Data protection, Cookie Guidelines

Welcome to the shared website of sonnen GmbH and sonnen eServices GmbH, which both have its seat at Am Riedbach 1, 87499 Wildpoldsried, Germany.

Thank you for your interest in our company and our products. We attribute considerable importance to protecting your private sphere. In the following, we provide you with information about the collection, processing and use of your data when you visit our website. This always takes place in compliance with the data protection regulations.

The collection, processing and the use of personal data are subject to the provisions of the currently valid laws and the EU General Data Protection Regulation (GDPR). According to Art. 4(1) GDPR, all information which relates to an identified or identifiable natural person is defined as personal data. This can include, for example, their name, address, email address, date of birth, nationality, profession, data concerning health, religion etc.

The Data Controller in terms of Art. 4(7) GDPR is the company sonnen GmbH, Am Riedbach 1, 87499 Wildpoldsried, info@sonnen.de (referred to below as “sonnen”). The company is represented by its managing directors: Christoph Ostermann, Oliver Koch, Hermann Schweizer, Philipp Schröder and Steffen Schneider. By clicking on the appropriate links you can access the legal notice, which contains further information.

If you contact sonnen by email or via the contact form, we will store the data that you provide (your email address, your name and your telephone number, if applicable) in order to process your enquiries and to answer any follow-up enquiries that you may have. Your data will not be forwarded to third parties without your consent. The processing of this data only takes place on the basis of Art. 6(1) sent. 1 (a) GDPR. The data that arises in this context will remain in our possession until you request its erasure, you revoke your previous consent for its storage, or the purpose for the data processing no longer exists. In this connection, the statutory retention obligations and other compulsory legal provisions remain unaffected.

If we rely on contracted service providers for individual functions of our offering or would like to use your data for advertising purposes, we inform you in detail about the respective processes, as stated below. In this respect, the criteria determined for the retention period will also be stated.

Your rights

With regard to your personal data, you have the following rights towards sonnen:

  • right of access
  • right to rectification or erasure
  • right to the restriction of processing
  • right of objection to the processing
  • right to data portability.

You also have the right to lodge a complaint to a supervisory authority for data protection regarding the processing of your personal data by sonnen.

Collection of personal data when visiting our website

If you only visit our website for informative purposes, i.e. if you do not register or otherwise transfer information to us, we will only collect the personal data that your browser transfers to our server. If you wish to view our website, we will collect the following data, which we require from a technical perspective so that we can display our website and ensure its stability and security (legal basis is Art. 6(1) sent. 1 (f) GDPR):

  • IP address
  • date and time of the request
  • time zone difference to the Greenwich Mean Time (GMT)
  • content of the request (specific page)
  • access status / HTTP status code
  • data volume transferred in each instance
  • website from which the request originates
  • browser
  • operating system and its interface
  • language and version of the browser software

Further functions and offerings of our website

In addition to the use of our website for information purposes only, we offer a variety of services that you can use if you are interested. To do so, you usually have to provide further personal data that we will use to provide the relevant service and to which the data processing principles referred to above apply.

To process your data, we sometimes make use of external service providers. These service providers have been carefully selected and commissioned by us, are bound by our instructions, and are checked at regular intervals.

We can also forward your personal data to third parties if the participation in campaigns, competitions, the conclusion of contracts or similar services are offered by us together with partners. You will receive further information about this when you provide your personal data and/or in the description of the offer provided below.

The processing of your data takes place on the basis of Art. 6(1) sent. 1 (a) GDPR.

If our service providers or partners are based in a nation state which is not part of the European Economic Area (EEA), we will inform you on the consequences of this in the description of the offering.

SSL and/or TLS encryption

For security reasons and in the interests of protecting the transfer of confidential content such as orders or enquiries you may send us, an SSL and/or TLS encryption is used on this website. You can recognise an encrypted connection, as the address line on your browser changes from “http://” to “https://”, and the lock symbol will be displayed in your browser line.

If SSL and/or TLS encryption is active, the data that you transfer to us cannot be read by third parties.

Objection to or withdrawal of your consent to the processing of your data

If you have provided us your consent to the processing of your data, you can withdraw it at any time. Such a withdrawal affects the legitimacy of the processing of your personal data following your declaration of such a withdrawal.

Insofar as we base the processing of your personal data on a balancing of interests, you can submit an objection to its processing. This is particularly relevant to cases in which the processing is not necessary for fulfilling a contract with you, which we will clarify in each case in the following description of the functions. If you exercise such an objection, we ask you to provide the reasons why you do not want us to complete the processing of your personal data. In the case of your justifiable objection, we will check the facts and either discontinue the data processing and/or adjust it or provide you with the compelling and legitimate grounds on which we will continue with the processing.

It is naturally the case that you can object to the processing of your personal data for the purposes of advertising and data analysis at any time. You can inform us of your objection to processing for advertising purposes via the following contact details: sonnen GmbH, Am Riedbach 1, 87499 Wildpoldsried, info@sonnen.de.

Use of cookies

In addition to the aforementioned data, cookies will be stored on your computer when you use our website. Cookies are small text files which are assigned to the browser that you use on your hard drive and which allow the organisation that places the cookie (in this case, sonnen) to receive certain information. Cookies cannot run programs or transmit viruses to your computer or end device. Their purpose is to make the internet offering more user-friendly and effective overall. The legal basis for the use of cookies is Art. 6(1) (f) GDPR.

This website uses transient and persistent cookies. Transient cookies are automatically deleted when you close your browser. These include, in particular, session cookies. These store what is referred to as the “session ID”, with which various requests from your browser can be assigned to the shared session. This will allow your computer to be recognised if you return to our website. Session cookies are erased as soon as you log out or close your browser. Persistent cookies are automatically erased after a specific period of time which can differ according to the cookie. You can erase the cookies in your security settings of your browser at any time.

You can restrict or completely prevent the use of cookies. You can also set the security settings in your browser in such a way that you are informed about the placing of cookies and you can decide to accept them on a case-by-case basis. You can allow or block temporary and stored cookies independently of each other, generally block cookies and subsequently erase existing cookies. Please note, however, that in the case of the erasure and deactivation of cookies, you may not be able to use all the functions offered by this website.

Use of analysis programmes

For the improvement and needs-based configuration of our products, internet offerings and services, we collect statistical data regarding user behaviour. This does not entail the personal data being collected or provided to others in an anonymised or only pseudonymised form in compliance with the data-protection provisions. The following solutions and technologies are used for this purpose.

Google Analytics

On our website and for our online offerings we use Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

Google Analytics uses cookies, small text files that are stored on your computer and which enable an analysis of the use of our internet offerings. The information about the use of our website (including the IP address of the user) which is generated by the cookie will be transferred to a Google server in the USA and stored there.

Google will use this information to analyse the use of the website, to compile reports about the website activities for the website’s operator and to provide further services which are connected to the use of this website and of the internet. If legally required, or if third parties process this data on behalf of Google, Google may also forward this information to third parties. With the statistics that we obtain, we can improve our offer and make it more interesting for you, the user. The legal basis for the use of Google Analytics is Art. 6(1) sent. 1 (f) GDPR.

Our website also uses the Google Analytics reports function on demographic attributes. In this respect, data from interest-based advertising from Google as well as visitor data from third party service providers (e.g. age, gender and interests) are used. This data cannot be associated with a specific person. The function can be deactivated at any time using the display settings. With the statistics that we obtain, we can improve our offer and make it more interesting for you, the user. The legal basis for the use of Google Analytics is Art. 6(1) sent. 1 (f) GDPR.

You can prevent the storage of the cookies by setting your browser software accordingly; please note, however, that in this case, you may not be able to use all the functions of this website to their full extent. You can also prevent the collection of the data generated by the cookie relating to the use of our website (including the IP address) at Google and/or the processing of this data by Google by downloading and installing the browser plug-in which is available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB.

You can find information from Google about the conditions of use at: https://www.google.com/analytics/terms/de.html, the data protection overview at: http://www.google.com/intl/de/Analytics/terms/learn/privacy.html, the privacy policy at: http://www.google.com/intl/de/policies/privacy.

Google has agreed to comply with the EU-US Privacy Shield, https://www.privacy-shield.gov/EU-US-Framework.

We have concluded a contract on the processing of data with Google according to which we will implement the strict requirements of the German data protection authorities during the use of Google Analytics.

Use of Google Analytics Add-on

We have also adapted the code of Google Analytics for the protection of the user. In the case of activation of IP anonymization on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. In this respect, an exact localisation of geographical location is impossible. The IP address transferred by your browser in the context of Google Analytics will not be combined with any other data from Google. If you wish to object to a transfer of your data for preventive reasons, you can also download and install the “Google Analytics Opt-out Browser Add-on”. This is available on the Google website under the external link: https://tools.google.com/dlpage/gaoptout?hl=de. Additional external links on the data protection information regarding Google Analytics are available here: http://www.google.com/intl/de/analytics/learn/privacy.html, the general privacy policy of Google is available here: http://www.google.de/intl/de/policies/privacy/.

We are unable to assume any liability for errors caused by the add-on. Alternatively, you can change the security settings in your browser. Further information is available in the handbook for the respective browser which is used.

Google AdSense

On this website, sonnen also uses Google AdSense, another service of Google Inc. with which advertisements can be embedded on web pages. Google AdSense also uses cookies. By storing the cookies on your computer, Google is able to analyse the use of this website. Web Beacons are also used with Google AdSense. These are small, invisible graphics. In this way, Google can analyse information such as clicks on this website or the traffic on the appropriate sub-pages. With the statistics that we obtain, we can improve our offer and make it more interesting for you, the user. The legal basis for the use of Google Analytics is Art. 6(1) sent.1 (f) GDPR.

The stated information, your IP address and the provision of advertising formats are transferred to Google servers in the USA and stored by them. Google may forward all of this information to third parties if this is legally required or in cases in which third parties are hired to process this data on behalf of Google.

You are able to prevent the aforementioned cookies from being stored on your computer. To do this, it is necessary for you to make the appropriate setting in your web browser. This may restrict your use of this website, however.

Use of Google AdWords

sonnen uses the online advertising program “Google AdWords” and within the scope of Google AdWords, “conversion tracking”. Google conversion tracking is an analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). When you click on an advertisement placed by Google, a cookie will be placed on your computer for the conversion tracking. These cookies become invalid after 30 days and contain no personal data, which means they do not serve the purpose of personal identification.

If you visit certain pages on our website and the cookie is still valid, Google and sonnen can detect that you have clicked on the advertisement and were forwarded to this web page. Every Google AdWords customer receives a different cookie. It is therefore impossible to track cookies via the websites of AdWords customers.

Information obtained using the conversion cookie is used to compile conversion statistics for AdWords customers who have opted for conversion tracking. In this respect, the customers receive information on the total number of users who have clicked on their advertisement and have been forwarded to a web page with a conversion tracking tag. They do not, however, receive any information which can be used for the personal identification of users. The legal basis for the use of Google AdWords is Art. 6(1) sent.1 (f) GDPR.

If you do not want to take part in the conversion tracking, you can object to its use by setting your browser software accordingly, which will prevent the cookies from being installed (disabling option). This means that you will not be included in the conversion tracking statistics. Further information and the Google Privacy Policy is available at: http://www.google.com/policies/technologies/ads/ and http://www.google.de/policies/privacy/.

Hotjar

We use Hotjar software on our website. This is an analysis software from Hotjar Ltd. Further information is available at: http://www.hotjar.com, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta, Europe. Hotjar allows the user behaviour (clicks, mouse movements, scrolling positions, etc.) on our website to be measured and evaluated. In this respect, the information about your visit to our website which is generated by the tracking code and cookies will be transferred to the Hotjar server in Ireland and stored there. The following information is collected by the tracking code:

Device-dependent data

The following information can be recorded by your device and your browser:

-      The IP-address of your device (collected and saved in an anonymised format).

-      Your email address including your first name and surname insofar as you have provided these to us on our website.

-      The screen size of your device.

-      The device type and browser information.

-      Your geographical location (your country only).

-      The preferred language for displaying our website accordingly.

-      User interactions.

-      Mouse events (movement, position and clicks).

-      Keyboard entries.

Log data

The following data are created by our server automatically in the scope of the use by Hotjar:

-      The referring domain.

-      The visited web pages.

-      The geographical location (the country only).

-      The preferred language for displaying our website accordingly.

-      The data and time at which the website was accessed.

With the information generated, Hotjar evaluates your use of our website, compiles corresponding reports, and provides services relating to the use and internet evaluation of the website. With the statistics that we obtain, we can improve our offer and make it more interesting for you, the user. The legal basis for the use of Hotjar is Art. 6(1) sent. 1 (f) GDPR. For the provision of services, Hotjar also uses services of third-party companies, such as Google Analytics and Optimizely. These third party companies can store information which your browser sends during the website visit, such as cookies or IP requests. For further information on how Google Analytics and Optimizely store and use data, please refer to their respective privacy policies.

If you continue to use this website, you agree to the processing of the aforementioned data by Hotjar and its third party providers in the scope of the respective privacy policies.

The cookies used by Hotjar have a different “lifetime”; some remain valid for up to 365 days, while others are only valid during the current visit.

You can prevent Hotjar from collecting your data by clicking on the following link and following the instructions provided: Hotjar Opt-out.

Use of social media plug-ins

We currently use the following social-media plug-ins: Facebook, Twitter. We use what is referred to as the “double click solution”. This means that when you visit our website, no personal data will initially be forwarded to the providers of the plug-ins. You can recognise the provider of the plug-in due to the first letters of its name or its logo. We provide you with the possibility to communicate directly with the plug-in provider with the button. The plug-in provider will only receive the information that you have accessed the respective web page of our online offering if you click on the appropriate logo. The data stated in the section Collection of personal data when visiting our website will also be transferred. In the case of Facebook, the IP address will be anonymised immediately after the collection according to the respective service providers in Germany. By activating the plug-in, your personal data will therefore be transferred to the respective plug-in providers and stored there (in the case of the American (USA) providers, in the USA). As the plug-in provider mainly carries out the data collection using cookies, we recommend erasing all cookies with the use of the security settings of your browser before clicking on the button.

We have no influence on the collected data or the data processing procedures, nor are we aware of the full extent of the data that is collected, the purposes of the processing or the retention periods. We do not have any information about the erasure of data by the plug-in provider.

The plug-in provider will store the data as a user profile and use it for the purposes of advertising, market research and/or the custom configuration of their website. In particular, this evaluation takes place (including for users who are not logged in) for the provision of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of such user profiles; if you intend to exercise this right, you must contact the respective plug-in provider. With the plug-ins, we offer you the possibility to interact with the social networks and other users so that we can improve our offering and make our website more interesting for you the user. The legal basis for the use of plug-ins is Art. 6(1) sent.1 (f) GDPR.

The forwarding of data takes place regardless of whether you have an account with the respective plug-in provider and are logged in or not. If you are logged in to the respective plug-in provider, your data will be assigned directly to your account. If you press the activated button and link the page for example, the plug-in provider will also store this information in your user account and share your contact data with the public. We recommend that you regularly log out of a social network, especially before activating the button, as this will allow you to prevent an assignment of your profile by the plug-in provider.

Further information on the purpose and scope of data collection and processing by the plug-in provider is available in the following privacy policies of these providers. There, you will also find further information about your rights regarding this topic and your settings options for the protection of your private sphere.

Addresses of the plug-in providers and URL with their respective privacy policy:

Use of Facebook Remarketing

The sonnen website uses the “Custom Audiences” remarketing function of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). With this function, the provider is able to address visitors to the website with targeted advertising by placing personalised, interest-based Facebook advertisements for visitors to the website if they visit the social network Facebook. The legal basis for the use of Facebook Remarketing is Art. 6(1) sent. 1 (f) GDPR. To carry out this function, the Remarketing Tag from Facebook is implemented on the website of the provider.

When you visit the website, these tags establish a direct connection to the Facebook servers. In this way, the Facebook server is informed which of our web pages you have visited. Facebook will assign this information to your personal Facebook account. Further information on the collection and use of the data by Facebook as well as your related rights and options for the protection of your private sphere are provided in the data protection information of Facebook at https://www.facebook.com/about/privacy/ . If you do not wish Facebook to assign the data collected directly to your Facebook account, you can deactivate the “Custom Audiences” remarketing function here. To do this, you have to be logged into Facebook.

Use of IntelliAd

sonnen uses the web analysis service with Bid Management of intelliAd Media GmbH, Sendlinger Str. 7, 80331 Munich. For the requirements-based configuration and the optimisation of this website, anonymised user data are collected, aggregated and stored, and this data is then used to create user profiles with the use of pseudonyms. The legal basis for the use of IntelliAd is Art. 6(1) sent. 1 (f) GDPR. When using the intelliAd tracking service, a local storage of cookies takes place. According to Art. 15 of the current version of the German Telemedia Act, as the visitor to the websites, you have the right to object to the storage of your (anonymously collected) visitor data, also with future effect. To do this, use the intelliAd opt-out function.

Use of Criteo

On our web pages and online offerings, information about the surfing behaviour of visitors to the website is collected for marketing purposes in a purely anonymous form, and cookies are placed for this purpose, using the technology of Criteo (Criteo GmbH, Unterer Anger 3, 80331 Munich).

In this way, Criteo can analyse surfing behaviour and then display targeted product recommendations as an appropriate advertising banner when you visit other websites. Under no circumstances can the anonymised data be used to identify you personally. The data collected by Criteo will only be used to improve our advertising offering. The legal basis for the use of Criteo is Art. 6(1) sent. 1 (f) GDPR. In the bottom right of each banner displayed is a small “i” (for “information”) which opens when you hover the mouse over it, and when you click on it, leads to a page containing an explanation of the system and an opt-out. If you click on opt-out, an "opt-out" cookie will be placed, which will prevent these banners from being displayed in the future. No other use or disclosure to third parties takes place.

Further information is available from the Criteo website at http://www.criteo.com/de/datenschutzrichtlinien, where you can also object to the anonymous analysis of your surfing behaviour.

Use of Outbrain

sonnen uses conversion tracking from Outbrain. The conversion tracking pixel will be placed if a user makes contact with an advertisement that has been placed by Outbrain. The integration of the advertisements by Outbrain is decided on the basis of the previous contents that you have read. The contents are managed and provided by Outbrain using technical methods. The Outbrain pixels do not contain any information which can be used for the personal identification of users. No personal data will be stored. The legal basis for the use of Outbrain is Art. 6(1) sent. 1 (f) GDPR. To select the appropriate contents, the pixel uses information on the devices source, browser type, as well as your completely anonymised IP address (through the removal of the last octet) The pixel will not be used after you click on “register now”, “create account” or “try out anonymously”.

Further information on data protection by Outbrain is available at http://www.outbrain.com/de/legal/privacy. You can object to the tracking for the displaying of interest-based recommendations at any time; to do this, click on the “Opt-out” field in the privacy policy of Outbrain, which is available at http://www.outbrain.com/de/legal/privacy.

Use of Tradedoubler

sonnen has integrated components of Tradedoubler on its website. Tradedoubler is a German affiliate network which offers affiliate marketing. Affiliate marketing is an internet-supported form of sales which enables the commercial operators of websites, known as merchants or advertisers, to integrate advertising, which is usually remunerated via click or sale commissions, on the websites of third parties, i.e. sales partners, who are also referred to as affiliates or publishers. Through the affiliate network, the merchant provides an advertising medium, i.e. an advertising banner or other appropriate means of internet advertising, which are subsequently integrated by an affiliate on their own web pages or promoted via other channels, such as keyword advertising or e-marketing.

The operating company of Tradedoubler is Tradedoubler GmbH, Herzog-Wilhelm-Straße 26, 80331 Munich, Germany.

Tradedoubler places cookies on the information technology system of the data subject. The definition of cookies is provided above. The tracking cookie of Tradedoubler does not store any personal data. The only data to be stored are the identification number of the affiliate, i.e. of the partner who procures the potential customer, the reference number of the visitor to a website and the clicked-on advertising media. The purpose of storing this data is the completion of commission payments between a merchant and the affiliate, which is processed by the affiliate network, i.e. Tradedoubler. The legal basis for the use of Tradedoubler is Art. 6(1) sent. 1 (f) GDPR.

As explained above, the data subject can prevent the placing of cookies by our website at any time with the appropriate settings on their web browser, and therefore object to the placing of cookies on a permanent basis. Setting the web browser which is used in this way would also prevent Tradedoubler from setting a cookie on the information technology system of the data subject. Cookies already in use by Tradedoubler can also be erased at any time using a web browser or other software programs.

The current data protection provisions of Tradedoubler are available at www.tradedoubler.com/de/datenschutzrichtlinie/.

Use of Dynamic Tracking System

The Dynamic Tracking System is used in order to determine the services of differing advertising channels by sonnen. When you visit the sonnen website, data from your browser are collected for statistical evaluations. The data will be forwarded to uppr GmbH, am Waldthausenpar 11, 45127 Essen, which is the technical and statistical service provider. No personal user data will be transferred in this respect. The data is collected via a pixel which is embedded in every page of the web shop. On contact with the tracking servers, information such as the operating system, the browser used, the accompanying advertising media, the referrer and the IP address will be stored in anonymised form. The IP address will only be used for the purpose of internal allocation and will not be disclosed to third parties. In the event of an order, the only data to be transferred to uppr GmbH will be anonymous data such as the order number, the shopping basket, the order value so that a correct commissioning to the advertising partner can be carried out.

Cookies will be used for the collection of data. Cookies are small text files that are stored on your computer. Cookies cannot be used to identify a specific individual person. Furthermore, no personal data will be stored. Cookies cannot cause any harm to your computer and do not contain any viruses. You can personally activate and/or deactivate cookies in the settings of your web browser.

According to the current regulations, visitors to the website have the right to object to the storage of their anonymously collected user data so that they are no longer collected in the future. You can carry out your objection here: https://t.uppr.de/tm_optout.

Use of Userlike

sonnen uses Userlike on this website, a live chat software of the company Userlike UG (limited liability). Userlike uses “cookies”, which allow for a personal conversation in the form of a real time chat with you. The legal basis for the use of Userlike is Art. 6(1) sent.1 (f) GDPR.

The following data will be collected, processed and stored: the content of the chat, the data and time of access, the browser type/version, the operating system used, the URL of the previously visited website and the volume of data sent. The collected data will not be used for the personal identification of the visitors to this website and it will not be combined with personal data appertaining to the bearer of the pseudonym. The data will also be stored by the provider of our chat service Userlike. Further information on the handling of your data in the scope of the live chat function as well as your rights and settings options for the protection of your personal data are available from our Data Protection Officer and from the data protection information of Userlike at http://www.userlike.de/privacy_policy.

Use of Pardot Services

sonnen also uses the Pardot Marketing Automation System ("Pardot MAS") as well as Pardot Salesforce Engage of Pardot LLC, 950 E. Paces Ferry Rd. Suite 3300 Atlanta, GA 30326, USA ("Pardot").

Pardot is a specialist software program for the collection and evaluation of the use of a website by visitors to the website. When you visit our website, the Pardot MAS logs your click path, on the basis of which it creates an individual user profile with the use of a pseudonym. Pardot also recognises the terms that the user previously entered in search engines to reach our website. Pardot also allows sonnen to analyse customers’ reactions to emails that they receive from sonnen. For these purposes, cookies are placed which allow for the recognition of your browser. If you consent to the use of cookies with your confirmation of the cookie acceptance banner the first time that you use the sonnen website or through your continued use of our website, you also declare your agreement to the use of cookies by Pardot. The legal basis for the use of Pardot is Art. 6(1) sent.1 (a) GDPR. You can withdraw your consent at any time with future effect. To do this, please contact the Data Controller referred to above. You can also deactivate the creation of pseudonymised user profiles at any time by configuring your web browser so that cookies from the domain “pardot.com” are not accepted. This can lead to certain restrictions of the functions and the user friendliness of our offering.

Further information on the purpose and scope of the data collection and its processing by Pardot MAS is available in the privacy policy of Pardot. There, you will also find further information about your rights and settings options for the protection of your private sphere: https://www.salesforce.com/company/privacy/. Pardot also processes your data in the USA and has agreed to comply with the EU-US Privacy Shield, https://www.privacy-shield.gov/EU-US-Framework.

Use of Taboola

This website uses technologies provided by Taboola Inc. (28 West 23rd St. 5th fl., New York, NY 10010, www.taboola.com, “Taboola”). Taboola places cookies which determine which content you use and which of our web pages you visit. Through the collection of device-related data and log data, the cookie enables us to create pseudonymised user profiles and to recommend you content which reflects your personal interests. This allows us to personalise our offering to you. These user profiles do not allow any conclusions to be drawn on your person. The legal basis for the use of Taboola is Art. 6(1) sent. 1 (f) GDPR.

For further information on Taboola and the option to deactivate the Taboola cookie, please visit https://www.taboola.com/privacy-policy (Opt-out information is provided under “Site Visitor Choices”).

Use of Interactive One

When you visit the sonnen website, data from your browser are collected for statistical evaluations. The data will be forwarded to Interactive One GmbH, Sieglitzhofer Straße 9, 91054 Erlangen, which is the technical and statistical service provider. No personal user data will be transferred in this respect. The data is collected via a pixel which is embedded in every page of the web shop. On contact with the tracking servers, information such as the operating system, the browser used, the accompanying advertising media, the referrer and the IP address will be stored in anonymised form. The IP address will only be used for the purpose of internal allocation and will not be disclosed to third parties. In the event of an order, the only data to be transferred to Interactive One GmbH will be anonymous data such as the order number, the shopping basket, the order value so that a correct commissioning to the advertising partner can be carried out. The legal basis for the use of Interactive One is Art. 6(1) sent. 1 (f) GDPR.

Use of eveeno ticketing

For the coordination and planning of different events, sonnen uses the services of eveeno ticketing, Ellenbogen 8, 91056 Erlangen. Eveeno ticketing allows sonnen (as the host), to coordinate and to plan events. When you register for a specific event, you must provide personal data such as your name or your email address. With the provision of your data, you provide your consent for the processing of the data provided for the planning/completion of the event. The legal basis for the processing of your data is Art. 6(1) sent. 1 (a) GDPR. You can revoke your previous consent at any time with future effect by sending an appropriate email to sonnen. Further information on the collection and/or processing of your data in the scope of the use of eveeno ticketing is available at the following link: https://eveeno.com/de/privacy.

Use of the online application form

In our job advertisements section, you are able to apply to jobs at the companies in our corporate group with the use of our online application form. We will handle all of the information that you provide in confidence and according to the currently valid data protection regulations. We will only use the personal data that you provide for the processing of your application. As part of the application process, the data will be forwarded to individual employees of sonnen GmbH or sonnen eServices. The online application portal is operated by our software provider HANSALOG Services GmbH. During its transfer, the data regarding your online application will be encrypted by what is referred to as Secure Socket Layer technology (SSL), and will only be stored on a server in Germany according to the current data protection regulations. We refer to the fact that security gaps may exist when transferring data via the internet (with communication by email, for example). The complete protection of the data against access by third parties is not possible.

Use of YouTube

Videos from the company YouTube, YouTube LLC 901 Cherry Ave., 94066 San Bruno, CA, USA, a company of Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA are integrated on this website, which are saved at http://www.youtube.comand can be played back directly from our website.

All of the videos have been integrated in the “enhanced data protection mode”, which means that no data about you as a user will be transferred to YouTube unless you play the videos. The data stated in the following paragraph will only be transferred if you play the videos. sonnen has no influence over this transfer of data.

When you visit our website, YouTube receives the information that you have accessed the relevant sub-page on our website. The data referred to under the heading “Collection of personal data when visiting our website” in this privacy policy will also be transferred. This will take place regardless of whether YouTube provides a user account into which you are logged in or if no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not want the data to be assigned to your YouTube profile, you must log out before activating the button. YouTube will store your data as user profiles and use it for the purposes of advertising, market research and/or the needs-based configuration of its website. In particular, this evaluation takes place (including for users who are not logged in) for the provision of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles; if you intend to exercise this right, it is necessary for you to contact YouTube.

YouTube is used in the interests of ensuring an appealing presentation of our online offerings. The legal basis is Art. 6(1) sent. 1 (f) GDPR.

For further information on the purpose and scope of the data collection and its processing by YouTube, please refer to the privacy policy of YouTube. There, you will also find further information about your rights and settings options for the protection of your private sphere: http://www.google.com/intl/de/policies/privacy. Google also processes your personal data in the USA, and has agreed to comply with the EU-US-Privacy-Shield, https://www.privacy-shield.gov/EU-US-Framework.

Email security

As soon as you initiate electronic contact with sonnen, you declare your agreement with the electronic communication. We wish to point out that during their transmission, emails can be read or changed both unnoticed and without authorisation. Encryption technology is only used to a partial degree on this website. sonnen uses a software program to filter unwanted emails (spam filter). The spam filter can also reject emails if certain attributes cause them to be incorrectly identified as spam, however.

Security with the use of technical and organisational measures

According to the valid legal provisions, we apply technical and organisational security measures to protect your personal data against accidental or deliberate manipulation, loss, destruction, or access by unauthorised persons. The security measures that we use are subject to continuous improvement according to technological developments.

Publication of job advertisements / online job applications

We will collect and process your application data electronically for the purpose of the completion of the application procedure. The legal basis for the data processing is Art. 6 (1), sent.1 (a) GDPR. If your application is followed by the conclusion of an employment contract, for purposes of the standard organisational and administrative process, we may store your transferred personal data in your personal file in compliance with the appropriate legal provisions. The legal basis for the data processing is Art. 6 (1) sent. 1 (f) GDPR. If your application is rejected, the erasure of the data transferred by you will automatically take place two months after the notification of the rejection. This does not apply if due to the statutory requirements, a longer period of retention is required by law (the burden of proof according to the General Equal Treatment Act, for example), or if you have expressly agreed to a longer period of retention in our database or prospective employees.

Data Protection Officer

If you have any questions regarding the processing of your personal data, you can contact our statutory Data Protection Officer directly, who is also available to assist you in the case of requests for access, other requests or complaints.

sonnen GmbH instructed active mind AG as the responsible Agent for data protection. Please address your requests at datenschutz@sonnen.de.

June 2018.