Data Privacy Statement
A. Objectives of Data Protection
The following statement relates to the data processing in the context of our website and regarding our customers and interested parties. Even if we have taken organisational and also technical measures to ensure the as consistent as possible protection of the website, the existence of a gap in security in electronic communication routes cannot of course be ruled out entirely. For this reason, affected persons are free to also find out about us by other means or to send information to us.
B. General Information
Controller
Controller within the meaning of the General Data Protection Regulation is:
semvox GmbH
Konrad-Zuse-Straße 19
66459 Kirkel
Telefon: +49 (0)6841 9784 200
E-Mail: info@semvox.de (nachfolgend: semvox)
Data Protection Officer:
Our Data Protection Officer can be reached at:
Phone: +49 (0)6841 9816 0
Fax: +49 (0)6841 9816 29
Our Data Protection Officer can help you with questions or with asserting your data subject rights quickly and easily.
Data Subject’s Rights
You have the right, at any time, free of charge and without specifying reasons, to obtain data stored by us concerning you as well as the origin, recipients or categories of recipients to whom this data is provided and the purpose of storage. You can at any time rectify, delete your data collected by us or restrict its processing and make use of your right to data portability. Moreover, you have the possibility to object.
Rectification, Deletion or Restriction of the Processing: You have the right to request that semvox immediately rectifies inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to request the completeness of incomplete personal data, even by means of a supplementary statement.
Right to Object: Insofar as the processing of personal data concerning you takes place based on Art. 6 Paragraph 1 f GDPR, you have the right to at any time lodge an objection to the processing of this data for reasons, which arise from your particular situation. We will no longer process this personal data, unless semvox can prove compelling reasons for the processing, which override your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.
Right to Revoke: If the processing is based on a consent, you have the right to at any time revoke the consent without the legality of the processing carried out based on the consent up to revocation being affected. To this end, you can at any time contact us or our Data Protection Officer using the above-mentioned information.
Right to Deletion: You have the right to request that semvox immediately deletes personal data concerning you and semvox is required to immediately delete personal data, insofar as one of the following grounds apply:
- The personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
- You lodge an objection to the processing and there are no overriding legitimate reasons for the processing.
- The deletion of the personal data is required to fulfil a legal obligation according to Union law or the law of the Member States, to which we are subject. This does not apply if the processing is required to fulfil a legal obligation, which requires the processing according to Union law or the law of the Member States, to which we are subject.
Right to Restriction of the Processing: You have the right to request that semvox restricts the processing if one of the following requirements is given:
- The accuracy of the personal data is disputed by you and indeed, for a duration which allows us to check the accuracy of the personal data.
- The processing is illegal and you reject the deletion of the personal data and instead request the restriction of the use of the personal data.
- Semvox no longer requires the personal data for the purposes of the processing, you, however, require it to assert, exercise or defend legal claims, or you have lodged an objection to the processing and it is not yet determined whether our legitimate reasons override yours.
- If the processing has been restricted, then this personal data may, aside from its storage, only be processed with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons relating to a significant public interest of the Union or a Member State.
If you have obtained a restriction to the processing, we will inform you before the restriction is lifted.
Right to Complain: You have, without prejudice to another administrative or judicial legal remedy, the right to complain to a supervisory authority, in particular in the Member State in which you reside, work or the location of the supposed violation if you are of the view that the processing of the personal data concerning you violates the General Data Protection Regulation (GDPR). You can also contact the semvox Data Protection Officer. You can reach them at:
Phone: +49 (0)6841 9816 0
Fax: +49 (0)6841 9816 29
Please do not hesitate to contact us at any time for further questions on our notices, on data protection and the processing of your personal data. You can find further information on data protection in the Federal Republic of Germany at www.bfdi.bund.de.
C. Data processing for website visitors
Manner and Scope of Processed Data
In principle, usage data (for example websites visited, access times) and communication data (for example browser information, IP addresses) are processed.
Browser and Server Data
Please ensure that your browser sends us information only when using the website. The purpose of this transmission is to technically enable your visit to the website. The data is required to process the information request. The manner of transmitting information in this respect also depends on your settings and technical specifications. When accessing our website, the recording of the following data is possible:
- IP address
- Time of access
- Page requested or name of file requested (URL)
- Status information (e.g. error codes)
- Data volume transmitted
- Browser information (web browser used, operating system, language settings, etc.)
The data is used for statistical and security-related purposes. It is not shared with third parties. This website does not itself use techniques aimed at evaluating the access behavior an individual users. Personal usage profiles are not created. The data is stored for a maximum of 7 days for the indicated purposes.
Cookies
When using this website, cookies are stored on your computer. The legal basis of usage is Section 15 Paragraph 1 of the German Telemedia Act and Section 15 Paragraph 3 of the German Telemedia Act in consideration of Art. 6 Section 1 f GDPR. Cookies are small text files, which are stored on your hard disc by the browser used by you and by way of which certain information flows to the location which the cookies set. Cookies are a technical means to ensure the function of the website and improve the user experience. They are used for example to be able to store information on multiple pages. We use cookies for the following purposes:
- Storage of user settings.
We use the following types of cookies:
- Transient cookies (temporary use)
- Persistent cookies (time-limited use)
The latter are used by third party providers. The cookies serve our interests in the ease of usability and improvement of our website.
Transient cookies are deleted automatically when you close the browser. Persistent cookies are deleted automatically after a predefined duration which may differ depending on the cookie. The deletion periods correspond to the specification of the corresponding third party provider.
You can delete the cookies in the security settings of your browser at any time. In addition, you can set your browser so that it rejects certain or all cookies. We would, however, point out that in this case the functional scope of the website may be restricted. The information relating to cookies is stored by us separately from any other data submitted to us. This data is exclusively not linked to any of your other additional data.
Categories of Data Subjects
The visitors to the website are affected by the data processing by our website.
Purpose of the Processing
- Providing an online presence
- Possibility to interact for users
- Security measures
Storage Duration
The criterion for the duration of storage of personal data is the respective legal retention period and the purpose of the processing. The corresponding data are routinely deleted when this period lapses, provided they are no longer required for achieving the purpose of the processing.
The specific storage periods are indicated in this statement in each case for the individual data processing operations.
Legal Basis
Multiple permissions GDPR are considered as the legal bases: Firstly, Art. 6 Paragraph 1 a GDPR serves as the basis for the processing operations for which your consent is obtained for the processing operation. For such processing operations, which are required for performing pre-contractual measures, for example in cases of queries concerning our services, the processing is based on Art. 6 Paragraph 1 b GDPR. In the case of fulfilling tax obligations, the processing is based on Art. 6 Paragraph 1 c GDPR. In the case of this website, the processing of the data is based largely on Art. 6 Paragraph 1 f GDPR. This basis of permission is effective when the processing is required to safeguard a legitimate interest of the controller or a third party, provided the interests, basic rights and basic freedoms of the data subject do not override.
The specific interests are reflected in each case at the body of the processing operation.
Technical Security Measures
We maintain up-to-date technical and organizational measures to safeguard data security, in particular to protect your personal data from dangers associated with data transfers and against access by third parties. They are correspondingly adapted to the best technology available at present.
Third Party Providers
Insofar as we allow third parties to participate in the processing, this occurs exclusively on the basis of a legal permissive rule and in compliance with the legal provisions. This permissive rule can consist of your consent, a legal obligation or our legitimate interests.
Hosting
The hosting services used by us serve to make the following services available: Infrastructure and platform services, software tools, computing capacity, storage space and maintenance services which we require for the purposes of operating this website.
The hosting provider processes usage data on the basis of our legitimate interest in an effective and safe provision of this website according to Art. 6 Paragraph 1 f GDPR.
Usage data includes the data described under “Manner and Scope of the Processed Data”. This data is deleted after seven days.
Links to Other Websites
Our website contains links to third party websites. This data privacy statement applies only to content of our websites and does not include the third party websites linked to this website. We have neither an influence on the legality of the content of these sites nor their handling of personal data. For queries concerning the content or data protection of such third party providers, please contact the respective provider.
Plugins
Google Fonts
We embed the fonts (‘Google Fonts’) provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The service’s privacy policy is available at: https://policies.google.com/privacy. An option to control the provider’s processing of your data is available at: https://adssettings.google.com/authenticated. This service is used to improve the website’s visual design. It cannot be ruled out in this respect that data will also be transferred to other Google servers. Google LLC ensures and provides adequate safeguards to comply with European data protection law.
Google Apis
We use Google apis from the provider, Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, in order to load CSS files, Java Script, font types or images from their servers. In order that we can make our website more resistant to bottlenecks in the available bandwidth and provide our visitors with a fast and reliable connection to our website. When a page is requested, your browser loads the required files (in particular web fonts) via the Content Delivery Network (CDN), via the address, in your browser cache in order to display texts and font types correctly. This service allows the operator to gain knowledge of the fact that our website was retrieved with your IP address. The use of the CDN takes place in the interest of a unified and appropriate design of the website and a fast and reliable connection to our website. The authorization basis is Art. 6 Paragraph 1 f GDPR. The data privacy statement of the service can be found at: https://www.google.com/policies/privacy/. An option to control the processing of your data by the provider is provided at: https://adssettings.google.com/authenticated . This service serves the better visual design of the website. Google LLC is certified under the Privacy Shield Agreement and hereby offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI).
Google Maps
We incorporate the online map and navigation service “Google Maps” from the provider, Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The data privacy statement of the service can be found at: https://www.google.com/policies/privacy/. An option to control the processing of your data by the provider is provided at: https://adssettings.google.com/authenticated . This service serves to for better and clear outline of the physical position of our company and easier reachability by our customers and visitors. Google LLC is certified under the Privacy Shield Agreement and hereby offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI).
Gstatic
We use a web service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The service’s privacy policy is available at: https://policies.google.com/privacy. An option to control the provider’s processing of your data is available at: https://adssettings.google.com/authenticated. The legal basis for data processing is Art. 6 1 a and f GDPR. The legitimate interest lies in the website working faultlessly and in continuously improving and optimising our website, as well as operating our website in an economically sensible way. Use is solely for the purpose that coincides with our interests. You will find more information about how the transferred data is handled in the indicated Google privacy policy. A option to control the provider’s processing of your data is available at: https://adssettings.google.com/authenticated. During processing, it cannot be ruled out that data will also be transferred to other servers. Google LLC ensures and provides adequate safeguards to comply with European data protection law.
Youtube
We use the possibility of incorporating the videos stored on the platform “YouTube” from the provider, Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy statement: https://www.google.com/policies/privacy/ , Opt-Out: https://adssettings.google.com/authenticated . Google LLC is certified under the Privacy Shield Agreement and hereby offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI).
Google Tag Manager
We use the ‘tag manager’ provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The service’s privacy policy is available at: https://policies.google.com/privacy. An option to control the provider’s processing of your data is available at: https://adssettings.google.com/authenticated. The tags set up using Google Tag Manger ensure the collection of data that is passed on to the target system. Because the data is only passed on, the system does not collect or store the data itself. According to the provider, Google Tag Manager is a cookie-less domain, so it cannot collect any personal data in this way.
LinkedIn Plugins
Our website uses plugins from the LinkedIn network. The operating company is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The plugins are marked with a LinkedIn label. Every time you access our site, which contains LinkedIn functions, a connection is established to LinkedIn servers. LinkedIn is informed that you have visited our website with your IP address. If you click on LinkedIn’s “Recommend button” and are logged into your LinkedIn account, LinkedIn will be able to assign your visit to our website to you and your user account. LinkedIn ensures and offers sufficient guarantees to comply with European data protection law. Further information can be found in LinkedIn’s privacy policy, available at https://www.linkedin.com/legal/privacy-policy.
LinkedIn Insight Tag und LinkedIn Analytics
Subject to your consent, the LinkedIn Insight Tag on this website is used with the LinkedIn Analytics function for retargeting and tracking purposes, and for remarketing too. The LinkedIn Insight Tag and LinkedIn Analytics are operated by the LinkedIn Corporation, 1000 W. 2029 Stierlin Court, Mountain View, CA 94043, USA. LinkedIn ensures and provides adequate safeguards to comply with European data protection law. The controller responsible for personal data processing when a data subject lives outside the USA or Canada is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
We use the LinkedIn Insight Tag and LinkedIn Analytics to target marketing advertising to visitors to this website based on their previous use of this website as soon as they visit the LinkedIn social network. A direct connection to LinkedIn servers is established using the LinkedIn Insight Tag when visitors visit this website. This sends the information that a visitor has accessed this website to the LinkedIn server. LinkedIn processes this information and can assign it to a visitor’s personal LinkedIn user account. With the help of the LinkedIn Insight Tag, we also want to make sure that our LinkedIn ads match users’ potential interests and are not annoying. The LinkedIn Insight Tag also allows us to track the effectiveness of LinkedIn ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a LinkedIn ad (‘conversion’). Furthermore, when using the LinkedIn Insight Tag, we use the additional enhanced advertising function for tracking purposes. Here, data such as users’ telephone numbers, email addresses or Facebook IDs are transferred to LinkedIn (in encrypted form) to form target groups. You can find more information about the ‘enhanced advertising’ at https://business.linkedin.com/marketing-solutions/native-advertising/lead-gen-ads.
The legal basis for use of the LinkedIn Insight Tag is Art. 6 1 f GDPR. We have a legitimate interest with regard to marketing purposes, as this promotes the placement of more relevant ads. You can disable the LinkedIn Insight Tag here at any time when you are logged into LinkedIn: https://www.linkedin.com/psettings/enhanced-advertising. The legal basis for processing data collected in connection with LinkedIn Analytics is your consent pursuant to Art. 6 1 a GDPR. Art. 6 1 f GDPR. We only use LinkedIn Analytics tracking if you explicitly allow this.
For general information about how LinkedIn collects, processes and protects data, please see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy. LinkedIn processes data in the context of LinkedIn’s data use policy. Accordingly, general information about displaying LinkedIn ads and specific information and details on the LinkedIn Insight Tag and how it works are available at https://business.linkedin.com/marketing-solutions/native-advertising/lead-gen-ads. Information about setting cookies can be found in the cookie policy at https://www.linkedin.com/legal/cookie_policy. You can find an opt-out option here: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
You have the right on grounds relating to your particular situation to object to such processing at any time. To exercise this right, you can disable the use of tracking cookies at any time in this website’s tracking cookie settings.
Social plugins – links
Our site contains links to our pages on social media sites. No data is transferred to the platforms yet when the corresponding links are displayed. Should you wish to visit any of these sites, please note that, by doing so, you are leaving the scope of this privacy policy with respect to platform operation.
Contact form
You can use our contact forms to send a message to our specialist departments or to request a whitepaper. They are primarily used to contact interested individuals with regard to our products and services. Please note that your message cannot be assigned to a specific recipient at first; instead, it will be distributed to the contacts in our company by the designated office. If you would like to address your request directly to a specific contact, without receiving information from other contacts in our company, we kindly ask that you send us your request over the telephone or by post, naming the specific contact.
The only mandatory information for sending the contact forms is your email address. Any other, separately marked data that may be provided is voluntary and used to address you personally. If you do not want to provide your name, you can also enter a pseudonym.
We delete requests as soon as they are no longer required and there is no further legal obligation to retain them. We regularly review the necessity; furthermore, the legal archiving obligations that may particularly arise from tax law or commercial law apply.
Downloading technical documentation and software (e.g. whitepaper)
You have the opportunity to download technical documentation for our products via our website by providing your contact details. To start the download, you will be required to provide basic professional information about yourself. By submitting the form, you therefore agree that we will store and use your personal data to improve our service and to inform you about our products by email, telephone and post and to contact you about product-related topics. Your data will not be made available to third parties and will only be processed for the stated purpose. The legal basis is Art. 6 1 a GDPR. Your consent can be revoked at any time. In this case, too, the downloaded technical documentation can still be used.
D. Data processing of customers, interested parties and suppliers
Legal Basis
We process personal data in the context of customer relationships insofar as doing so is necessary for the conclusion, performance or preparation of a contract. The relevant legal basis is Art. 6 (1) (a) of the GDPR, insofar as semvox carries out processing operations for which it obtains consent for a specific processing purpose. If personal data processing is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or consideration, processing is based on Art. 6 (1) (b) of the GDPR. This also applies to such processing operations that are necessary for the implementation of pre-contractual measures (e.g. in the case of (prospective) customer enquiries about our products or services). If our company is subject to a legal obligation by which personal data processing becomes necessary (e.g. for the fulfilment of tax obligations), processing is based on Art. 6 (1) (c) of the GDPR. Processing operations may also be based on the permission basis set out in Art. 6 (1) (f) of the GDPR. This is possible in the case of processing operations where processing is necessary to protect a legitimate interest belonging to semvox or a third party, provided that the data subject’s interests, fundamental rights and fundamental freedoms are not overridden.
When you contact us (e.g. using the contact form, by email, over the telephone or using social media), the user’s details are processed pursuant to Art. 6 (1) (b) of the GDPR for the purpose of dealing with and handling the contact request. Users’ details may be stored in a customer relationship management system (‘CRM system’) or similar communication organization system. Processing in the context of CRM is the joint responsibility of semvox.
Processed categories of personal data
semvox processes your personal data in connection with the contractual relationship. This also applies to data belonging to interested individuals who are informed of potential services. In terms of categories of personal data, this may be general information (e.g. name, address and contact details), contract-related communications or past contract history.
Sources of processed data
The data is usually collected directly from you. This happens, for example, when you hand over your business card or give us your name and contact details. Indirect collection takes place in cases where customers’ personal data is transferred to us by third parties. This is the case, for example, when a contact at a company that is our customer is appointed by the customer company. In individual cases, job-related information that you have made publicly available may also be processed, as it can be accessed using the likes of a profile on a professional social networking site or the company website. Should you disclose data from third parties to us, please ensure that you have the permissions to disclose the data and that the necessary consents for processing by us under this policy have been obtained from the data subject.
Categories of recipients
semvox may transfer your personal data to its affiliated companies under Art. 4 (19) of the GDPR, insofar as doing so is permissible in the context of the purposes and legal bases set out above. Personal data is also processed on our behalf based on contracts pursuant to Art. 28 of the GDPR, particularly by host providers or providers of CRM systems.
Your data will be forwarded within the semvox organization to the Sales department and the departments entrusted with processing the contractual relationship.
Erasure of your data
semvox stores your personal data for as long as it is required by law or for as long as there is a statutory retention period. Inactive customer or prospect accounts are regularly deleted from the system. If the data cannot be erased due to conflicting legal retention requirements, it will be blocked instead. In a first stage, blocking can also be carried out by means of work instructions that prohibit employees’ access to and use of the data.
Data transfer to a third country
A transfer to a third country is not intended.
Need to provide personal data
The provision of personal data is neither legally nor contractually required, nor are you obligated to provide the personal data. However, the provision of personal data is necessary for concluding a contract with us. So, unless you provide us with personal data, we will not enter into a contractual relationship with you. If a contract has not been concluded yet, we follow the principle of collecting as little data as possible. Nevertheless, a minimum amount of contact data is necessary so we can provide you with the information you require about our products and services and so we can provide our service.
No automated decision-making
No automated decision-making takes place on a case-by-case basis under Art. 22 of the GDPR.