I. Name and address of the responsible party
The responsible party within the meaning of the EU General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection provisions for the website www.syniotec.de together with its sub-pages as well as for the use of the SAM platform (hereinafter “SAM”) is:
Responsible party: syniotec GmbH, represented by the managing directors Manuel Kimanov, Rezi Chikviladze
Am Wall 146, 28195, Bremen, Germany
Phone: +49 421 83679700
II. General information on data processing
1. Scope of the processing of personal data and legal basis of the processing
We process personal data of our users only to the extent permitted by data protection law. This is the case in particular in accordance with the following legal bases:
- Insofar as we obtain consent from you for processing operations of personal data, Art. 6 (1) lit. a DSGVO serves as the legal basis.
- Insofar as the processing of personal data is necessary for the performance of a contract to which you are a party, Art. 6 (1) (b) DSGVO serves as the legal basis. This also applies to processing operations that are carried out to implement pre-contractual measures in response to your request.
- Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1) c DSGVO serves as the legal basis.
- In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) (d) DSGVO serves as the legal basis.
- If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) lit. f DSGVO serves as the legal basis for the processing.
2. Data deletion and storage period
We store your data for as long as this is necessary for the provision of our online offer and the associated services or for the provision of our services or we have a legitimate interest in the continued storage. In all other cases, we delete your personal data with the exception of data that we must retain in order to comply with contractual or statutory (e.g. tax or commercial) retention periods (e.g. invoices). Contractual retention periods may also result from contracts with third parties (e.g., holders of copyrights and ancillary copyrights). We block data that is subject to a retention period until the period expires.
III. Disclosure of data to third parties; service providers
1. Disclosure of data to third parties
2. Service provider
We reserve the right to use service providers for the collection or processing of data. Service providers only receive the personal data from us that they require for their specific activities. For example, your e-mail address may be passed on to a service provider so that they can deliver a newsletter you have ordered. Service providers can also be contracted to provide server capacity. Service providers are usually involved as so-called order processors, who may only process personal data of the users of this online offer according to our instructions.
Insofar as service providers are not already named in these data protection provisions, these are the following categories of service providers:
- IT service provider (technical support), [Georgia]
- IT service provider (hosting), [Georgia]
- IT service provider (push notifications), [Georgia]
- Customer Support , [Germany]
3. Transfer of data to non-EEA countries
We also disclose personal data to third parties or processors located in non-EEA countries. If this is the case and the European Commission has not issued an adequacy decision (Art. 45 GDPR) for these countries, we ensure before the transfer that either an adequate level of data protection exists at the recipient (e.g., the agreement of so-called EU standard contractual clauses of the European Union with the recipient) or that sufficient consent has been obtained from our users. You can obtain from us an overview of the recipients in third countries and a copy of the specifically agreed arrangements for ensuring the appropriate level of data protection. Please use the information in the Contact section for this purpose.
IV. Data collection when visiting our website
1. Description and scope of data processing
During the mere informational use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect such data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
(1) Information about the browser type and version used.
(2) The operating system of the user
(3) The Internet service provider of the user
(4) Date and time of access
(5) Websites from which the user’s system accesses our Internet site
(6) IP address of the user
(7) Websites that are called up by the user’s system via our website
The data may also be stored in the log files of our system. This data will not be stored together with any other personal data of the user than those mentioned in this section V. 1. The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. f GDPR. The temporary storage of the IP address by the system is necessary to enable delivery of the website to your computer. For this, your IP address must remain stored for the duration of the session. The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 lit. f GDPR.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. Consequently, there is no possibility for the user to object.
V. Contact form and e-mail contact
In addition to this, cookies are set using Zendesk. These cookies are cookies that are technically necessary to ensure the technical functionality of the website and to protect the website from bot-controlled attacks.
The following data may be collected and processed as part of the contact forms that are integrated using Zendesk:
– E-mail address
– Phone number
Insofar as the data used in the contact forms are used to provide contractual services to data subjects, the legal basis for the processing is Art. 6 para. 1 lit. b GDPR. Furthermore, Art. 6 para. 1 lit. a DSGVO as the legal basis, provided that you have consented to the data processing.
The data processing that takes place via the cookies is based on Art. 6 para. 1 lit. f DSGVO – a legitimate interest. Our legitimate interest is that we need to ensure the functionality and security of our website. The personal data will be kept as long as they are necessary to fulfill the purpose of the processing. The data is deleted as soon as it is no longer required to achieve the purpose.
As part of processing via Zendesk, data may be transferred to the USA. The security of the transmission is regularly guaranteed via standard contractual clauses and binding corporate rules. If these standard contractual clauses and Binding Corporate Rules are not sufficient to establish an adequate level of security, Art. 49 para. 1 lit. a DSGVO serve as the legal basis.
VI. Cookies/Web Analytics Services and Consent Management Tool
To obtain and manage your consent, we use the consent management tool of the company Cookie Hub. You can also revoke your consent – insofar as you have given it to us – at any time for the future by clicking on the “Cookie settings” cogwheel at the bottom left.
We use the following cookies:
1. Google Analytics
This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics uses so-called cookies and similar technologies, which are stored on your computer and which enable an analysis of your use of the website. The information generated by the cookie about your use of this website (including the shortened IP address) is usually transmitted to a Google server in the USA and stored there.
This website uses Google Analytics exclusively with the extension “_anonymizeIp()”, which ensures an anonymization of the IP address by shortening and excludes a direct personal reference. By extension, your IP address will be truncated beforehand by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. In these exceptional cases, this processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.
On our behalf, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google.
As an alternative to the browser plugin or within browsers on mobile devices, please click on the following link to set an opt-out cookie that will prevent the collection by Google Analytics within this website in the future (this opt-out cookie only works in this browser and only for this domain, if you delete your cookies in this browser, you must click this link again):
This website uses the web analytics service Hotjar to analyze usage. Hotjar Ltd (St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta) complies with the provisions of the Data Protection Act, Chapter 440 of the Laws of Malta, which implements all relevant European Union directives on data protection. Hotjar is a service that analyzes user behavior and feedback on websites through a combination of analytics and feedback tools. Through Hotjar, syniotec GmbH gets a “big picture” of how to improve the end user experience and website performance. For this purpose, the following information is collected: The IP address of the terminal device (it is collected and stored in anonymized format), screen/display resolution, type of terminal device, operating system, browser type, geographic location (country only), preferred language, and mouse events (movements, position, and clicks). The collected data is transferred and stored via an encrypted connection to servers located in Ireland (EU). The sole purpose of this data collection is to improve the user experience on Hotjar-based websites. Personal data is neither collected nor stored. More information about Hotjar’s privacy compliance is available here: www.hotjar.com/privacy. You can opt-out of Hotjar’s collection of your data when visiting the syniotec Websites at any time by visiting Hotjar’s opt-out page and clicking on “Disable Hotjar” at https://www.hotjar.com/legal/compliance/opt-out. The legal basis is Art. 6 para. 1 S.1 lit. f GDPR.
3. Google Tag Manager
Our website also uses Google Tag Manager, which is provided for users from the European Economic Area and Switzerland by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and for all other users by Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (collectively “Google”). The Tag Manager is used to manage tracking tools and other services, so-called website tags. A tag is an element that is stored in the source code of our website, for example, to record specified usage data. The Google Tag Manager takes care of triggering other tags, which in turn may collect data. In some cases, the data is stored on a Google server in the USA. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
The legal basis for the use of the Google Tag Manager is Art. 6 para. 1 lit. f DSGVO, justified by our interest in efficient management of the tools we use.
You can find more detailed information in Google’s information on the tag manager.
4. Google Adwords
We use Google Adwords to draw attention to our services on external websites with the help of advertising media (so-called Google Adwords). We can determine how successful the individual advertising measures are in relation to the data of the advertising campaigns. In this way, we pursue the interest of displaying advertising that is of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs.
These advertising materials are delivered by Google via so-called “ad servers”. For this purpose, we use ad server cookies, through which certain parameters for measuring success, such as display of ads or clicks by users, can be measured. If you access our website via a Google ad, Google Adwords stores a cookie in your PC. These cookies usually expire after 30 days and are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.
These cookies allow Google to recognize your Internet browser. Provided that a user visits certain pages of the website of an Adwords customer and the cookie stored on his computer has not yet expired, Google and the customer can recognize that the user has clicked on the ad and was redirected to this page. A different cookie is assigned to each Adwords customer. Cookies can therefore not be tracked through the websites of Adwords customers. We ourselves do not collect or process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. These evaluations enable us to identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising media; in particular, we cannot identify users on the basis of this information.
Due to the marketing tools used, your browser automatically establishes a direct connection with Google’s server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of AdWords Conversion, Google receives the information that you have called up the corresponding part of our website or clicked on an ad from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will find out and store your IP address.
You can prevent participation in this tracking process in several ways:
a) By adjusting your browser software accordingly, in particular the suppression of third-party cookies will result in you not receiving ads from third-party providers;
b) By disabling cookies for conversion tracking by setting your browser to block cookies from the domain https://adssettings.google.com/authenticated, https://www.google.com/settings/ads, which setting will be deleted when you delete your cookies;
c) By disabling the interest-based ads of the providers that are part of the self-regulatory campaign “About Ads” via the link http://www.aboutads.info/choices, whereby this setting will be deleted when you delete your cookies;
d) By permanent deactivation in your browsers Firefox, Internetexplorer or Google Chrome under the link http://www.google.com/settings/ads/plugin. Please note that in this case you may not be able to use the full functionality of this website.
VII. Use of social plugins
We use social plugins (hereinafter “social plugins” or also “plugins”) from the following providers for our website presence:
Plugins from Facebook; Facebook is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (“Facebook”). The plugins are marked with a Facebook logo or the addition “Social Plug-in from Facebook” or “Facebook Social Plugin”. An overview of the Facebook plugins and their appearance can be found here: https://developers.facebook.com/docs/plugins
Information on data protection at Facebook can be found here: http://www.facebook.com/policy.php
Plugins from Instagram; Instagram is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”. An overview of the Instagram plugins and their appearance can be found here: https://help.instagram.com/2284971015132274
You can find information on data protection at Instagram here: https://help.instagram.com/155833707900388/
Plugins from Twitter; Twitter is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). An overview of the plugins from Twitter and their appearance can be found here: https://developer.twitter.com/en
Information on data protection at Twitter can be found here: https://twitter.com/privacy
Plugins from LinkedIn; LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA (“LinkedIn”). You can find an overview of LinkedIn’s plugins and their appearance here: https://developer.linkedin.com/plugins
Information on data protection at LinkedIn can be found here: https://www.linkedin.com/legal/privacy-policy
Plugins from Xing; Xing is operated by XING AG, Dammtorstraße 30, 20354 Hamburg, Germany (Xing). You can find an overview of the XING buttons and their appearance here: https://dev.xing.com/
Information on data protection at Xing can be found here: https://dev.xing.com/plugins/share_button/privacy_policy
6. How plugins generally work
With the aforementioned social plugins, we want to give you the opportunity to communicate directly with the provider of the respective plugin, for example, by clicking on a link. link this website there.
When using the plugins, your internet browser establishes a direct connection to the servers of the respective social network. This provides the respective provider with the information that your Internet browser has accessed the corresponding page of our online offer, even if you do not have a user account with the provider or are not currently logged in to it. Log files (including the IP address) are transmitted by your Internet browser directly to a server of the respective provider and may be stored there. If you are logged in to the plugin provider, the data we collect is directly assigned to your account with the plugin provider – if you do not want this, log out of the respective provider.
The provider or its server may be located outside the EU or the EEA (e.g. in the USA). Insofar as the providers of the social plugins transmit data to servers in the USA, we will only permit such transmission if you agree to such data transmission to the USA when visiting this website in accordance with Art. 49 para. 1 lit. a) DSGVO have agreed to.
If you do not want the plugin providers to receive and possibly store or further use the data collected via this Internet portal, you should not use the respective plugins. In principle, you can also completely prevent the loading of the plugins with the help of add-ons for your browser, so-called script blockers.
For more information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the privacy statements of the respective providers communicated above. There you will also receive further information about your rights in this regard and setting options for protecting your privacy.
The integration of the social plugins on our website is done in the interest of an appealing and contemporary online presentation of our company. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
We have integrated videos from the video platform of YouTube, LLC, 901 Cherry Ave. San Bruno, CA 94066, USA (“YouTube”) into our online offer, which are stored on http://www.YouTube.com and can be played directly from our website. These are all integrated in “extended data protection mode”, which means that no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos, the data mentioned below will be transferred.
Already by visiting our website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, log files (including the IP address) are transmitted from your Internet browser directly to a YouTube server and may be stored there. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data is directly assigned to your account. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) for the provision of tailored advertising and to inform other users of the social network about your activities on our website.
Insofar as YouTube transmits data to servers in the USA, we will only permit such transmission if you agree to such data transmission to the USA when visiting this website in accordance with Art. 49 para. 1 lit. a) DSGVO have agreed to.
The integration of YouTube is done in the interest of presenting essential product information to the customer and an appealing presentation of our online offer. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
IX. Google Maps
On this website we use the offer of Google Maps. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. (“Google”). This allows us to show you interactive maps directly in the website and enables you to use the map function comfortably.
Already by visiting our website, Google receives the information that you have called up the corresponding sub-page of our website. In addition, log files (including the IP address) are transmitted from your Internet browser directly to a Google server and may be stored there. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data is directly assigned to your account. If you do not want the assignment with your profile at Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) for the provision of tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right.
Insofar as Google transmits data to servers in the USA, we will only permit such transmission if you agree to such data transmission to the USA when visiting this website in accordance with Art. 49 para. 1 lit. a) DSGVO have agreed to.
The integration of Google Maps is in the interest of an appealing and up-to-date online presentation of our company. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
X. Use of the SAM platform
As far as you are our users of our platform SAM, we process the following personal data:
- Names of SAM users
- Name of the SAM user who reported an error
- Directorate / area of the SAM user who reported an error
- Attachments, if applicable screenshots of the own screen of the SAM user who reported an error
- Company e-mail of the SAM user
- Browser used by the SAM user
- url / link of the SAM environment used by the SAM user.
The processing is carried out in order to provide our contracted SAM services. The processing therefore takes place on the basis of Art. 6 (1) lit. b DSGVO or Art. 6 (1) lit. c DSGVO.
SAM uses the ticket system jira including the jira Issue Collector to record an error message from SAM. The provider of jira is Altlassian. If you report an error from SAM via the jira Issue Collector, the following personal data will be collected via the systems of: Name and email of the SAM user reporting the issue or, if different, of the SAM user who noticed the issue, personal data visible on the screenshot of the SAM user’s screen to be attached to describe the issue, if applicable, the browser used by the SAM user and the URL of the SAM environment used by the SAM user.
XI. Rights of the data subject
The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:
1. Right to information according to Art. 15 DSGVO
In particular, you have the right to obtain information about your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data have been or will be disclosed, the intended storage period or the criteria for determining the storage period, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it has not been collected from you by us, the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the logic involved and the scope and intended effects of such processing that concern you, as well as your right to be informed about what guarantees exist in accordance with Art. 46 DSGVO when your data is transferred to third countries;
2. Right to rectification according to Art. 16 DSGVO
You have a right to immediate correction of incorrect data concerning you and/or completion of your incomplete data stored by us;
3. Right to erasure according to Art. 17 DSGVO
You have the right to request the deletion of your personal data if the conditions of Art. 17 para. 1 DSGVO to demand. However, this right does not exist in particular if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
4. Right to restriction of processing pursuant to Art. 18 DSGVO
You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data, which you dispute, is verified, if you refuse the deletion of your data due to unauthorized data processing and instead request the restriction of the processing of your data, if you need your data for the assertion, exercise or defense of legal claims after we no longer need this data after the purpose has been achieved, or if you have objected on the grounds of your particular situation as long as it has not yet been determined whether our legitimate reasons prevail;
5. Right to information pursuant to Art. 19 GDPR
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients.
6. Right to data portability according to Art. 20 DSGVO
You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller, insofar as this is technically feasible;
7. Right to revoke consent given in accordance with Art. 7 para. 3 GDPR
You have the right to revoke your consent to the processing of data at any time with effect for the future. In the event of revocation, we will delete the data concerned without delay, unless further processing can be based on a legal basis for processing without consent. The revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until the revocation;
8. Right of appeal pursuant to Art. 77 GDPR
If you believe that the processing of personal data concerning you violates the GDPR, you have – without prejudice to any other administrative or judicial remedy – the right to lodge a complaint with the supervisory authority responsible for us. Alternatively, you can contact the data protection authority in your place of residence, which will then forward your request to the competent authority.
Due to our registered office in Bremen, the supervisory authority responsible for us is:
The State Commissioner for Data Protection and Freedom of Information, Arndtstraße 1, 27570 Bremerhaven, Germany
RIGHT OF OBJECTION
IF WE PROCESS YOUR PERSONAL DATA IN THE CONTEXT OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE AT ANY TIME ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO FURTHER PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.
IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.
XII. More information and contacts
If you have any further questions on the subject of data protection, please contact us at the contact address given in section I above.