Thank you very much for your interest in our website and in the data processing done by SOKRATHERM. We attach utmost importance to the protection of your data and the safeguarding of your privacy. The following guidelines will give you an overview about which kind of information we will collect from you and what will happen to this data
1. Protection of personal data
The subject matter of data protection is personal data. According to Art. 4 No.1 of the General Data Protection Regulation (GDPR) ‘personal data’ means any information relating to an identified or identifiable natural entity. Thus, personal data is any data according to which you can be identified personally. This includes, for example, information such as name, postal address, e-mail address or phone number, but also usage data such as your IP address. We will keep your personal data confidential and treat it according to the statutory data protection rules as well as this privacy statement.
2. Legal basis of data processing
According to Art. 13 GDPR we are bound to inform you of the legal basis which the collection and further processing your personal data is based on.
If the legal basis of this privacy statement is not specifically mentioned, the following shall apply: Legal basis for the obtaining of consent is Art. 6 Sec. 1a and Art. 7 GDPR, legal basis for the data processing in order to provide our services and to perform contractual measures as well as to respond to inquiries is Art. 6 Sec. 1b GDPR, legal basis for the data processing in order to fulfil our legal obligations is Art. 6 Sec. 1c GDPR. The legal basis for data processing in order to protect our legitimate interests is Art. 6 Sec. 1f GDPR.
3. Who is responsible for data processing?
According to Art. 4 No. 7 GDPR the responsible body is the natural or legal person who decides on his/her own or together with others about the purposes and means of processing personal data. The body responsible for data processing is SOKRATHERM GmbH Energie- und Wärmetechnik. Please refer to the imprint on our website for our contact data.
4. Company data protection officer
Our data protection officer is Dr. jur. Thorsten Berenbrink (phone ext. -54) based at our Hiddenhausen SOKRATHERM head office (refer to imprint).
5. Safety measures
Technical and organizational measures
According to Art. 32 GDPR and subject to the state of the art, the implementation costs and the nature, scope, circumstances and the purposes of processing as well as the different probability and seriousness of the risk for the rights and freedoms of the individuals we take suitable technical and organizational measures to ensure an adequate level of protection.
Such measures especially include safeguarding of the confidentiality, integrity and availability of data by controlling the physical access to such data as well as the access, entry, disclosure, securing the availability and separation of such data. Furthermore, we have established procedures that ensure exercise of the rights of the individuals affected, deletion of data and reaction to exposure of data. Moreover, we already consider the protection of personal data during development and/or selection of hardware, software and procedures. This happens according to the data protection principle by technology design and by privacy-friendly default settings (Art. 25 GDPR).
SSL and/or TLS encryption
For the protection of confidential contents (such as inquiries via our contact form) that you send to us, our website uses SSL and/or TLS encryption. The encryption ensures that data submitted by you to us is not read by third parties. You can be sure that you have a secure and encrypted connection when your browser’s address line changes from “http://” to “https://” and you see the padlock symbol in the status bar.
6. How do we acquire your data?
Firstly, your data is collected by the fact that you disclose it to us. This can be data, for example, that you enter into a contact form or submit to us otherwise verbally or in writing.
Some user data is automatically captured by our IT system when the user visits our website. This is mainly technical data (e.g. IP address, internet browser, operating system or time of the page view).
7. Types of data processed:
We collect and/or process the following types of personal data:
8. What do we use your data for?
Whenever you submit personal data to us (e.g. via our contact form or by e-mail, letter, phone, etc.) we use such data for processing your request and according to the information contained in the following sections of this privacy statement.
When you visit our website your user data will be acquired in order to ensure a faultless provision of our website to you. Other data might be used for analysing your user habits. For details please refer to the following sections of this privacy statement.
9. What rights do you have regarding your data?
Overview
Within the context of the legal guidelines you have the following rights regarding data stored with us:
Furthermore, you have the right of lodging a complaint with the responsible regulatory authority.
For details regarding these rights please refer to the following sections of this privacy statement.
Right of access
According to Art. 15 GDPR you have the right to obtain information about the personal data stored with us as well as about origin, recipient and purpose of such data.
Right to withdraw your consent for data processing
Many data processing operations are possible only with your express consent (Art. 6 Sec. 1a GDPR). You can withdraw a consent you have already given at any time. To achieve this just send an informal notification via e-mail to us. The legitimacy of the data processing done up to the withdrawal shall remain unaffected by the withdrawal.
Right to object to data acquisition in special cases as well as against direct advertising (Art. 21 GDPR)
When data processing is performed according to Art. 6 Sec. 1e or f GDPR you may at any time object to the processing of your personal data for reasons resulting from your particular personal situation; this also refers to any profiling based on these provisions. For information about the respective legal basis on which processing rests please refer to this privacy statement. Whenever you file an objection we will stop processing your personal data concerned, unless we can provide compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or the processing serves for establishment, exercise or defence of legal claims.
If your personal data is processed in order to do direct advertising you may at any time object to the processing of personal data relating to you according to Art. 21 Sec. 2 GDPR for the purpose of such advertising. This also refers to profiling, as far as it is associated with such direct advertising. When you object, your personal data will no longer be used for the purpose of direct advertising subsequently.
Right to rectification, blockage or deletion
Within the context of the statutory regulations you have the right to demand rectification, blockage or deletion of your personal data. If you want to establish your rights or have questions regarding data protection at SOKRATHERM you can always contact us at the address given in our imprint or turn to our company data protection officer.
Right to restriction of processing
You have the right to demand restriction of the processing of your personal data. For this purpose you can always contact us at the address given in our imprint or turn to our company data protection officer.
The right to restriction of processing exists in the following cases:
When you have restricted processing of your personal data, such data – apart from its storage – may be processed only with your consent or for establishment, exercise or defence of legal claims or for safeguarding the rights of another natural or legal person or for reasons of substantial public interest of the European Union or one of its member states.
Right of data transfer
You have the right to have data which we process automatically based on your consent or in fulfilment of a contract delivered either to yourself or to a third party in a conventional machine-readable format. If you demand direct transfer of the data to anyone else responsible, this will be done only as far as it is technically possible.
Right of appeal with the supervisory authority
In the case of breaches of the GDPR you have a right of appeal with the supervisory authority according to Art. 77 GDPR, particularly in the member state of your habitual residence, your place of work or the place of the suspected breach. The right of appeal exists without prejudice to any administrative or judicial remedy.
10. Server log files
With every visit on our websites data is automatically logged and stored in so-called server log files which your browser submits automatically to us. These are:
A merge of this data with other data sources does not take place.
The acquisition of this data is made on the basis of Art. 6 Sec. 1f GDPR. The website owner has a legitimate interest in the technical error-free presentation and optimization of his website. This is the reason why the server log files are collected.
11. Cookies
Our website uses so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies help making our offer more user-friendly, more effective and more reliable. These are small text files stored on your computer by your browser when you visit our websites.
Most of the cookies used by us are so-called session cookies. They are automatically deleted after the end of your visit. Other cookies remain on your device until you delete them. These cookies allow us to recognise your browser on your next visit.
You can set your browser such that it informs you whenever cookies are set, and you can accept cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, as well as delete cookies automatically when you exit your browser. When you deactivate cookies the functionality of this website may be limited.
Cookies required for execution of the electronic communication process or for the provision of certain functions desired by you are stored according to Art. 6 Sec. 1f GDPR. The website owner has a legitimate interest in the storage of cookies for technical error-free and optimised presentation of his services. As far as other cookies (e.g. cookies for analysing the surfing habits) are stored, these will be treated separately in this privacy statement.
12. Google Maps
Some of our web pages use the map service of Google Maps via an API. Vendor is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.
To use the Google Maps functionality you will have to store your IP address. Normally, such information is transmitted to a Google server abroad. The owner of this site has no influence on such transmission of data.
The use of Google Maps is carried out in the interest of an appealing presentation of our online offering. It also helps to find places given on our website more easily. This presents a legitimate interest according to Art. 6 Sec. 1f GDPR.
For further information regarding the handling of user data please refer to Google’s privacy statement: https://policies.google.com/privacy?hl=en
13. YouTube
Integrated on our website are videos of the vendor YouTube (represented by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland).. We ensure by a plug-in that no information about visitors of the pages will be stored, unless the visitor watches the video. If you click a video your IP address will be transmitted to YouTube and YouTube will be informed that you have watched the video. If you are logged in with YouTube this information will also be associated with your user account. You can prevent this by logging out of YouTube prior to calling up the video.
For further information please refer to the YouTube privacy statement on https://policies.google.com/privacy?hl=en&gl=en.
14. Links to social media platforms
Our website contains buttons with links to the SOKRATHERM channels on Facebook, Instagram, X, Xing, and LinkedIn. The type of integration we have chosen prevents visitors‘ personal data from being automatically transmitted to these platforms when they access our website. However, if you click on the respective button, you will leave the SOKRATHERM website and be redirected to the respective platform. We would like to point out that your user data and other personal data may then be received, stored, and further processed by the platform operator – even abroad.
Details on the processing of data when visiting the platforms can be found in the privacy policies of the providers:
15. Contact form
Whenever you send us inquiries via the contact form on our website the information from the contact form including your contact data will be stored and processed by us in order to process your inquiry and for the event of follow-up questions.
The processing of such data is carried out in accordance with Art. 6 Sec. 1b GDPR, as far as your inquiry is associated with the fulfilment of a contract or required to execute pre-contractual measures. In all other cases the processing is based on your consent (Art. 6 Sec. 1a GDPR) and/or on our legitimate interests (Art. 6 Sec. 1a GDPR), since we have a legitimate interest in the effective handling of inquiries submitted to us.
The data that you have entered on our contact form remains with us until you demand deletion, until you revoke your consent to the storage or until the purpose of the data storage has ceased to exist (e.g. after the handling of your inquiry has been completed). Mandatory statutory directives – particularly retention periods – shall remain unaffected.
16. Other written or verbal inquiries
If you contact us by either written (via letter, e-mail, fax etc.) or verbal communication (by phone) your inquiry including any personal data (name, inquiry) arising therefrom will be stored and processed with us for the purpose of handling your request. The processing of such data is carried out in accordance with Art. 6 Sec. 1b GDPR, as far as your inquiry is associated with the fulfilment of a contract or required to execute pre-contractual measures. In all other cases the processing is based on your consent (Art. 6 Sec. 1a GDPR) and/or on our legitimate interests (Art. 6 Sec. 1a GDPR), since we have a legitimate interest in the effective handling of inquiries submitted to us.
The data sent by you to us remains with us until you demand deletion, until you revoke your consent to the storage or until the purpose of the data storage has ceased to exist (e.g. after the handling of your request has been completed). Any mandatory statutory directives – particularly legal retention periods – shall remain unaffected.
17. Disclosure of personal data to third parties, cooperation with processors and Webhosting
If within the scope of our processing we reveal data towards other individuals and companies (processors or third parties), transmit such data to them or otherwise grant them access to such data, this will be done only on the basis of a legal permission (e.g. if transmission of data to third parties, such as a payment service provider is necessary for contract fulfilment in accordance with Art. 6 Sec. 1b GDPR), when you have given your consent, a legal commitment stipulates this or on the grounds of our legitimate interests (e.g. when deploying agents, web hosters etc.). In particular we won’t disclose any personal data to third parties for the purpose of advertising (address trading etc.).
As far as we engage third parties with the processing of data on the basis of a so-called “order processing contract” this will be done in accordance with Art. 28 GDPR.
This website is hosted by Profihost GmbH (Expo Plaza 1, 30539 Hanover; info@profihost.com). The host receives the data collected via the website (see above) as a processor.
18. Transfers to third countries
If we collect and/or process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if such collection of processing happens within the scope of the use of third party services or disclosure and/or transfer of data to third parties, this will only happen in fulfilment of our (pre-)contractual obligations or on the basis of our legitimate interests. Subject to statutory or contractual permits we will process or have processed such data in a third country only if the special prerequisites of Art. 44 ff GDPR prevail.
19. Deletion of data
The personal data processed by us will be deleted or its processing will be restricted if the prerequisites according to Art. 17 and 18 GDPR exist. Unless expressly specified within the scope of this privacy statement, your personal data stored with us will be deleted as soon as it is no longer required for the intended purpose and if there is no legal obligation to retain such data. If the data cannot be deleted because it is required for other lawful purposes, its processing will be restricted, i.e. the data will be blocked and not processed for other purposes. The same applies to data, for example, which has to be retained for commerce or tax law reasons. According to the legal requirements in Germany storage shall take place particularly for 10 years according to §§ 147 Sec. 1 Tax Code, 257 Sec. 1 No. 1 and 4, Sec. 4 Commercial Code (books, records, status reports, accounting records, trading books, other documents relevant for taxation, etc.) and for 6 years according to § 257 Sec. 1 No. 2 and 3, Sec. 4 Commercial Code (commercial letters).
20. Objection to promotional e-mails
We hereby expressly object to the third party use of contact data, which has been published in accordance with the imprint obligation, for the transmission of not expressly solicited advertising and information material. The operators of the sites explicitly reserve the right to take legal action in case of unsolicited advertising (such as spam e-mails).
