Privacy policy

Version 1.0

We take the protection of your personal data very seriously and strive to provide you with comprehensive information about the processing of your personal data. The following privacy policy explains how and for what purposes we process your personal data when you visit our website or contact us.

As a rule, the personal data of yours that we collect is obtained directly from you. The statutory basis is, in particular, the EU General Data Protection Regulation (GDPR).

1 Controller within the meaning of Article 4(7) GDPR

The controller within the meaning of Article 4(7) GDPR is:

Schwarz IT KG Stiftsbergstraße 1 74172 Neckarsulm, Germany E-mail: info@stackit.de

2 Communication by e-mail/mail

2.1 Purpose of the processing and legal basis

We treat all personal data that we receive from you by e-mail or mail confidentially. We use your data solely for the limited purpose of processing your inquiry.

The legal basis for the processing is Article 6(1)(f) GDPR. Our legitimate interest arises from the interest in responding to your inquiries so that the satisfaction of our customers, business partners and/or website users alike is ensured and promoted.

2.2 Recipients/categories of recipients

As a rule, we do not transfer the data to third parties outside Schwarz IT KG. In exceptional cases, we will have a processor process the data on our behalf. Such processors are carefully selected and bound by contract in accordance with Article 28 GDPR.

2.3 Obligation to provide your data

You are under no statutory or contractual obligation to provide personal data to us. However, if you do not provide us with the data required to process your request, we will not be able to process or respond to it.

2.4 Storage time/criteria for determining storage time

We delete or securely anonymize all information we receive from you when you make inquiries no later than 90 days after the final response is sent to you. The information is retained for 90 days in case you contact us again after a receiving a response from us on the same matter and we need to refer to our previous correspondence. Based on experience, we generally do not receive any questions concerning our responses after 90 days. If you assert your rights as a data subject, your personal data will be stored for three years after the final response in order to document the fact that we provided you with comprehensive information and that the legal requirements have been met.

3 Data processed when you visit our websites

3.1 Purposes and legal basis of processing

When you visit our websites, log files are generated containing the following information:

• the website/application from which you accessed our site (referrer URL);
• the IP address;
• the date and time of access;
• the client request;
• the http response code;
• the data volume transmitted;
• the name and URL of the requested file;
• information about the type of browser and operating system you are using.

The legal basis for the processing is Article 6(1)(f) GDPR. Our legitimate interest arises from our interest in protecting our systems and preventing improper and/or fraudulent activity each time that a user accesses this website.

3.2 Recipients/categories of recipients

As a rule, we do not transfer the data to third parties outside Schwarz IT KG. In exceptional cases, we will have a processor process the data on our behalf. Such processors are carefully selected and bound by contract in accordance with Article 28 GDPR.

3.3 Obligation to provide your data

You are under no statutory or contractual obligation to provide personal data to us. However, such data will be processed for technical reasons as soon as you access our site. The only way to prevent your data from being processed is to stop using our website.

3.4 Storage time

We store the aforementioned data for a period of 30 days.

4 Cookies

We, Schwarz IT KG, Stiftsbergstraße 1, 74172 Neckarsulm, Germany, are the controller with respect to data processing in connection with the use of “cookies” and other similar technologies to process usage data on our websites and the associated sub-domains and sub-pages.

Cookies are small text files that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our websites. Cookies do not cause any harm to your end device, nor do they contain any viruses, trojans or other malware. The cookie stores certain information that results in connection with the specific end device deployed. This does not, however, mean that we will immediately become aware of your identity.

You may also configure your browser to ensure that a warning appears every time a new cookie is placed. This makes the use of cookies more transparent for you. You may also configure your browser to refuse acceptance of all or some cookies from certain sources. Please be advised, however, that disabling cookies may limit the functionality of this website.

4.1 Purposes and legal basis of processing

Cookies and the other technologies used to process usage data are deployed for the following purposes, depending on the categories of cookie/other technologies:

• Necessary: these cookies help to make a website usable by enabling basic functions such as site navigation and access to secure pages. The website cannot function properly without these cookies.

• Preferences: Using these methods, we can take into account your actual or perceived preferences to enhance the user experience. For example, we can use your settings to display our website in a language relevant to you. They also mean we can avoid displaying products that may not be available in your region.

• Statistics: These methods enable us to tailor the design of our services by producing anonymized statistics about how they are used. For example, we can use them to determine how better to adapt our websites to user habits.

• Marketing: These enable us to display relevant advertising content based on an analysis of your usage behavior. Your usage behavior can also be tracked over various websites, browsers or devices via a user ID (unique identifier).

Depending on the purpose, the use of cookies and similar technologies to process usage data involves processing the following types of personal data in particular:

Necessary:

• This category of cookies is not used on our website.

Preferences:

• This category of cookies is not used on our website.

Statistics:

• Pseudonymized usage profiles containing information on the use of our website. These contain in particular:
• browser type/browser version;
• operating system used;
• referrer URL (i.e., the previously visited page);
• host name of the accessing computer (IP address);
• time of the server request;
• individual user ID; and
• events triggered on the website (web browsing behavior).
• The IP address is routinely anonymized, which in principle means it is no longer possible to identify you.
• We only store the user ID together with other data you provide (e.g., name, e-mail address) if you give us express permission to do so. In itself, we cannot use the user ID to identify you.

Marketing:

• This category of cookies is not used on our website.

The legal basis for using preference, statistics and marketing cookies and similar technologies is your consent given pursuant to Article 6(1)(a) GDPR and section 25 (1) sentence 1 of the German Telecommunications and Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutz-Gesetz, “TTDSG”). The legal basis for using technically necessary cookies and similar technologies is your consent given pursuant to Article 6(1)(f) GDPR and section 25 (2) no. 2 TTDSG. We have a legitimate interest in ensuring the technical stability and security of website operation.

You may withdraw/modify your consent at any time with effect for the future without this affecting the lawfulness of the processing based on consent before its withdrawal. To change your consent for cookies and similar technologies we use, click here and make your selection.

For an overview of the cookies and other technologies we use, including the respective purposes of processing, storage periods and any third party providers involved, see our cookie policy.

4.2 Recipients/categories of recipients

For information about other recipients in connection with using cookies to process data, see our cookie policy under the heading “Providers”.

4.3 Transfer of data to third countries

As a rule, we do not transfer your data to recipients located outside of the European Union or the European Economic Area. To the extent that you have consented to the use of the relevant cookies, your data will only be transferred to the servers of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, if it is processed using Google Analytics. Some of these servers are located in the USA. The EU does not have an adequacy decision in place for the USA, which means that a lower level of data protection than in the EU must be assumed. This could mean that you may not be able to adequately exercise your rights as a data subject. In addition, we have no control over the extent to which Google uses your data for its own purposes. However, we have concluded standard contractual clauses with Google, which contractually oblige Google to comply with European data protection standards.

4.4 Obligation to provide your data

You are under no statutory or contractual obligation to provide personal data to us. You may prevent cookies from being stored by adjusting the aforementioned settings, selecting the categories of cookies accordingly or by withdrawing or modifying any consent you may have given.

4.5 Storage time

For information on the duration of storage for cookies, see our cookie policy. If “persistent” is entered in the “expiration” column, the cookie will be stored permanently until the corresponding consent is withdrawn.

5 Your rights as a data subject

Under Article 15(1) GDPR, you have the right to obtain information, free of charge, on the personal data stored about you.

If the statutory requirements are met, you also have a right to rectification (Article 16 GDPR), erasure (Article 17 GDPR) and restriction of processing (Article 18 GDPR) of your personal data.

If the basis of processing is Article 6(1)(e) or (f) GDPR, you have a right to object under Article 21 GDPR. If you object to processing, your data will no longer be processed thereafter, unless the controller demonstrates compelling legitimate grounds for the processing which override the interests of the data subject in the objection.

If you have provided the processed data yourself, you have a right to data portability under Article 20 GDPR.

If the data processing is carried out on the basis of consent granted under Article 6(1)(a) or Article 9(2)(a) GDPR, you may revoke that consent at any time with effect for the future without this affecting the lawfulness of the previous processing. In the above-mentioned cases, or if you have questions or complaints, please write to or e-mail the data protection officer. You also have a right to lodge a complaint with a data protection supervisory authority. The data protection supervisory authority located in the state in which you live or where the controller is domiciled has jurisdiction.

6 Data protection officer contact information

For further questions concerning the processing of your data or the exercise of your rights, please contact the competent data protection officer of the controller at:

datenschutz süd GmbH – Keyword Schwarz IT KG – Wörthstraße 15 97082 Würzburg, Germany

E-mail: office@datenschutz-sued.de