Thank you very much for your interest in our website and in the data processing done by SOKRATHERM. We attach utmost importance to the protection of your data and the safeguarding of your privacy. The following guidelines will give you an overview about which kind of information we will collect from you and what will happen to this data
1. Protection of personal data
The subject matter of data protection is personal data. According to Art. 4 No.1 of the General Data Protection Regulation (GDPR) ‘personal data’ means any information relating to an identified or identifiable natural entity. Thus, personal data is any data according to which you can be identified personally. This includes, for example, information such as name, postal address, e-mail address or phone number, but also usage data such as your IP address. We will keep your personal data confidential and treat it according to the statutory data protection rules as well as this privacy statement.
2. Legal basis of data processing
According to Art. 13 GDPR we are bound to inform you of the legal basis which the collection and further processing your personal data is based on.
If the legal basis of this privacy statement is not specifically mentioned, the following shall apply: Legal basis for the obtaining of consent is Art. 6 Sec. 1a and Art. 7 GDPR, legal basis for the data processing in order to provide our services and to perform contractual measures as well as to respond to inquiries is Art. 6 Sec. 1b GDPR, legal basis for the data processing in order to fulfil our legal obligations is Art. 6 Sec. 1c GDPR. The legal basis for data processing in order to protect our legitimate interests is Art. 6 Sec. 1f GDPR.
3. Who is responsible for data processing?
According to Art. 4 No. 7 GDPR the responsible body is the natural or legal person who decides on his/her own or together with others about the purposes and means of processing personal data. The body responsible for data processing is SOKRATHERM GmbH Energie- und Wärmetechnik. Please refer to the imprint on our website for our contact data.
4. Company data protection officer
Our data protection officer is Dr. jur. Thorsten Berenbrink (phone ext. -54) based at our Hiddenhausen SOKRATHERM head office (refer to imprint).
5. Safety measures
Technical and organizational measures
According to Art. 32 GDPR and subject to the state of the art, the implementation costs and the nature, scope, circumstances and the purposes of processing as well as the different probability and seriousness of the risk for the rights and freedoms of the individuals we take suitable technical and organizational measures to ensure an adequate level of protection.
Such measures especially include safeguarding of the confidentiality, integrity and availability of data by controlling the physical access to such data as well as the access, entry, disclosure, securing the availability and separation of such data. Furthermore, we have established procedures that ensure exercise of the rights of the individuals affected, deletion of data and reaction to exposure of data. Moreover, we already consider the protection of personal data during development and/or selection of hardware, software and procedures. This happens according to the data protection principle by technology design and by privacy-friendly default settings (Art. 25 GDPR).
SSL and/or TLS encryption
For the protection of confidential contents (such as inquiries via our contact form) that you send to us, our website uses SSL and/or TLS encryption. The encryption ensures that data submitted by you to us is not read by third parties. You can be sure that you have a secure and encrypted connection when your browser’s address line changes from “http://” to “https://” and you see the padlock symbol in the status bar.
6. How do we acquire your data?
Firstly, your data is collected by the fact that you disclose it to us. This can be data, for example, that you enter into a contact form or submit to us otherwise verbally or in writing.
Some user data is automatically captured by our IT system when the user visits our website. This is mainly technical data (e.g. IP address, internet browser, operating system or time of the page view).
7. Types of data processed:
We collect and/or process the following types of personal data:
8. What do we use your data for?
Whenever you submit personal data to us (e.g. via our contact form or by e-mail, letter, phone, etc.) we use such data for processing your request and according to the information contained in the following sections of this privacy statement.
When you visit our website your user data will be acquired in order to ensure a faultless provision of our website to you. Other data might be used for analysing your user habits. For details please refer to the following sections of this privacy statement.
9. What rights do you have regarding your data?
Overview
Within the context of the legal guidelines you have the following rights regarding data stored with us:
Furthermore, you have the right of lodging a complaint with the responsible regulatory authority.
For details regarding these rights please refer to the following sections of this privacy statement.
Right of access
According to Art. 15 GDPR you have the right to obtain information about the personal data stored with us as well as about origin, recipient and purpose of such data.
Right to withdraw your consent for data processing
Many data processing operations are possible only with your express consent (Art. 6 Sec. 1a GDPR). You can withdraw a consent you have already given at any time. To achieve this just send an informal notification via e-mail to us. The legitimacy of the data processing done up to the withdrawal shall remain unaffected by the withdrawal.
Right to object to data acquisition in special cases as well as against direct advertising (Art. 21 GDPR)
When data processing is performed according to Art. 6 Sec. 1e or f GDPR you may at any time object to the processing of your personal data for reasons resulting from your particular personal situation; this also refers to any profiling based on these provisions. For information about the respective legal basis on which processing rests please refer to this privacy statement. Whenever you file an objection we will stop processing your personal data concerned, unless we can provide compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or the processing serves for establishment, exercise or defence of legal claims.
If your personal data is processed in order to do direct advertising you may at any time object to the processing of personal data relating to you according to Art. 21 Sec. 2 GDPR for the purpose of such advertising. This also refers to profiling, as far as it is associated with such direct advertising. When you object, your personal data will no longer be used for the purpose of direct advertising subsequently.
Right to rectification, blockage or deletion
Within the context of the statutory regulations you have the right to demand rectification, blockage or deletion of your personal data. If you want to establish your rights or have questions regarding data protection at SOKRATHERM you can always contact us at the address given in our imprint or turn to our company data protection officer.
Right to restriction of processing
You have the right to demand restriction of the processing of your personal data. For this purpose you can always contact us at the address given in our imprint or turn to our company data protection officer.
The right to restriction of processing exists in the following cases:
When you have restricted processing of your personal data, such data – apart from its storage – may be processed only with your consent or for establishment, exercise or defence of legal claims or for safeguarding the rights of another natural or legal person or for reasons of substantial public interest of the European Union or one of its member states.
Right of data transfer
You have the right to have data which we process automatically based on your consent or in fulfilment of a contract delivered either to yourself or to a third party in a conventional machine-readable format. If you demand direct transfer of the data to anyone else responsible, this will be done only as far as it is technically possible.
Right of appeal with the supervisory authority
In the case of breaches of the GDPR you have a right of appeal with the supervisory authority according to Art. 77 GDPR, particularly in the member state of your habitual residence, your place of work or the place of the suspected breach. The right of appeal exists without prejudice to any administrative or judicial remedy.
10. Server log files
With every visit on our websites data is automatically logged and stored in so-called server log files which your browser submits automatically to us. These are:
A merge of this data with other data sources does not take place.
The acquisition of this data is made on the basis of Art. 6 Sec. 1f GDPR. The website owner has a legitimate interest in the technical error-free presentation and optimization of his website. This is the reason why the server log files are collected.
11. Cookies
Our website uses so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies help making our offer more user-friendly, more effective and more reliable. These are small text files stored on your computer by your browser when you visit our websites.
Most of the cookies used by us are so-called session cookies. They are automatically deleted after the end of your visit. Other cookies remain on your device until you delete them. These cookies allow us to recognise your browser on your next visit.
You can set your browser such that it informs you whenever cookies are set, and you can accept cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, as well as delete cookies automatically when you exit your browser. When you deactivate cookies the functionality of this website may be limited.
Cookies required for execution of the electronic communication process or for the provision of certain functions desired by you are stored according to Art. 6 Sec. 1f GDPR. The website owner has a legitimate interest in the storage of cookies for technical error-free and optimised presentation of his services. As far as other cookies (e.g. cookies for analysing the surfing habits) are stored, these will be treated separately in this privacy statement.
12. Google Analytics
Our website uses functions of the web analytics service of Google Analytics. Vendor is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses cookies in order to allow an analysis of the website use by you. The information about your use of this website produced by the cookie are normally transmitted to a Google server in the US and stored there.
The storage of Google Analytics cookies and the use of this analytics tool is performed on the basis of Art. 6 Sec. 1f GDPR. The website owner has a legitimate interest in the analysis of the user habits in order to optimise his web offer as well as his advertising.
IP anonymisation
On our website we have activated the function of IP anonymisation. This function causes Google to truncate your IP address in the Member States of the European Union or in other Contracting States to the Agreement on the European Economic Area before transmitting it to the US. Only in exceptional cases is the full IP address transmitted by Google to a server in the US and truncated there. On behalf of the owner of this website Google will use this information to evaluate your website use, to compile reports about the website activities and to render other services associated with the use of the website and internet usage. The IP address transmitted by your browser as part of Google Analytics is not merged with other data by Google.
Browser plug-in
You can prevent storage of cookies by a corresponding setting in your browser software; however, we have to inform you that in this case not all functions of this website may be used to the full extent. Furthermore, you can prevent acquisition of the data produced by the cookie with regard to your use of the website (including your IP address) as well as processing of such data by Google or Google Analytics when you download and install the Browser plug-in available on the following link: https://tools.google.com/dlpage/gaoptout?hl=en
Please be advised that this browser plug-in provided by Google may not be fully functional on mobile devices.
Opt-Out-Cookie
As an alternative to the Browser plug-in or in browsers of mobile devices click on this link to prevent acquisition of data through Google Analytics for future visits of this website: Deactivate Google Analytics
In this case an opt-out cookie is stored on your device. When you delete your cookies, you will have to click this link again in order to prevent acquisition of data by Google Analytics.
Additional information
For further information regarding the handling of user data through Google Analytics please refer to Google’s privacy statement for the Analytics service. https://support.google.com/analytics/answer/6004245?hl=en
13. Google Maps
Some of our web pages use the map service of Google Maps via an API. Vendor is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the Google Maps functionality you will have to store your IP address. Normally, such information is transmitted to a Google server in the US and stored there. The owner of this site has no influence on such transmission of data.
The use of Google Maps is carried out in the interest of an appealing presentation of our online offering. It also helps to find places given on our website more easily. This presents a legitimate interest according to Art. 6 Sec. 1f GDPR.
For further information regarding the handling of user data please refer to Google’s privacy statement: https://policies.google.com/privacy?hl=en
14. YouTube
Integrated on our website are videos of the vendor YouTube LLC, 901 Cherry Avenue, CA 94066, USA (represented by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). We ensure by a plug-in that no information about visitors of the pages will be stored, unless the visitor watches the video. If you click a video your IP address will be transmitted to YouTube and YouTube will be informed that you have watched the video. If you are logged in with YouTube this information will also be associated with your user account. You can prevent this by logging out of YouTube prior to calling up the video.
For further information please refer to the YouTube privacy statement on https://policies.google.com/privacy?hl=en&gl=en.
15. Facebook
Our website contains links to the SOKRATHERM Facebook site. The type of integration chosen by us prevents automatic transmission of personal data whenever a user visits our Facebook site. However, if you click the Facebook link you will exit the SOKRATHERM website and will be forwarded to Facebook. The service provider of Facebook is Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. Please note that Facebook might store and process your user data and other personal data when you visit the platform. For details regarding the processing of data by Facebook please refer to https://www.facebook.com/about/privacy/update/printable?refid=41.
16. Instagram
Our website contains links to the SOKRATHERM Instagram site. The type of integration chosen by us prevents automatic transmission of personal data whenever a user visits our website. However, if you click the Instagram link you will exit the SOKRATHERM website and will be forwarded to Instagram. The service provider of Instagram is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. We would like to point out that when you visit this platform, Facebook may save your user data and other personal data and process them – possibly also outside the European Union. For details regarding the processing of data at Instagram please refer to: https://help.instagram.com/519522125107875/.
17. Twitter
Our website contains links to the SOKRATHERM Twitter site. The type of integration chosen by us prevents automatic transmission of personal data whenever a user visits our Twitter site. However, if you click the Twitter link you will exit the SOKRATHERM website and will be forwarded to Twitter. The service provider of Twitter is Twitter Inc., San Francisco, 1355 Market Street, CA, USA. Please note that Twitter might store and process your user data and other personal data when you visit the platform. For details regarding the processing of data by Twitter please refer to: https://twitter.com/en/privacy.
18. Contact form
Whenever you send us inquiries via the contact form on our website the information from the contact form including your contact data will be stored and processed by us in order to process your inquiry and for the event of follow-up questions.
The processing of such data is carried out in accordance with Art. 6 Sec. 1b GDPR, as far as your inquiry is associated with the fulfilment of a contract or required to execute pre-contractual measures. In all other cases the processing is based on your consent (Art. 6 Sec. 1a GDPR) and/or on our legitimate interests (Art. 6 Sec. 1a GDPR), since we have a legitimate interest in the effective handling of inquiries submitted to us.
The data that you have entered on our contact form remains with us until you demand deletion, until you revoke your consent to the storage or until the purpose of the data storage has ceased to exist (e.g. after the handling of your inquiry has been completed). Mandatory statutory directives – particularly retention periods – shall remain unaffected.
19. Other written or verbal inquiries
If you contact us by either written (via letter, e-mail, fax etc.) or verbal communication (by phone) your inquiry including any personal data (name, inquiry) arising therefrom will be stored and processed with us for the purpose of handling your request. The processing of such data is carried out in accordance with Art. 6 Sec. 1b GDPR, as far as your inquiry is associated with the fulfilment of a contract or required to execute pre-contractual measures. In all other cases the processing is based on your consent (Art. 6 Sec. 1a GDPR) and/or on our legitimate interests (Art. 6 Sec. 1a GDPR), since we have a legitimate interest in the effective handling of inquiries submitted to us.
The data sent by you to us remains with us until you demand deletion, until you revoke your consent to the storage or until the purpose of the data storage has ceased to exist (e.g. after the handling of your request has been completed). Any mandatory statutory directives – particularly legal retention periods – shall remain unaffected.
20. Newsletter
You can subscribe to our newsletter on our website. Our newsletter contains information about interesting developments of our company and the principle of combined heat and power generation, as well as upcoming trade fairs.
Double-opt-in
For our newsletter registration we use the so-called double-opt-in procedure. This means that after you have registered for our newsletter you will receive an e-mail from us to the e-mail address given during registration. In this mail we ask you to confirm that you want to receive our newsletter. If your registration is not confirmed by clicking the link given, your data will be blocked and automatically deleted after one month.
We will store your IP address and the points in time for registration and confirmation, respectively. The reason for this is to prove your registration and to be able to investigate any potential abuse of your data, if necessary.
Information to be given for the newsletter
The only mandatory detail for the newsletter is your e-mail address. The provision of any other data is voluntary. This data provided on a voluntary basis is used by us to address you personally. After your confirmation we will store your e-mail address in order to be able to send us the newsletter. Legal basis for this is Art. 6 Sec. 1a GDPR.
Analysis
Please note that in case of newsletter dispatch we will analyse if it has been opened and if integrated links have been activated.
Unsubscribing from the newsletter
You can withdraw your consent for receiving the newsletter at any time and unsubscribe from the newsletter. This is done on the “newsletter” site. Please fill it in and activate the “Unsubscribe” option. Then click “Send”. As an alternative you can also unsubscribe from the newsletter by sending us a message via our contact form or an e-mail to the contact address given in our imprint.
21. Disclosure of personal data to third parties and cooperation with processors
If within the scope of our processing we reveal data towards other individuals and companies (processors or third parties), transmit such data to them or otherwise grant them access to such data, this will be done only on the basis of a legal permission (e.g. if transmission of data to third parties, such as a payment service provider is necessary for contract fulfilment in accordance with Art. 6 Sec. 1b GDPR), when you have given your consent, a legal commitment stipulates this or on the grounds of our legitimate interests (e.g. when deploying agents, web hosters etc.). In particular we won’t disclose any personal data to third parties for the purpose of advertising (address trading etc.).
As far as we engage third parties with the processing of data on the basis of a so-called “order processing contract” this will be done in accordance with Art. 28 GDPR.
22. Transfers to third countries
If we collect and/or process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if such collection of processing happens within the scope of the use of third party services or disclosure and/or transfer of data to third parties, this will only happen in fulfilment of our (pre-)contractual obligations or on the basis of our legitimate interests. Subject to statutory or contractual permits we will process or have processed such data in a third country only if the special prerequisites of Art. 44 ff GDPR prevail. This means that the processing is done, for example, based on special guarantees – such as the officially recognised assessment of an EU-relevant level of data protection (e.g. by the “Privacy Shield” for the US) – or considering officially recognised special contractual obligations (so-called “standard contractual clauses”).
23. Deletion of data
The personal data processed by us will be deleted or its processing will be restricted if the prerequisites according to Art. 17 and 18 GDPR exist. Unless expressly specified within the scope of this privacy statement, your personal data stored with us will be deleted as soon as it is no longer required for the intended purpose and if there is no legal obligation to retain such data. If the data cannot be deleted because it is required for other lawful purposes, its processing will be restricted, i.e. the data will be blocked and not processed for other purposes. The same applies to data, for example, which has to be retained for commerce or tax law reasons. According to the legal requirements in Germany storage shall take place particularly for 10 years according to §§ 147 Sec. 1 Tax Code, 257 Sec. 1 No. 1 and 4, Sec. 4 Commercial Code (books, records, status reports, accounting records, trading books, other documents relevant for taxation, etc.) and for 6 years according to § 257 Sec. 1 No. 2 and 3, Sec. 4 Commercial Code (commercial letters).
24. Objection to promotional e-mails
We hereby expressly object to the third party use of contact data, which has been published in accordance with the imprint obligation, for the transmission of not expressly solicited advertising and information material. The operators of the sites explicitly reserve the right to take legal action in case of unsolicited advertising (such as spam e-mails).
