerning our responses after 90 days. If you assert your rights as a data subject, your personal data will be stored for three years after the final response in order to document the fact that we provided you with comprehensive information and that the legal requirements have been met.

3. Data processed when you visit our website

3.1. Purposes and legal basis of data processing

When you visit our website and the associated subdomains or subpages, log files are generated with the following content:

The website / application from which you access our site (referrer URL);
The IP address;
The date and time of access;
The client request;
The http response code;
The data volume transmitted;
The name and URL of the requested file;
The information about the browser you are using and the operating system you are using;
The name of your Internet service provider

3.2. Recipients / categories of recipients

As a rule, we do not transfer the data to third parties outside Schwarz IT KG. In exceptional cases, we will have a processor process the data on our behalf. Such processors are carefully selected and bound by contract in accordance with Article 28 GDPR.

3.3. Obligation to provide your data

You are under no statutory or contractual obligation to provide personal data to us. However, such data will be processed for technical reasons as soon as you access our site. The only way to prevent your data from being processed is to stop using our website.

3.4. Storage duration

Data will be stored for a period of seven months and automatically deleted thereafter.

4. Use of cookies

We, Schwarz IT KG, Stiftsbergstraße 1, 74172 Neckarsulm, Germany, are the controller with respect to data processing in connection with the use of "cookies" and other similar technologies to process usage data on our website and the associated sub-domains and sub-pages.

Cookies are small text files that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any harm to your end device, nor do they contain any viruses, trojans or other malware. The cookie stores certain information that results in connection with the specific end device deployed. This does not, however, mean that we will immediately become aware of your identity.

You may also configure your browser to ensure that a warning appears every time a new cookie is placed. This makes the use of cookies more transparent for you. You may also configure your browser to refuse acceptance of all or some cookies from certain sources. Please be advised, however, that disabling cookies may limit the functionality of this website.

4.1. Purposes and legal basis of data processing

Cookies and the other technologies used to process usage data are deployed for the following purposes, depending on the categories of cookie/other technologies:

Technically necessary: Necessary cookies help make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Preferences: Using these methods, we can take into account your actual or perceived preferences to enhance the user experience. For example, we can use your settings to display our websites in a language relevant to you. They also mean we can avoid displaying products that may not be available in your region.
Statistics: These technologies enable us to tailor the design of our services by producing anonymized statistics about how they are used. For example, we can use them to determine how better to adapt our websites to user habits.
Marketing: These enable us to display relevant advertising content based on an analysis of your usage behavior. Your usage behavior can also be tracked over various websites, browsers or devices via a user ID (unique identifier).

In the context of the use of cookies and similar techniques for processing usage data, the following types of personal data are processed in particular, depending on the purpose:

Technically necessary: Consent to cookie preferences

Comfort: Settings that serve to optimize the output of the cards.

Statistics:

Pseudonymized user profiles with information about the use of our website. These include in particular:
- Browser type / version,
- operating system used,
- Referrer URL (the previously visited page),
- Host name of the accessing computer (IP address),
- Time of the server request,
- individual user ID and
- Events triggered on the website (surfing behavior)

The IP addresses are regularly anonymized, so that conclusions can be drawn about your person.
Based on the user ID itself, it is not possible for us to draw any conclusions about you. We share the user ID and the associated usage profiles with third parties via the providers of advertising networks.

Marketing:

Pseudonymized user profiles with information about the use of our website. These include in particular:
- IP address,
- individual user ID;
- potential product interests,
- Events triggered on the website (surfing behavior).
- The IP addresses are regularly anonymized so that conclusions can be drawn about your person.

Based on the user ID itself, it is not possible for us to draw any conclusions about you. We share the user ID and the associated usage profiles with third parties via the providers of advertising networks.

The legal basis for using preferences, statistics and marketing cookies and similar technologies is your consent given pursuant to Article 6(1)(a) GDPR and section 25(1) sentence 1 of the German Telecommunications and Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutz-Gesetz – TTDSG). The legal basis for using technically necessary cookies and similar technologies is your consent given pursuant to Article 6(1)(f) GDPR and section 25(2) no. 2 TTDSG. We have a legitimate interest in ensuring the technical stability and security of website operation.

You may withdraw/modify your consent at any time with effect for the future without this affecting the lawfulness of the processing based on consent before its withdrawal.

To change your consent for cookies and similar technologies we use, please click here and make your selection.

For an overview of the cookies and other technologies we use, including the respective purpose of processing, storage periods and any third-party providers involved, see our cookie policy.

4.2. Recipients / categories of recipients

When using cookies and similar technologies to process usage data, we may on occasion retain specialized service providers, particularly from the field of online marketing, to process data. These service providers process data on our behalf.

If you have consented to processing for marketing purposes, we may potentially share your User ID and the associated user profiles with third parties via the providers of advertising networks.

For information about other recipients in connection with using cookies to process data, see our cookie policy under the heading "Providers"

4.3. Transfer of data to third countries

If we transfer data to recipients in a third country (located outside of the European Economic Area), this will be evident in the information on the recipients/categories of recipient in the description of the respective data processing. Some third countries have been certified by the European Commission through so-called adequacy decisions as having a level of data protection comparable to that offered in the European Economic Area. A list of these countries is available at http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.html. Where no comparable data protection standard exists in a given country, we take other measures to ensure that an adequate level of data protection is guaranteed by other means, such as binding corporate rules, the European Commission's standard contractual clauses on the protection of personal data, certificates or recognized codes of conduct. For further information, please contact our data protection officer (section 6).

4.4. Obligation to provide your data

You are under no statutory or contractual obligation to provide personal data to us. You may prevent cookies from being stored by adjusting the aforementioned settings, selecting the categories of cookies accordingly or withdrawing or modifying any consent you may have given.

4.5. Storage duration

For information on the duration of storage for cookies, see our cookie policy. If "persistent" is entered in the "expiration" column, the cookie will be stored permanently until the corresponding consent is withdrawn.

5. Our social media sites

5.1. Responsibilities

The party responsible for the collection and processing of data described below (the controller) is in some cases us, Schwarz IT Holding Stiftung & Co. KG, and in some cases the operator of the relevant social media platform. For certain types of processing, we and the platform operator act as joint controllers as defined in Article 26 GDPR.

We use the following social media sites:

LinkedIn: https://www.linkedin.com/company/schwarzit/

5.1.1. The platform operator as controller

We have only limited control over the processing of data by the operators of social media platforms (e.g., the management of members and the information shared). In the situations in which we are able to have influence and can set parameters for the data processing, we endeavor to ensure within the confines of the options available to us that the social media platform operator deals with the data in accordance with data protection law requirements. In many cases, however, we are unable to influence the way in which social media platform operators process data and also do not know exactly which data they process.

Platform operators operate the entire IT infrastructure of the service, have their own privacy policies and maintain their own user agreements with you (where you are a registered user of the social media service). The operator is also solely responsible for all questions relating to the data that makes up your user profile, which we as a company have no access to.

You will find further information about the data processing performed by social media platform operators and your rights to object in the privacy policies of the operators:

LinkedIn: https://www.linkedin.com/legal/privacy-policy?trk=d_org_guest_company_overview_footer-privacy-policy

5.1.2. Schwarz IT Holding Stiftung & Co. KG as the controller

5.1.2.1. Purposes and legal basis of processing

We process data on our social media sites for the purpose of providing information to customers about services, promotions, prize draws, specific topics and latest company news, to interact with visitors to our social media sites on these topics, and to respond to relevant inquiries and positive or negative feedback.

We merely reserve the right to delete content if it becomes necessary to do so. We may share your content on our site if this is one of the functions of the social media platform, and communicate with you through the social media platform. Article 6(1)(f) GDPR is the legal basis for this. The processing is carried out for the purpose of our public relations work and communications. Operators have no ability to influence our processing of your data in connection with customer communications or prize draws. As already mentioned, where social media platform operators give us the option, we make sure we design our social media sites to be as compliant as possible with data protection laws.

5.1.2.2. Recipients/categories of recipient

The data entered by you on our social media sites, such as comments, videos, images, likes, public messages, etc., is published by the social media platforms and is not used or processed by us for other purposes at any time. We merely reserve the right to delete unlawful content if it becomes necessary to do so. This would be the case, for example, for posts that infringe rights or violate the law, comments that incite hatred, offensive comments (sexually explicit content) or attachments (e.g., images or videos), which may be in violation of copyright laws, moral rights/rights of publicity or criminal law.

We may share your content on our site if this is one of the functions of the social media platform, and communicate through the social media platform. If you post an inquiry on the social media platform, we may also, depending on the required response, refer you to other more secure modes of communication that guarantee confidentiality. You always have the option of sending confidential inquiries to us at ur address listed under A. above or in the “legal notice” section of our website.

5.1.2.3. Obligation to provide your data

You are under no statutory or contractual obligation to provide personal data to us. When you use our social media sites for purely informational purposes, we do not collect any personal data. You can still visit our sites even if you do not wish to provide us with any personal data, but you will not be able to use any enhanced features such as the news function and the function allowing you to post images or comments etc.

5.1.2.4. Storage time

We delete or securely anonymize all information we receive from you when you make inquiries no later than 90 days after the final response is sent to you. The information is retained for 90 days in case you contact us again after a receiving a response from us on the same matter and we need to refer to our previous correspondence. Based on experience, we generally do not receive any questions concerning our responses after 90 days. If you assert your rights as a data subject, your personal data will be stored for three years after the final response in order to document the fact that we provided you with comprehensive information and that the legal requirements have been met.

All public posts that you put on our social media sites remain in the timeline for an indefinite period, unless we delete them as part of updating the information on the topic, they violate the law or breach our guidelines or policies, or you delete the post yourself. We have no control over the deletion of your data by the operator itself. The privacy policy of the relevant operator therefore also applies in relation to the storage period.

5.2. Processing as joint controllers

In some cases, we and the operator of the social media service act as joint controllers as defined in Article 26(1) GDPR:

We and the platform operator act as joint controllers with regard to the web tracking methods used by the social media platform operator. Web tracking can occur regardless of whether you are logged in or registered on the social media platform. As already explained, unfortunately we have almost no control over the web tracking methods used by social media platforms. We are unable, for example, to switch web tracking off.

The legal basis for the web tracking methods is Article 6(1)(f) GDPR. Optimizing social media platforms and the relevant fan pages is seen as a legitimate interest for the purpose of the above provision.

For further information about recipients and categories of recipients and the duration of data storage and the criteria for determining the storage period, please refer to the privacy policies of the platform operators. We do not have any control over this.

We have only a very limited ability to influence and prevent the provision of statistics to us by social media platform operators. However, we do make sure that we do not receive any additional optional statistics.

Please be aware that it is possible that social media platforms will use your profile and user behavior data in order to analyze, for example, your habits, personal relationships and preferences etc Schwarz IT Holding Stiftung & Co. KG has no control over the processing or disclosure of your data by social media platform operators.

6. Your rights as data subject

Pursuant to Article 15(1) GDPR, you have the right to request information, free of charge, on the personal data stored about you.

If the statutory requirements are met, you also have a right to rectification (Article 16 GDPR), erasure (Article 17 GDPR) and restriction of processing (Article 18 GDPR) of your personal data.

If the basis of processing is Article 6(1)(e) or (f) GDPR, you have a right to object under Article 21 GDPR. If you object to processing, your data will no longer be processed thereafter, unless the controller demonstrates compelling legitimate grounds for the processing which override the interests of the data subject in the objection.

If you have provided the processed data yourself, you have a right to data portability under Article 20 GDPR.

If the data processing is carried out on the basis of consent granted under Article 6(1)(a) or Article 9(2)(a) GDPR, you may revoke that consent at any time with effect for the future without this affecting the lawfulness of the previous processing.

In the above-mentioned cases, or if you have questions or complaints, please write to or e-mail the data protection officer. You also have a right to lodge a complaint with a data protection supervisory authority. The data protection supervisory authority located in the state in which you live or where the controller is domiciled has jurisdiction.

7. Contact

For further questions concerning the processing of your data or the exercise of your rights, please contact the controller's competent data protection officer.

datenschutz süd GmbH
- Keyword Schwarz IT KG -
Wörthstraße 15
97082 Würzburg

Email: office@datenschutz-sued.de