Privacy Policy

Website

Privacy Policy

Table of content

1     Name and address of the data controller

2     Contact details of the data protection officer

3     General information on data processing

3.1       Scope of the processing of personal data

3.2       Legal basis for the processing of personal data

3.3       Data deletion and storage period

4     Rights of the data subject

4.1       The right of access by the data subject (Art. 15 GDPR)

4.2       Right to rectification (Art. 16 GDPR)

4.3       Right to restriction of processing (Art. 18 GDPR)

4.4       Right to erasure (“right to be forgotten”) (Art. 17 GDPR)

4.5       Right to data portability (Art. 20 GDPR)

4.6       Right to object (Art. 21 GDPR)

4.7       Right to complain to a supervisory authority

5     Provision of the website and creation of log files

5.1       Description and scope of data processing

5.2       Purpose of data processing

5.3       Legal basis for data processing.

5.4       Duration of storage

5.5       Possibility of opposition

6     Use of cookies

6.1       Description and scope of data processing

6.2       Purpose of data processing

6.3       Legal basis for data processing

7     Newsletter

7.1       Scope of the processing of personal data

7.2       Purpose of data processing

7.3       Legal basis for the processing of personal data

7.4       Duration of storage

7.5       Possibility of revocation and removal

8     Email contact

8.1       Description and scope of data processing

8.2       Purpose of data processing

8.3       Legal basis for data processing

8.4       Duration of storage

8.5       Possibility of opposition

9     Contact form

9.1       Description and scope of data processing

9.2       Purpose of data processing

9.3       Legal basis for data processing

9.4       Duration of storage

9.5       Possibility of opposition

10        Application by email and application form

10.1      Scope of the processing of personal data

10.2      Purpose of data processing

10.3      Legal basis for data processing

10.4      Duration of storage

10.5      Exercise your rights

11        Company appearances

11.1      Use of corporate presences in social networks

11.1.1       Twitter

11.1.2       YouTube

12        Use of company appearances in job-oriented networks

12.1      Scope of data processing

12.2      Legal basis for data processing

12.3      Purpose of data processing

12.4      Duration of storage

12.5      Possibility of opposition

13        Hosting

14        Geotargeting

15        Plugins used

15.1      Use of Contact Form 7

15.1.1       Scope of the processing of personal data

15.1.2       Purpose of data processing

15.1.3       Legal basis for the processing of personal data

15.1.4       Duration of storage

15.1.5       Possibility of revocation and removal

15.2      Use of OpenStreetMap

15.2.1       Scope of the processing of personal data

15.2.2       Purpose of data processing

15.2.3       Legal basis for the processing of personal data

15.2.4       Duration of storage

15.2.5       Possibility of revocation and removal

1 Name and address of the data controller

The responsible party within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:

SOMAG AG Jena
Am Zementwerk 8
07745 Jena
Germany
+49 3641 633 68 0
info@somag-ag.de
www.somag-ag.de

2 Contact details of the data protection officer

The data protection officer of the data controller is:

DataCo GmbH
Dachauer Straße 65
80335 München
Germany
+49 897400 45840
www.dataguard.de

3 General information on data processing

3.1 Scope of the processing of personal data

We process personal data of our users only insofar as this is necessary for the provision of a functional website and our content and services. The processing of personal data of our users is regularly only carried out with the consent of the user. An exception applies in those cases where obtaining prior consent is not possible for actual reasons and the processing of the data is required by legal regulations.

3.2 Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) sentence 1 lit. a GDPR serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) p. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 (1) p. 1 lit. c GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) p. 1 lit. d GDPR serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, Art. 6 (1) p. 1 lit. f GDPR serves as the legal basis for the processing.

3.3 Data deletion and storage period

The personal data of the data subject shall be deleted or blocked as soon as the purpose of the storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

4. Rights of the data subject

If personal data is processed by you, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

4.1 The right of access by the data subject (Art. 15 GDPR)

You have the right to request confirmation from us as to whether personal data concerning you are being processed.
If this is the case, you have the right to obtain information about this data and the following information:

  • Purposes of processing
  • Categories of personal data
  • Recipients or categories of recipients
  • Planned storage period or the criteria for determining this period
  • The existence of the rights of rectification, erasure or restriction or opposition
  • Right of appeal to the competent supervisory authority
  • If applicable, origin of the data (if collected from a third party)
  • If applicable, existence of automated decision-making including profiling with meaningful information about the logic involved, the scope and the effects to be expected
  • If applicable, transfer of personal data to a third country or international organization

4.2 Right to rectification (Art. 16 GDPR)

If your personal data is incorrect or incomplete, you have the right to request that the personal data be corrected or completed without delay.

4.3 Right to restriction of processing (Art. 18 GDPR)

If one of the following conditions is met, you have the right to request restriction of the processing of your personal data:

  • You dispute the accuracy of your personal data for a period of time that allows us to verify the accuracy of the personal data.
  • In the context of unlawful processing, you object to the erasure of the personal data and instead request the restriction of the use of the personal data.
  • We no longer need your personal data for the purposes of processing, but you need your personal data for the assertion, exercise or defense of your legal rights or
  • after you have objected to the processing, for the duration of the examination as to whether our legitimate reasons outweigh your reasons.


4.4 Right to erasure (“right to be forgotten”) (Art. 17 GDPR)

If one of the following reasons applies, you have the right to request immediate deletion of your personal data:

  • Your data is no longer necessary for the processing purposes for which it was originally collected.
  • You withdraw your consent and there is no other legal basis for the processing.
  • You object to the processing and there are no overriding legitimate grounds for the processing or you object pursuant to Art. 21 (2) GDPR.
  • Your personal data is processed unlawfully.
  • Erasure is necessary for compliance with a legal obligation under Union law or the law of the member state to which we are subject.
  • The personal data was collected in relation to information society services offered in accordance with Article 8(1) GDPR.

Please note that the above reasons do not apply insofar as the processing is necessary:

  • For the exercise of the right to freedom of expression and information;
  • For compliance with a legal obligation or for the performance of a task carried out in the public interest to which we are subject.
  • For reasons of public interest in the area of public health.
  • For archival, scientific or historical research purposes in the public interest or for statistical purposes.
  • For the assertion, exercise or defense of legal claims.

4.5 Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, common and machine-readable format or to request the transfer to another controller.

4.6 Right to object (Art. 21 GDPR)

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art. 6 (1) sentence 1 lit. e or f GDPR. This also applies to profiling based on these provisions.

If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.

4.7 Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR. A list, of the locally competent supervisory authorities in Germany can be found on the website of the Federal Commissioner for Data Protection at the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html.

5 Provision of the website and creation of log files

5.1 Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected:

  • Information about the browser type and the version used.
  • The operating system of the user
  • The user’s Internet service provider
  • The IP address of the user
  • Date and time of access
  • Websites from which the user’s system accesses our website
  • Web pages that are accessed by the user’s system via our website

This data is stored in the log files of our system. This data is not stored together with other personal data of the user.

5.2 Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session.
The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 p. 1 lit. f GDPR.

5.3 Legal basis for data processing

The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 p. 1 lit. f GDPR.

5.4 Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

5.5 Possibility of opposition

The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. The user can object to this. Whether the objection is successful is to be determined in the context of a balancing of interests.

6 Use of cookies

6.1 Description and scope of data processing

When you visit our website, we use technical aids for various functions, in particular cookies, which can be stored on your terminal device. When you call up our website and at any time later, you have the choice of whether you generally permit the setting of cookies or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager. Cookies are text files or information in a database that are stored on your hard drive and assigned to the browser you are using so that certain information can flow to the entity that sets the cookie. Below we describe the type of cookies we use.

We use technically necessary cookies, which are required for the technical structure of the website. Without these cookies, our website cannot be displayed (completely correctly) or the support functions are not possible.

The following data is stored and transmitted by the technically necessary cookies:

  • Entered search terms
  • Frequency of page views
  • Use of website functions

We use cookies on our website that are not technically necessary. Technically non-essential cookies are text files that are not solely used to enable the website to function, but also collect other data.

By setting technically non-essential cookies, the following data is processed:

  • IP address
  • Location of the Internet user
  • Date and time of calling the website
  • Tracking of the surfing behavior
  • Linking of the website visit with other social media platforms

6.2 Purpose of data processing

The purpose of using technically necessary cookies is to ensure the functionality of our website. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.
We require the technically necessary cookies for the following applications:

  • Remembering search terms
  • Functionality of the website

The use of technically unnecessary cookies is for the purpose of improving the quality of our website, its content and thus our reach and profitability. By setting these cookies, we learn how the website is used and can thus constantly optimize our offer.

6.3 Legal basis for data processing

The provisions of the Telecommunications Telemedia Data Protection Act (TTDSG) are relevant for the storage of information in the end user’s terminal equipment and/or access to information already stored in the end user’s terminal equipment. If the setting and reading of cookies is technically necessary, this is done to ensure the functionality of our website. In this case, the storage of and access to cookies on your terminal equipment is carried out on the basis of Section 25 (2) No. 2 TTDSG. This storage and access to the information in your terminal equipment serves to facilitate your use of our website and to be able to offer you our services as you have requested. Some functions of our website also do not work without the use of these cookies and could therefore not be offered. The cookies are generally deleted after the session ends (e.g. logging out or closing the browser) or after the expiry of a specified duration. Information about different storage periods for cookies can be found in the following sections of this privacy policy.

Insofar as cookies are used that are not technically necessary, this is done on the basis of your express consent, which you can give via the cookie banner. The basis for the storage and access to information in this case is § 25 para. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a), Art. 7 GDPR. You can revoke your consent at any time with effect for the future or subsequently grant it again by configuring your settings for cookies accordingly. Alternatively, you can prevent the storage of cookies by making appropriate settings in your browser software. Please note that the browser settings you make only affect the browser you are using. If personal data is processed following the storage of and access to the information on your terminal equipment, the provisions of the GDPR are relevant. Information on this can be found in the following sections of this privacy policy.

7 Newsletter

7.1 Scope of the processing of personal data

We use the service provider Sendinblue of Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany (hereinafter referred to as: Sendinblue) to send our newsletters. Sendinblue is a provider of email and SMS marketing and enables us to communicate directly with potential customers via email and SMS newsletters. If you register for the newsletter, the data you enter when registering for the newsletter will be transmitted to Sendinblue and stored there. This may result in further personal data being stored and evaluated, in particular the activity of the user (in particular which pages have been visited and which elements have been clicked on) and device and browser information (in particular the IP address and the operating system). For this purpose, your data will also be stored by Sendinblue. Your data will not be disclosed to third parties for the purpose of receiving the newsletter, nor will Sendinblue obtain the right to disclose your data. After registration Sendinblue will send you an email to confirm your registration. Furthermore, Sendinblue offers various analysis options on how the sent newsletters are opened and used, e.g. to how many users an email or SMS was sent, whether emails or SMS were rejected and whether users unsubscribed from the list after receiving an email or SMS.

For more information on the processing of data by Sendinblue, please click here: https://de.sendinblue.com/legal/privacypolicy/

7.2 Purpose of data processing

The personal data collected in the context of a registration for the newsletter will be used exclusively for sending our newsletter, possibly for invitations to events and, if you are already our customer, for our customer mail. Furthermore, subscribers to the newsletter could be informed by email if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter offer or changes in the technical circumstances.

7.3 Legal basis for the processing of personal data

The legal basis for the processing of the personal data of the users is basically the consent of the user according to Art. 6 para. 1 p.1 lit. a GDPR.

7.4 Duration of storage

Your personal information will be retained for as long as necessary to fulfill the purposes described in this Privacy Statement or as required by law. In addition, you may contact Sendinblue and request deletion of your information.

7.5 Possibility of revocation and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
You can revoke your consent to the storage of data, as well as its use for sending the newsletter by Sendinblue at any time. You can exercise your revocation at any time by emailing Sendinblue or by clicking on the link provided in each newsletter.
For more information on objection and removal options vis-à-vis Sendinblue, please visit: https://de.sendinblue.com/legal/privacypolicy/

8 Email contact

8.1 Description and scope of data processing

On our website, it is possible to contact us via the email address provided. In this case, the personal data of the user transmitted with the email will be stored.
The data is used exclusively for processing the conversation.

8.2 Purpose of data processing

In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data.

8.3 Legal basis for data processing

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) lit. f GDPR. Our legitimate interest is to optimally answer your inquiry that you send by e-mail.
If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b GDPR.

8.4 Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

8.5 Possibility of opposition

If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
To do so, send us an informal email with your revocation of consent and your objection to the storage to info@somag-ag.de.
All personal data stored in the course of contacting us will be deleted in this case.

9 Contact form

9.1 Description and scope of data processing

Our website contains a contact form that can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and stored.

At the time the message is sent, the following data is stored:

  • Email address
  • Name
  • First name
  • IP address of the calling computer
  • Date and time of contact

9.2 Purpose of data processing

The processing of personal data from the input mask of the contact form or via the provided e-mail address serves us solely to process the contact.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

9.3 Legal basis for data processing

The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest is to optimally answer your inquiry that you send to us via contact form. If the email contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 p. 1 lit. b GDPR.

9.4 Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

9.5 Possibility of opposition

If the user contacts us via the input mask in the contact form, he can object to the storage of his personal data at any time.
To do so, send us an informal e-mail with your revocation of consent and your objection to storage to info@somag-ag.de.
All personal data stored in the course of contacting us will be deleted in this case.

10 Application by email and application form

10.1 scope of the processing of personal data

Our website contains an application form that can be used for electronic applications. If an applicant takes advantage of this option, the data entered in the input mask will be transmitted to us and stored. These data are:

  • Salutation
  • First name
  • Name
  • Address
  • Telephone / mobile phone number
  • Email address
  • Salary requirement
  • Information about education and schooling
  • Language skills
  • Curriculum vitae
  • Testimonials
  • Photo
  • Birthday

Alternatively, you can also send us your application by email. In this case, we will record your email address and the data you provide in the email.
After sending your application, you will receive a confirmation of receipt of your application documents by email from us.
Your data will not be passed on to third parties. The data will be used exclusively for the processing of your application.

10.2 Purpose of data processing

The processing of personal data from the application form serves us solely to process your application. In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data.
The other personal data processed during the submission process serve to prevent misuse of the application form and to ensure the security of our information technology systems.

10.3 Legal basis for data processing

The legal basis for the processing of your data is the initiation of a contract at the request of the data subject, Art. 6 para. 1 p. 1 lit. b Alt. 1 GDPR and § 26 para. 1 p. 1 BDSG.
The legal basis for the processing of data in the context of the applicant pool is the explicit declaration of consent by the applicant, Art. 6 para. 1 p. 1 lit. a, Art. 7 GDPR. You can revoke your consent at any time with effect for the future.

10.4 Duration of storage

After completion of the application process, the data will be stored for up to six months. Your data will be deleted after the six months at the latest. In the event of a legal obligation, the data will be stored within the scope of the applicable provisions.
Any additional personal data collected during the submission process will be deleted after a period of seven days at the latest.
After completion of the application process, the data will be stored for up to six months. Your data will be deleted after the six months at the latest. In the event of a legal obligation, the data will be stored within the scope of the applicable provisions.
If the field permanent data storage has been selected, the data will be stored permanently.

10.5 Exercise your rights

The applicant has the option to object to the processing of personal data at any time. If the applicant contacts us by e-mail, he or she may object to the storage of his or her personal data at any time. In such a case, the application can no longer be considered.
All personal data stored in the course of electronic applications will be deleted in this case.
If you have consented to the processing by the data controller by means of a corresponding declaration, you can revoke your consent at any time for the future. The legality of the data processing carried out on the basis of the consent until the revocation is not affected by this.

11 Company appearances

11.1 Use of corporate presences in social networks

11.1.1 Twitter

Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland.

On our company website, we provide information and offer Twitter users the opportunity to communicate. If you carry out an action on our Twitter company website (e.g. comments, posts, likes, etc.), it may be that you make personal data (e.g. clear name or photo of your user profile) public. However, since we generally or to a large extent have no influence on the processing of your personal data by Twitter, which is jointly responsible for the SOMAG AG Jena corporate presence, we cannot provide any binding information on the purpose and scope of the processing of your data.

We use our corporate presence in social networks for communication and information exchange with (potential) customers. In particular, we use the corporate presence for:

  • Presentation of the company and our products.

In this context, publications via the corporate presence may contain the following content:

  • Information about products
  • Information about services
  • Customer contact

Every user is free to publish personal data through activities.
Insofar as we process your personal data in order to evaluate your online behavior, offer you sweepstakes or conduct lead campaigns, this is done on the basis of your express declaration of consent, Art. 6 para. 1 p. 1 lit. a, Art. 7 GDPR. The legal basis for processing personal data for the purpose of communicating with customers and interested parties is Art. 6 para. 1 p. 1 lit. f GDPR. Thereby, our legitimate interest is to answer your request optimally or to be able to provide the requested information. If the aim of contacting you is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) lit. b GDPR.

The data generated by the company website is not stored in our own systems.

For the processing of your personal data in third countries, we have provided suitable guarantees in the form of standard data protection clauses pursuant to Art. 46 (2) lit. c GDPR. A copy of the standard data protection clauses can be requested from us.

You can object at any time to the processing of your personal data that we collect in the course of your use of our Twitter – company presence and assert your data subject rights as stated under IV. of this data protection declaration. To do so, send us an informal email to info@somag-ag.de. For more information on the processing of your personal data by Twitter and the corresponding objection options, please click here: https://twitter.com/de/privacy

11.1.2 YouTube

YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, United States.

On our company website, we provide information and offer YouTube users the opportunity to communicate. If you carry out an action on our YouTube corporate site (e.g. comments, posts, likes, etc.), you may make personal data (e.g. clear name or photo of your user profile) public. However, since we generally or to a large extent have no influence on the processing of your personal data by YouTube, the company jointly responsible for the SOMAG AG Jena corporate presence, we cannot provide any binding information on the purpose and scope of the processing of your data.

We use our corporate presence in social networks for communication and information exchange with (potential) customers. In particular, we use the corporate presence for:

  • Presentation of the company and our products.

In this context, publications via the corporate presence may contain the following content:

  • Information about products
  • Information about services
  • Customer contact

Every user is free to publish personal data through activities.

Insofar as we process your personal data in order to evaluate your online behavior, offer you sweepstakes or conduct lead campaigns, this is done on the basis of your express declaration of consent, Art. 6 para. 1 p. 1 lit. a, Art. 7 GDPR. The legal basis for processing personal data for the purpose of communicating with customers and interested parties is Art. 6 para. 1 p. 1 lit. f GDPR. Thereby, our legitimate interest is to answer your request optimally or to be able to provide the requested information. If the aim of contacting you is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) lit. b GDPR.

The data generated by the company website is not stored in our own systems.

For the processing of your personal data in third countries, we have provided suitable guarantees in the form of standard data protection clauses pursuant to Art. 46 (2) lit. c GDPR. A copy of the standard data protection clauses can be requested from us.

You can object at any time to the processing of your personal data that we collect in the course of your use of our YouTube – company presence and assert your data subject rights mentioned under 4. of this privacy policy. To do so, send us an informal email to info@somag-ag.de.

For more information on the processing of your personal data by YouTube and the corresponding objection options, please click here: https://policies.google.com/privacy?gl=DE&hl=de

12 Use of company appearances in job-oriented networks

12.1 Scope of data processing

We use the possibility of company appearances in profession-oriented networks. We maintain a company presence on the following profession-oriented networks:

LinkedIn, Unlimited Company Wilton Place, Dublin 2, Ireland.

On our site, we provide information and offer users the opportunity to communicate.
The company presence is used for job applications, information/PR and active sourcing.

We do not have any information on the processing of your personal data by the companies jointly responsible for the corporate presence. For more information, please refer to the privacy policy of: LinkedIn: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

If you carry out an action on our company website (e.g. comments, posts, likes, etc.), it may be that you make personal data (e.g. clear name or photo of your user profile) public.

12.2 Legal basis for data processing

The legal basis for the processing of personal data for the purpose of communication with customers and interested parties is Art. 6 para. 1 p.1 lit. f GDPR. Our legitimate interest is to answer your request optimally or to be able to provide the requested information. If the aim of contacting you is to conclude a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

12.3 Purpose of data processing

Our company website serves to inform users about our services. In doing so, every user is free to publish personal data through activities.

12.4 Duration of storge

We store your activities and personal data published via our corporate website until you revoke your consent. In addition, we comply with the statutory retention periods.

12.5 Possibility of opposition

You can object at any time to the processing of your personal data that we collect in the course of your use of our company website and assert your data subject rights as stated under IV. of this data protection declaration. To do so, send us an informal email to the email address stated in this data protection declaration.

Further information on how to exercise your rights can be found here: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

13 Hosting

The website is hosted on servers by a service provider contracted by us.
Our service provider is: Internetx
The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Date and time of server request
  • IP address

This data is not merged with other data sources. The collection of this data is based on Art. 6 para. 1 lit. f GDPR. Our legitimate interest for processing this data is to display our website without errors and to optimize its functions.
The location of the server of the website is geographically in Germany.

14 Geotargeting

We use the IP address and other information provided by the user (in particular zip code in the context of registration or ordering) for regional targeting (so-called “geotargeting”).

Regional targeting is used, for example, to automatically show you regional offers or advertising that are often more relevant to users. The legal basis for the use of the IP address and, if applicable, other information provided by the user (in particular zip code) is Art. 6 (1) lit. f GDPR, based on our interest in ensuring more precise targeting and thus providing offers and advertising with higher relevance for users.

In this context, a part of the IP address as well as the additional information provided by the user (in particular zip code) are only read and not stored separately.

You can prevent geotargeting by using, for example, a VPN or proxy server that prevents precise localization. In addition, depending on the browser used, you can also deactivate a location localization in the corresponding browser settings (insofar as the respective browser supports this).

We use geotargeting on our website for the following purposes:

  • Customer targeting
  • Advertising purposes

15 Plugins used

We use plugins for various purposes. The plugins used are listed below:

15.1 Use of Contact form 7

15.1.1 Scope of the processing of personal data

We use the WordPress plugin Contact Form 7 from RockLobster LLC, Sakai 810-0001 Fukuoka Prefecture Chuo-ku Tenjin 1-chome 8-1, Fukuoka City Hall, Japan (hereinafter: RockLobster) to manage contact forms on our online presence. Entered form data is transmitted via email. Personal data can be stored and evaluated, especially the activity of the user (in particular, which pages have been visited and on which elements have been clicked) and device and browser information (in particular, the IP address and the operating system). In the process, data may be transmitted to RockLobster servers in Japan. Regarding Japan, there is an adequacy decision of the European Union. You can find it here: https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=OJ:L:2019:076:TOC

For more information on the processing of data by Contact Form 7, please click here: https://contactform7.com/privacy-policy/

15.1.2 Purpose of data processing

The use of the Contact Form 7 plugin serves to improve the user-friendliness of our online presence. We use this plug-in to easily create contact forms, integrate them and present them in an appealing way.

15.1.3 Legal basis for the processing of personal data

The legal basis for the processing of the personal data of the users is basically the consent of the user according to Art. 6 para. 1 p.1 lit. a GDPR.

15.1.4 Duration of storage

Your personal information will be retained for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law, such as for tax and accounting purposes.

15.1.5 Possibility of revocation and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

You can prevent the collection as well as the processing of your personal data by Contact Form 7 by preventing the storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

For more information on opt-out and removal options vis-à-vis Contact Form 7, please visit: https://contactform7.com/privacy-policy/

15.2 Use of OpenStreetMap

15.2.1 Scope of the processing of personal data

We use the plugin OpenStreetMap of the OpenStreetMap Foundation, OpenStreetMap Foundation St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom (hereinafter: OpenStreetMap).

We use the plugin from OpenStreetMap to visually display geographical data and embed it on our online presence. In doing so, the following data is processed by OpenStreetMap:

  • IP address
  • Geographical data (point lines and areas with associated attributes and GPS tracking data)
  • Communication related data
  • Session metadata
  • User ID and login name
  • Time & date of access
  • Email address associated with the account
  • Network access data

The provider of this online presence has no influence on the data transmission. Furthermore, a session cookie is set. The website, API servers, databases and supporting services servers are currently located in the United Kingdom and the Netherlands.

For more information on the processing of data by OpenStreetMaps, please click here: https://wiki.osmfoundation.org/wiki/Privacy_Policy

15.2.2 Purpose of data processing

The use of OpenStreetMap is in the interest of an appealing presentation of our online offers and an easy findability of the places indicated by us on the online presence.

15.2.3 Legal basis for the processing of personal data

The legal basis for the processing of the personal data of the users is basically the consent of the user according to Art. 6 para. 1 p.1 lit. a GDPR.

15.2.4 Duration of storage

We do not have any information about the duration of the storage.

15.2.5 Possibility of revocation and removal

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

You can prevent the collection as well as the processing of your personal data by OpenStreetMap by preventing third-party cookies from being stored on your computer, by using the “Do Not Track” function of a supporting browser, by disabling the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

For more information on objection and removal options vis-à-vis OpenStreetMap, please visit: https://wiki.osmfoundation.org/wiki/Privacy_Policy


This privacy policy was created with the support of DataGuard.

Facebook Fan page

Privacy Policy

1 Principles

1.1 Common responsible for the processing of personal data

The purposes and means of processing personal data when visiting our Facebook page https://www.facebook.com/somagagjena (“Facebook Page”) are determined by SOMAG AG Jena, Am Zementwerk 8, 07745 Jena, Germany (“SOMAG AG Jena”)

and Meta Platforms Ireland Ltd (“Facebook”) jointly within the meaning of Art. 26 of the EU General Data Protection Regulation (GDPR). This results from the fact that SOMAG AG Jena, as the operator of the Facebook page, by setting up such a page gives Facebook the opportunity to place cookies on the computer or any other device of the person visiting the Facebook page (“visitor”), regardless of whether the visitor has a Facebook account.

Facebook assumes primary responsibility under the GDPR for the processing of Insights Data as part of its shared responsibility and complies with all obligations under the GDPR with respect to the processing of Insights Data (including, without limitation, Articles 12 and 13 of the GDPR, Articles 15 to 22 of the GDPR, and Articles 32 to 34 of the GDPR). In addition, Facebook provides the essence of this Page Insights Addendum to data subjects (the relevant “Page Insights Controller Addendum” can be found here: https://www.facebook.com/legal/terms/page_controller_addendum

Below you will find a description of how personal data is handled by SOMAG AG Jena and Facebook when visiting the Facebook page. However, since SOMAG AG Jena generally or to a large extent has no influence on the data collected by Facebook and its processing by Facebook, we are currently unable to provide any conclusive information on the purpose and scope of the processing of your data by Facebook. However, we will monitor further developments in this regard and adapt this privacy policy accordingly if necessary.

We would like to point out that you use this Facebook page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (in particular commenting, sharing, rating).

1.2 Name and address of the jointly responsible persons

a) The primary responsible party is:

Facebook
Meta Platforms Ireland Ltd.
4 Gran Canal Square
Grand Canal Harbour
Dublin 2 Ireland

b) Further responsible person is:

SOMAG AG Jena
Am Zementwerk 8
07745 Jena
Germany
Tel.: +49 3641 633 68 0
Mail: info@somag-ag.de
Website: www.somag-ag.de

1.3 Contact options of the data protection officer of the primary responsible Facebook

You can contact the data protection officer of the primary controller Facebook at the following link: https://www.facebook.com/help/contact/540977946302970

1.4 Name and address of the data protection officer of the other personal responsible

You can reach the data protection officer of the other responsible party SOMAG AG Jena under:

DataCo GmbH
Dachauer Str. 65
80335 München
Germany
+49 89 7400 45840
www.dataguard.de

1.5 Legal basis for the processing of personal data

Insofar as consent of the data subject is obtained for processing operations of personal data, Art. 6 para. 1 p.1 lit. a (DSGVO) serves as the legal basis for the processing of personal data.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 S.1 lit. b DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as processing of personal data is necessary for compliance with a legal obligation to which SOMAG AG Jena or Facebook is subject, Art. 6 (1) sentence 1 lit. c DSGVO serves as the legal basis.

In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) sentence 1 lit. d DSGVO serves as the legal basis.

If the processing is necessary to protect a legitimate interest of SOMAG AG Jena, Facebook or a third party and if the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 para. 1 S.1 lit. f DSGVO serves as the legal basis for the processing.

1.6 Possibility of objection and eliminiation

The visitor has the possibility to revoke his consent to the processing of personal data at any time (see also rights of data subjects). If the visitor contacts us by e-mail, he can object to the storage of his personal data at any time.
The collection of data for the provision of the Facebook page and the storage of the data in log files is mandatory for the operation of the Facebook page. Consequently, there is no possibility of objection on the part of the visitor.

1.7 Rights of the data subjects

If personal data is processed by you, you are a data subject within the meaning of the DSGVO and you are entitled to the following rights vis-à-vis the persons responsible:

  • Right to information about your personal data stored by SOMAG AG Jena or Facebook;
  • Right to correction, deletion or restriction of the processing of your personal data;
  • Right to object to processing which serves the legitimate interests of SOMAG AG Jena or Facebook, a public interest or profiling, unless SOMAG AG Jena or Facebook can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims;
  • Right to data portability;
  • Right to lodge a complaint with a supervisory authority;
  • Right to revoke your granted consents for the collection, processing and use of your personal data at any time with effect for the future.

If you wish to exercise your rights, you can address your request to both SOMAG AG Jena and Facebook. For this purpose, you can use the contact options listed above, for example. If you contact us, we will forward your request, insofar as it concerns questions regarding the processing of Insights data, to Facebook. Facebook will respond to inquiries in accordance with our obligations under the Page Insights Supplement.

2 Processing of personal data by SOMAG AG Jena

2.1 Purpose of data processing

SOMAG AG Jena maintains online presences within social networks in order to communicate with interested parties and users active there and to be able to inform them there about our products, events and news.

When you call up our Facebook page (regardless of whether you are logged into your Facebook account or not), your browser transmits certain data to the web server for which Facebook is responsible for technical reasons. In addition, Facebook uses so-called “cookies”. Cookies are small text files that are stored in the memory of your end device via your browser. Cookies set by Facebook are intended, among other things, to enable SOMAG AG Jena, as operator of the Facebook page, to obtain statistics that Facebook compiles on the basis of visits to this page for the purpose of controlling the marketing of our activities.

2.2 Description and scope of data processing

As the operator of the Facebook page, SOMAG AG Jena can obtain anonymized statistical data concerning the visitors to our Facebook page with the help of the Facebook Page Insights function, which Facebook provides to us free of charge as a non-derogable part of the user relationship. This data is collected using cookies set by Facebook, each of which contains a unique user code that Facebook stores on the visitor’s terminal device. The user code, which can be linked to the login data of such users who are registered with Facebook, is collected and processed when the Facebook page is accessed.

In particular, the fan page operator may receive demographic data provided by Facebook about its target audience – and thus the processing of such data, including. Trends in age, gender, relationship status and professional situation, information about the lifestyle and interests of his target audience and information about the purchases and online purchasing behavior of visitors to his page, the categories of goods or services they are most interested in, as well as geographical data that inform him about where to carry out special promotions or organize events and, more generally, allow him to target his information offer as much as possible.

Although the visitor statistics generated by Facebook are transmitted exclusively in anonymous form to SOMAG AG Jena as the operator of the Facebook page, the generation of these statistics is based on the prior collection – through the cookies set by Facebook on the end device of the visitors – and the processing of the personal data of these visitors for these statistical purposes. For more information on Facebook Page Insights, please visit:

https://de-de.facebook.com/help/pages/insights

Likewise, data on the Facebook groups linked to our Facebook page are provided in this way. Due to the constant development of Facebook, the availability and processing of the data changes, so for further details on this we refer to the privacy notices of Facebook mentioned in the previous paragraph and below under “PROCESSING OF PERSONAL DATA BY FACEBOOK” corresponding.

We use this data, which is available in aggregated form, to make our posts and activities on our Facebook page more attractive to users. For example, we use the distributions by age and gender for an adapted address and the preferred visiting times of the users for a time-optimized planning of our posts. Information about the type of end devices used by visitors helps us to adapt the visual design of the posts accordingly. In accordance with the Facebook Terms of Use, which each user has agreed to as part of creating a Facebook profile, we can identify subscribers and fans of the site and view their profiles and other shared information from them.

In addition to this automatically collected anonymized data, we also process the data that you have voluntarily provided to us in the context of, for example, comments on posts or contacting us.

If you click on the link https://www.facebook.com/somagagjena (you are currently on this page), which is set on the Facebook fan page of SOMAG AG Jena, you will be taken to a sub-page of the SOMAG AG Jena website.

Personal data is also processed on this page. The data protection declaration applicable to these pages can be found here: https://www.somag-ag.de/privacy-policy/

2.3 Data deletion and storage period

Personal data is deleted or blocked as soon as the purpose for storing it no longer applies. Storage may still be necessary if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which SOMAG AG Jena is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need to continue storing the data for the conclusion or fulfillment of a contract.

3 Processing of personal data by Facebook

3.1 Purpose of data processing

Facebook processes personal data of visitors according to its own information for the following purposes:

  • Providing, personalizing and improving Facebook products;
  • Providing measurement, analytics and other Facebook services;
  • Promoting privacy, integrity and security;
  • Communicating with Facebook users;
  • Research and innovation for social purposes.

For more information about Facebook’s data processing purposes, please see the Facebook Data Policy: https://de-de.facebook.com/policy.php

For more information on Facebook’s legitimate interests regarding the processing of personal data, please see: https://de-de.facebook.com/about/privacy/legal_bases

When you access our Facebook page (regardless of whether you are logged into your Facebook account or not), your browser transmits certain data to the web server for which Facebook is responsible for technical reasons. In addition, “cookies” are used by Facebook. Facebook uses cookies, among other things, to provide SOMAG AG Jena, as the operator of the Facebook page, with statistics for the purpose of controlling the marketing of our activities. Further information on the use of cookies by Facebook can be found in the Facebook Cookie Policy: https://de-de.facebook.com/policies/cookies/

3.2 Description and scope of data processing

3.2.1 What types of information does Facebook process?

In order to provide Facebook products, it is necessary for Facebook to process information about visitors. The types of information collected by Facebook depend on how the visitor uses the Facebook Products. In this regard, the following information may be processed by Facebook:

Things done and provided by visitors and others, such as information about how the visitor uses Facebook Products, information about transactions made on Facebook Products, or information about the people, pages, accounts, hashtags, and groups with which the visitor is connected.

Device information such as device attributes, identifiers, network and connections, and cookie data.

Information from partners, according to which advertisers, app developers, and publishers may send information to Facebook through the Facebook business tools they use, including the social plugins (such as the “Like” button), Facebook Login, or the Facebook Pixel. These partners provide Facebook with information about the visitor’s activities outside of Facebook.

In addition, Facebook uses cookies that are set on the end device of the visitor when the Facebook page is called up, regardless of whether the visitor is logged into his Facebook account or not. In addition, Facebook also processes the information stored in the cookies when a person visits Facebook services, services provided by other members of the Facebook group of companies, and services provided by other companies that use Facebook services. In addition, other entities such as Facebook partners and other third parties may use cookies on the Facebook Services to provide services to Facebook or the companies advertising on Facebook. For more information about Facebook’s use of cookies, please see Facebook’s Cookie Policy: https://de-de.facebook.com/policies/cookies/

When you access a Facebook page, the IP address assigned to your terminal device is transmitted to Facebook. According to Facebook, this IP address is anonymized (for “German” IP addresses) and deleted after 90 days. Facebook also stores information about its users’ end devices (in particular as part of the “login notification” function); this may enable Facebook to assign IP addresses to individual users.

If you would like to avoid this, you should log out of Facebook or deactivate the “stay logged in” function, delete the cookies present on your device and exit and restart your browser. In this way, Facebook information through which you can be directly identified will be deleted. This will allow you to use our Facebook page without revealing your Facebook identifier. When you access interactive features of the page (Like, Comment, Share, Message, etc.), a Facebook login screen will appear. After any login, you will again be recognizable to Facebook as a specific user.

For information on how to manage or delete information about you, please visit the following Facebook support pages: https://de-de.facebook.com/about/privacy

For more information about the types of information Facebook processes, please see the Facebook Data Policy: https://de-de.facebook.com/policy.php

3.2.2 How is the information Facebook processes shared with others?

Facebook works with third-party partners who help Facebook provide and improve its products or who use Facebook business tools to help Facebook grow its business. In doing so, information may be shared by Facebook with the following third party partners:

  • Partners using Facebook analytics services;
  • Advertisers;
  • Measurement partners;
  • Partners who provide goods and services in Facebook products;
  • Vendors and service providers;
  • Researchers and scientists;
  • Law enforcement or enforcement agencies or legal requests.

For more information about the data Facebook may share with third party partners, please see the Facebook Data Policy: https://de-de.facebook.com/policy.php

3.2.3 How does Facebook process and transfer data as part of its global services?

Facebook shares information globally, both internally between Facebook companies and externally with its partners, as well as with those individuals or organizations that the visitor connects with and shares with around the world. In the process, data may also be transferred to and processed in the United States or other third countries that do not have an adequate level of data protection. In this regard, Facebook uses standard data protection clauses approved by the European Commission or relies on adequacy decisions issued by the European Commission regarding specific countries.
For more information on data transfers by Facebook, please refer to the Facebook Data Policy: https://de-de.facebook.com/policy.php

3.3 Data deletion and retention period

Facebook retains data until it is no longer needed to provide its services and Facebook products or until the user’s Facebook account is deleted, whichever occurs first. This is a case-by-case determination and depends on things like the type of data, why it is being collected and processed, and relevant legal or operational storage needs.

For more information on data deletion and retention periods, please see Facebook’s Data Policy: https://de-de.facebook.com/policy.php

Regarding the retention period of cookies set by Facebook, you can find more information in the Facebook Cookie Policy: https://de-de.facebook.com/policies/cookies/

This privacy policy was created with the support of DataGuard.

Legal notice

Disclaimer & Protection of intellectual property

Disclaimer: We assume no liability for the content of external links, even if we examine them carefully. The content of the linked pages are the sole responsibility of their operators.

Protection of intellectual property: Texts, pictures and drawings on this website are generally protected by copyright. The content of this website may not be copied, distributed, modified or made accessible to third parties for commercial purposes without our express written consent. This website does not grant a license to use the intellectual property of us or third parties. In particular, no rights of use are granted. This also applies to non-commercial use.