Privacy Policy


Data Protection Statement of SATA GmbH & Co. KG

 

1. General information

 

We appreciate your interest in our company, products and services and we take the protection of your personal data very seriously. We process your data in accordance with the applicable laws and regulations for the protection of personal data, in particular the EU General Data Protection Regulation (EU GDPR) and the national implementation acts that apply to us. The purpose of this privacy statement is to provide you with comprehensive information about the processing of your personal data by SATA GmbH & Co. KG and your rights in this context.

Personal data are defined as information allowing the identification of a natural person. This includes in particular the name, date of birth, address, phone number, email address but also your IP address. 

Data are considered anonymous when no personal connection whatsoever can be made to the user.

The following declaration will thus show you what kinds of data we collect for which purpose, the extent to which these data are made accessible to third parties and what kinds of security measures we are taking. You will also be informed about your statutory rights in relation to the processing of these data.

It is our goal to provide the highest possible level of protection for all data entrusted to us and to fully comply with all statutory requirements. If you have any suggestions how we might improve the security of the data entrusted to us, please let us know under datenschutz@sata.com.

 

2. Controller and data protection officer

Responsible Organisation Art. 4 Paragraph 7 GDPR 

SATA GmbH & Co. KG

Domertalstr. 20

70806 Kornwestheim

Phone: +49 (7154) 811 – 0

Fax: +49 (7154) 811 – 196

 

Contact details of the data protection officer

atarax GmbH & Co. KG

Norbert Rauch

 

3. Your rights as the “data subject”

 

Let us start by informing you about your rights as the “data subject”. These rights are set out under articles 15 - 22 EU GDPR. They include the right…

of access (Art. 15 EU GDPR),

of erasure (Art. 17 EU GDPR),

of rectification (Art. 16 EU GDPR),

to data portability (Art. 20 EU GDPR),

to restriction of processing (Art. 18 EU GDPR),

to object to data processing (Art. 21 EU GDPR).

To exercise these rights or if you have any questions on the data processing of our company, please contact our above-mentioned data protection officer. You are also entitled to lodge a complaint with a supervisory authority for data protection.


4. Rights of objection 

 

Please note the following in relation to rights of objection:

If we are processing your personal data for direct marketing purposes, you have the right to object to such processing at any time without providing reasons therefor. The same applies for measures to improve the offered products and services or the shopping experience, to the extent that it is related to direct marketing.

If you object to the processing for the purpose of direct marketing or for the purpose of improving our offerings, we will no longer process your personal data for these purposes. The objection must be submitted to our above-mentioned contact details; it is not subject to formal requirements.

Where we process your data for the purpose of legitimate interests, you also have the right to object at any time to such processing on grounds relating to your particular situation; this also applies for the creation of a user ProfileThis relates to the inner width of air lines and air hoses. The longer the airline the larger the inner diameter has to be dimensioned, in order to minimize the pressure loss and to ensure sufficient air volume..X» based on these provisions.

If you file an objection, we will no longer process your personal data unless we are able to demonstrate compelling legitimate grounds for the processing. This may be the case if the processing serves for the establishment, exercise or defence of legal claims or if it serves other legitimate purposes which override your interests, rights and freedoms.


5. Purposes and legal basis of the data processing

 

The processing of your personal data is in compliance with the provisions of the EU GDPR and all other applicable data protection provisions. The legal basis of the data processing derives in particular from Article 6 EU GDPR.

We will use your data for the purposes of initiating business, to fulfil contractual and legal obligations, to carry out the contract, to offer products and services, to process queries and (if applicable) to process orders/contracts, for administrative purposes and to strengthen the relationship with the customer, for staff and customer satisfaction surveys (which may also include analyses for marketing purposes and direct marketing with product and price information) and in the context of our application portal. If necessary, you will be asked for your consent. Your data will also be used for further purposes which are specifically stated in a consent, for example, for information on newsletter offers, etc.

Your consent constitutes a permission subject to data protection law. In this context, we will inform you about the purposes of the data processing and your right to object. Should the consent also cover the processing of special categories of personal data, we will explicitly advise you of this in Article 88 para. 1 EU GDPR regarding consent.

Processing of special categories of personal data within the meaning of Article 9 para. 1 EU GDPR will only be carried out if it is required by law and there is no reason to assume that you have an overriding legitimate interest in your data being excluded from processing, Article 88 para. 1 EU GDPR.

 

6. Disclosure to third parties / purposes and extent

 

We will disclose your data to third parties only where permitted by law, to meet our contractual obligations or on the basis of a corresponding consent. In this context, we will only disclose your data (e.g. name and address) which we require to meet our statutory, legal or contractual obligations or which third parties require to ensure smooth functioning, in particular to implement a concluded contract. 

No other disclosure will be made to third parties, unless we are required to make such disclosure due to compelling legal acts or provisions (disclosure to external bodies such as regulatory authorities or law enforcement authorities).

 

7. Recipients of data/categories of recipients

 

We will ensure within our company that only persons who require your data to carry out their job responsibilities or meet the contractual and statutory obligations receive your data. This also applies for any exchange of data with our affiliated companies (e.g. UK or Canada), or for the disclosure (to our international distribution partners) of address data of customers who have given their consent to be contacted or to receive, for example, our newsletter, or which have provided their address data in the context of the implementation of the contract.

In many cases, service providers support our technical department in meeting its responsibilities. The necessary data protection contracts have been concluded with all service providers, e.g. in the form of an agreement regarding the processing of the order. Service providers with whom we collaborate include, for example, shipping providers, payment service providers, agencies, credit rating agencies and IT service providers.

 

8. Transfer of data to third countries and intent to transfer to third countries

 

Data will only be transferred to third countries (outside of the European Union or the European Economic Area) if this is necessary for carrying out the contract, required by law or if you have given your consent. The scope of the transferred information is described under no. 6.

A sufficient level of protection is, provided that the state does not ensure a level of data protection that is accepted by the EU, ensured by EU standard contractual clauses.

 

9. Data storage period

 

We will store your data for as long as the specific purpose of processing requires. Please note that various retention periods require the continued storage of data. This concerns in particular record retention requirements under commercial and tax law (e.g. German Commercial Code, German Tax Code, etc.). If no further retention requirements apply, the data will be routinely erased once the purpose has been achieved.

In addition, we may retain data if you have granted your consent or if legal disputes arise and we use evidence subject to statutory limitation periods.

 

10. Transferring your data

 

We use appropriate technical and organisational security measures to protect our stored data optimally against accidental or intentional manipulation, loss, destruction, and access by unauthorised persons. The security levels are reviewed on an ongoing basis in cooperation with security experts and adapted to new security standards.

The exchange of data with our website is encrypted (in both directions). Our website offers SSL as communication protocol, using the most up-to-date encryption protocols. For applications via our applicant portal, we offer content encryption. Only we are able to decrypt these data. Alternative communication channels are also available (for example by post).

Requirements to make data available

 

Various personal data are necessary for the conclusion, implementation and termination of the contract as well as for the fulfilment of the contractual and statutory requirements related thereto. The same applies for the use of our website and the various functions provided by it.

We have summarised details under para. 11. In certain cases, the law requires us to collect and/or provide data. Please note, that processing your request or carrying out the underlying contractual relationship is not possible without the provision of these data. If you therefore refuse the consent to the use of your data (or if you limit your consent) for reason of extreme caution, you may not be able to take advantage of our products and/or services, or only to a limited degree. By continuing to use our products/services or parts thereof, you accept any potential disadvantages arising therefrom.

Categories, sources and origin of the data

 

Which data we process depends on the context of the relevant case. The content and scope of the data differs, for example, if you place an order online, if you enter a query into our contact form, if you submit an application or a complaint.

Please note that we may provide information on data protection in specific data processing situations separately at an appropriate place, for example, when application documents are uploaded or a contact request is submitted.

 

11. Offered services and data requests:

General information on requesting and using data / the principle of data minimisation

We collect the data specified below for certain services, such as website visits, SAL checks, user logins (e.g. for premium warranty and forum), contact requests, registration on the website of our company e.g. at MySATA, user self-service, password changes, newsletter registration, registration for the virtual painter, registration for photobox, SATA loyalty programme, order transactions, registration for prize competitions, registration for meetings, registration for seminars and courses, ordering brochures and ordering from the marketing catalogue. These data are used for establishing contact, for responding to your questions and wishes, to facilitate your visit on our website, to adapt your data, as a requirement for participating in SATA activities, for processing the order, for participating in customer loyalty programs and for supporting the sales activities of our customers and partners. We will not disclose these data without your consent, except in the specific situations described above.

In this context, the principle of data minimisation and data avoidance is observed as you will only be asked to provide data we absolutely need to process your request or to provide the relevant service. In most cases, your IP address will also be processed. This is required for technical reasons and to establish legal security. All fields not marked with an (*) asterisk are not compulsory. Filling them in is optional and may be done for example to enable more individualised answers to your questions. Some services also require additional consent for more extensive processing of your personal data. You will be asked to provide the consent and informed of the respective purpose. Without this consent, no additional processing of your personal data will take place.

If you contact us via email, we will process all personal data contained in the email exclusively for the purpose of processing your inquiry. If you do not use the provided contact forms, no additional data will be collected.

When registering on our website, the IP address of the user, the date and time of the registration will also be stored (technical background data). By clicking the button “Accept”, you consent to the processing of your data.

Please note: The password you choose is stored as encrypted. Our employees are not able to read this password and can therefore not provide you with any information should you forget your password.

In this case, you should use the “forgot your password” function to receive an email with an automatically generated new password. Our employees will never ask you for your password either on the phone or in writing. You should therefore never give your password if you receive such requests.

Once the registration is concluded, we store your data for your use of the protected customer section. As soon as you login to our website with your email as the login name and your password, these data you provided will be made available on our website or are available for retrieval.

You can of course cancel all services for which you have registered at any time using the relevant function of the service or by sending an email to unsubscribe@sata.com, revoking your consent and giving a specific description of the service you want to cancel. 

Should you give your consent for the use of your data for advertising purposes by clicking the relevant checkbox (e.g. to subscribe to our newsletter), we will also process your data to send you information and offers relating to our products/services/new products/news on technology/promotions/special offers/price information/events such as trade fairs, other events, training/courses, via email or post. You can always revoke your consent under +49 (0) 7154/811-0, via email to unsubscribe(at)sata.com or by post to

SATA GmbH & Co. KG, Domertalstrasse 20, 70806 Kornwestheim, Postfach 1828 70799 Kornwestheim, Germany. 

You do not have to give any reasons for revoking your consent.

a. When you visit our website, we will collect and process the following data:

Name of the Internet service provider

Information about the website from which you came to us

Your web browser and operating system

The IP address assigned by your Internet service provider

Requested files, transferred data volume, downloads/file export

Information about the websites you access on our website, including date and time

For reasons of IT security (in particular to defend against attempted attacks on our web server), these data will be stored in accordance with Art. 6 para. 1 lit f) EU GDPR.

b. For a SAL check, we collect and process the following data:

Name

Phone number

Country

Email address

Whether you want to receive the newsletter

IP address

Dealer name and address

SAL number*

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

c. For a registration for the premium warranty, we collect and process the following data:

 

User data

Salutation

Company name

First name*

Name*

Street

Additional address

Postcode

City

State/Province

Country

Email

 

Dealer details

Company name

Street

Additional address

Postcode

City

Country

Seller name

 

Product data

Purchase date*

Product type*

Serial numberAlmost all SATA paint spray guns and compressed air filters are equipped with an individual serial number which allows the clear identification of the device.Current models have a serial number of 10 digits in the form 123 456 7890. The serial number may also contain letters.Pictures of SATAjet 4000 B, SATAjet 1000 B, SATAjet 100 B, SATAminijet 3000 B, SATAjet 20 B with serial numbers encircled.Older models have a 5- or 6-digits serial number.X»*

 

Legal basis for handling these data is Article 6 para. 1 lit. b EU GDPR

d. For a contact request (contact form), we collect and process the following data:

Salutation

First name

Last name

Company name

Title

Street

Postcode

City

Country

Telephone

Fax

Email*

Field of work (automotive repair, industry, carpentry, painter, other field)

Interest in (spray guns, automatic guns, air filtration, breathing protection, material feed systems, spraying systems, spray gun cleaning, corrosion protection, spare parts)

Lacquer used

Captcha

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

e. For a MySATA registration (user registration, e.g. for use of the forum), we collect and process the following data:

Password*

Email address*

Salutation

First name*

Last name*

Company name

Address

Additional address

Postcode

Place of residence

Country

State/country/province

Telephone

Fax

Industry (automotive repair, airbrush, lacquer manufacture, vocational school, wholesaler/retailer, private individual, other, industry, carpenter/painter)

Language

I want to receive relevant information about SATA and SATA products per email or in the newsletter (yes, no)

 

Legal basis for handling these data is Article 6 para. 1 lit. b EU GDPR

f. For the user self-service, we collect and process the following data:

Form language

Salutation

First name*

Last name*

Email address*

Country

Language*

Industry (automotive repair, airbrush, lacquer manufacture, vocational school, wholesaler/retailer, private individual, other, industry, carpenter/painter)

Company name

Street/street number

Postcode

City

Whether you want information via email or newsletter

Whether you want information by post

Whether you wish to receive any information at all

 

Legal basis for handling these data is Article 6 para. 1 lit. b EU GDPR

g. For a password change, we collect and process the following data:

Password*

Email address*

 

Legal basis for handling these data is Article 6 para. 1 lit. b EU GDPR

h. For a newsletter registration, we collect and process the following data:

Email*

Salutation

First name

Last name

Company name

Industry (automotive repair, airbrush, lacquer manufacture, vocational school, wholesaler/retailer, private individual, other, industry, carpenter/painter)

Country

Newsletter language*

Consent to marketing via email or newsletter*

On our website, it is possible to subscribe to a free-of-charge newsletter. The email address provided during the newsletter registration and your name are used in order to send the personalised newsletter. In the course of optimisation, we also gather data in connection with the email use. We will provide you with special information for your industry and country. If you want to receive the newsletter by post, we require your address data.
During this process, the principle of data economy and data avoidance is observed, as only the email address (if applicable name in case of personalised newsletters) is highlighted. Due to technical necessity and for legal security, your IP address is also processed when ordering the newsletter.
For the sending of newsletters by email, we use the so-called double opt-in procedure. This means that you will only receive advertising by email if you have expressly confirmed in advance that we should activate the newsletter service. This takes place by means of us sending you a notification email and requesting that you confirm by clicking on a link contained in this email that you wish to receive our newsletter via this email address.
It goes without saying that you can terminate the subscription at any time via the cancellation method stated in the newsletter and therefore revoke your consent. You also have the option of cancelling the newsletter subscription at any time via our Internet site directly. 

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

i. For staff and customer satisfaction surveys, the following data are collected:

Name

Address

Company name

Company address

How likely you are to recommend us

Reasoning

The required personal data may be stored in this context and disclosed to third parties (service provider companies). All legal provisions and requirements relating to commissioned data processing will be observed. 

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

j. Payment systems, credit check (Art. 6 para. 1 lit. a EU GDPR), credit check (Art. 6 para. 1 lit. f EU GDPR)

The principle of data economy and data avoidance is complied with, as you only need to provide us with the data which we absolutely require in order to process the payment and therefore perform the contract, as well as the data which we are obliged to gather by law.Without this data, we will unfortunately have to decline conclusion of the contract, as we cannot perform the contract in such a case. 

This is required for technical reasons and to establish legal security. The payment is processed by our payment provider PaySquare SE.
 

We reserve the right to obtain a credit check (based on mathematical and statistical methods) from credit agencies in order to protect our legitimate interests. To this end, we transfer the personal data required for the credit check to third parties. We are then provided with information about the statistical probability of a payment default which we use to make a balanced decision on the establishment, implementation or termination of the contractual relationship. The credit check may include score values which are calculated on the basis of scientifically recognised mathematical and statistical methods and which are based, among other things, on address data. 

Your legitimate interests will be taken into account in accordance with the law. You can request information about the data stored in relation to you by contacting Datenschutz(at)sata.com. Except for the indicated purposes of carrying out credit checks, implementing the contract and processing the payment, no data will be disclosed to third parties.

 

Legal basis for handling these data is Article 6 para. 1 lit. b EU GDPR

 

Note concerning PayPal: PayPal is a company of PayPal (Europe) S.à r.l. et Cie, S.C.A
22-24 Boulevard Royal
, L-2449 Luxembourg. Should the data subject select the PayPal payment option in our online shop during the ordering process, data concerning the data subject is automatically passed on to PayPal.
By selecting this payment option, the data subject consents to the necessary transfer of personal data in order to process the payment. The personal data transferred to PayPal generally includes first name, surname, address, email address, IP address, telephone number, mobile number or other data which is necessary in order to process the payment.
Personal data connected to the respective order is also necessary in order to perform the sales agreement. Details concerning data protection at PayPal can be accessed via the following link: https://www.paypal.com/de/webapps/mpp/ua/privacy-prev (for the legal position from 25.5.2018).

Legal basis for handling these data is Article 6 para. 1 lit. b EU GDPR

k. For requests for brochures and personalised brochures, we collect and process the following data:

Name*

Customer number*

Company name*

Street*

Postcode*

City*

Country*

Telephone

Email*

Ordered items*

 

Delivery address

Name

Customer number

Company name

Street

Postcode

City

Country

Comments

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

l. For orders from the marketing catalogue, we collect and process the following data: 

Name*

Company name*

Street*

Postcode*

City*

Country*

Telephone

Email*

Ordered items*

 

Delivery address

Name

Company name

Street

Postcode

City

Country

Comments

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

m.  For prize competitions, we collect and process the following data:

Last name, first name

Address

Email address (depending on the contact channel)

Age

(If applicable) consent for newsletter receipt

You have the option of participating in a competition on various channels. Should you fill in the competition mask, we only process the data which is entered into this in order to carry out the competition.

The principle of data economy and data avoidance is observed, as you only need to enter the data which we absolutely require in order to carry out the competition and notify the winners. For example, this includes your name and email address.

The mandatory fields are labelled with a (*). In addition, your IP address is also processed due to technical necessity and for legal certainty. The other fields are optional and you can fill these in if you wish. Without the mandatory fields, we regret that we cannot carry out the competition. In such a case, it is not possible to participate.
In the competition mask, you also have the option of declaring to us your consent to advertising. It goes without saying that it is also possible to participate in the competition without declaring your consent to advertising.

Should you issue us with your consent by crossing the respective check box, we also process your data in order to send you information and offers by email relating to our products and services.

You can revoke your consent at any time without the giving of reasons by email to info(at)sata.com, by the self service form in the MySATA account, by clicking on the de-registration link in the newsletter or by post to SATA GmbH & Co. KG, Domertalstraße 20, 70806 Kornwestheim, Germany.

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

n. For the creation and use of an account of the SATA Loyalty App, we will process the following data:

Last name, first name*

Date of birth*

Company name*

Address*

Email address*

Usage data (login times, IP address, manufacturer and model of the user device)

Bonus data (optional, e.g. job, usage data relating to SATA products)

Scan/purchase data

Scan/purchase frequency

Scope of scan

Industry

Job of the person logging in

The SATA Loyalty Programme (“Programme”) is a loyalty-based customer retention programme. SATA GmbH & Co. KG (“SATA”) operates the programme and the SATA Loyalty App (“App”). The implementation of the programme is first of all governed by the conditions for participation (Allgemeine Teilnahmebedingungen) as amended from time to time. These conditions are supplemented by the following data protection provisions, which apply for natural persons participating in the programme (“participants”) and regulate the handling of personal and other data of the participants (“participant data”) on occasion of and in the context of the programme, setting out in particular specifically when and which participant data are collected, used and processed, to which purposes, as well as the rights of the participants relating to the respective data-related activities.

Collection and processing of participant data by SATA 

 

Registration and usage data

 

When creating a user account, SATA will collect name, date of birth, mobile and landline number, email address and address of the participant as well as the name and the address of the company for which the participant acts with regard to the collection of reward points and for redeeming rewards (“registration data”). SATA uses the registration data to implement and process the programme, in particular for the management of “coins” and for sending out rewards. 

In addition to the registration data, SATA automatically collects further participant data via the App in connection with the use of the App; the participant is not separately notified of this collection and does not have to actively cooperate in this collection. This data collection includes the date and time of the last logins and changes to the App user account, as well as the IP address, manufacturer and model name of the user device used in the most recent login (“usage data”). SATA uses the usage data to enable and improve the use of the App and to ensure the security and stability of its IT systems. The IP address of the user device executing the App is analysed in the event of attacks on or the misuse of SATA’s IT systems as well as for statistical purposes. The usage data are automatically erased after the expiration of a maximum storage period of 6 months after the collection of the relevant data.

Subject to the prior consent of the participant, the registration and usage data will also be used and processed to determine so-called “booster periods” and for determining prizes and establishing contact in the context of “Treasure Hunt“ prize competitions. During promotional periods defined by SATA, “point boosters” apply where the scan of one coin returns a multiple of the usual points; “Treasure Hunt” prize competitions offer the opportunity of winning instant prizes.

 

Bonus data and data analysis for improving products

 

Participants may voluntarily provide additional participant data in the App; this may be done in return for a certain number of coins which are credited to the participant. The data concern the use of SATA products by the participants and/or their companies (for example the job of the participants, type, scope and purpose of their use of SATA products – hereinafter collectively referred to as “bonus data”. 

Subject to the prior consent of the participant, SATA will analyse registration, usage and bonus data in order to better understand the use of SATA products by the participants and their companies and in order to improve SATA products and the loyalty programme.

 

Participant consent

As a participant, you may have expressly granted us the following consents.

Consent to the use of data for product improvement

I consent that SATA analyses my personal data collected in the context of the programme participation for the purpose of improving the products distributed by SATA or the products and services offerings (including the loyalty programme); this consent shall apply until I revoke it.

Consent to email advertising

I consent that SATA uses my contact data collected in the context of the programme participation in order to inform me (via electronic mail (email)) about products, services, promotions or additional services of the loyalty programme; this consent shall apply until I revoke it. 

 You can check your consent status under the ProfileThis relates to the inner width of air lines and air hoses. The longer the airline the larger the inner diameter has to be dimensioned, in order to minimize the pressure loss and to ensure sufficient air volume..X» settings of the app.

Consent to phone marketing

I consent that SATA uses my contact data collected in the context of the programme participation in order to inform me (by phone) about promotions or additional services of the loyalty programme, if I have provided my consent in my account; this consent shall apply until I revoke it.

The individual consent status can be viewed in the ProfileThis relates to the inner width of air lines and air hoses. The longer the airline the larger the inner diameter has to be dimensioned, in order to minimize the pressure loss and to ensure sufficient air volume..X» settings of the app.

If you have granted your consent, your consent as participant of the SATA loyalty programme will be logged by SATA. This is done exclusively to meet SATA’s legal obligation to retain the content of such consents for the participants so that it can be retrieved at any time. 

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

o. Applicant portal 

We are pleased that you are interested in working for SATA GmbH & Co. KG. We understand the importance of keeping your data confidential. We will process the personal data you provide via the application form only for the purpose of carrying out the application process correctly and effectively and in order to contact you in the context of the application process. We will not disclose the data to third parties without your consent.

Our data protection practices are in compliance with the provisions of the EU General Data Protection Regulation (EU GDPR) and the German Telemedia Act (TMG). We will collect, process and store your personal data exclusively for processing applications. Only if you consent in advance will your data be used for additional purposes, which must be specifically indicated in your consent, such as the receipt of a newsletter with information about special offers. We collect, process and store the following data when this website or individual files of the website are called up: IP address, website from which the file was called up, name of the file, date and time of the call-up, the name of your Internet service provider, your operating system, browser type/browser version, transferred data volume and a notification whether the call-up was successful (so-called web log). These data are processed in order to enable use of the website (for establishing a connection), for system security, for the technical administration of the network infrastructure and for optimising our internet content. As it will not be possible to attribute the collected data to specific persons, you (as a user) remain anonymous. These data are not combined with other data sources.

The personal data you provide by registering on our job portal and by filling out the online form will only be used by SATA in order to process the application and for the process of filling the position. This also includes documents uploaded to our server such as school leaving certificates, educational certificates, certificates, employment references and photos. These documents will be stored in connection with your personal data and will only be used for purposes of the application process.

All personal data we receive from you in the context of the use of our website will only be collected, processed and used by us for the indicated purpose. We will only do this in compliance with the applicable legal provisions or only with your consent. 

The application form requires you to enter personal data. In this context, we observe the principle of data minimisation and data avoidance in that you will only have to provide us with the data we need to carry out a full review of your application documents. This mandatory information is marked with an asterisk (*). Without these data we will unfortunately not be able to review your application documents; our application system will therefore prevent the uploading of application documents as long as the provided data is incomplete. You can of course provide additional information in the application form on a voluntary basis.

We will store the following of your data (assuming you provide them). Mandatory fields are marked with an asterisk (*), the rest of the data can be added voluntarily.

 

Personal data

Login name*

Password*

Salutation*

Title

Last name*

First name*

Date of birth*

Country*

Street/no.*

Additional address

Postcode*

City*

Contact phone number

Email*

 

Schooling

Highest school degree*

Final grade*

Final grade in German

Final grade in English

Final grade in mathematics

Year of graduation

 

Information on vocational training*

Designation/field

Name of company

Begin of vocational training

Date of graduation

Final grade

 

Information on studies*

Targeted degree

University/institution

City

Begin of studies

Date of the (planned) graduation

1. Study focus

2. Study focus

Targeted academic degree

(Bachelor, master, diploma etc.)

 

Language skills

PC skills

 

Current/most recent work as well as past work

Industry

Companies

City

Field

Title

Job designation

Begin

End

 

Key data

Letter of motivation*

Questions for the company

Earliest possible start date*

Applicable notice period*

Most recent gross annual salary (EUR)

Salary expectation*

 

Annexes

Cover letter*

CV*

Report cards, certificates, references etc.*

Photo

Other documents

We use appropriate security measures to optimally ensure the security and confidentiality of your data. The transfer of your application documents to us is encrypted.

We store your data for the above-mentioned purpose until the application process is concluded. You may opt for a longer storage period for your application documents, enabling us to match your ProfileThis relates to the inner width of air lines and air hoses. The longer the airline the larger the inner diameter has to be dimensioned, in order to minimize the pressure loss and to ensure sufficient air volume..X» with other vacant positions.

For this, we require your explicit consent which you grant by clicking the relevant checkbox prior to uploading your application documents. In this case, we will store your data for six months. You may of course revoke your consent with effect for the future at any time and without giving any reasons, by calling +49 (0) 7154-811-0, by emailing personal(at)sata.com or via post to SATA GmbH & Co. KG, Domertalstraße 20, 70806 Kornwestheim, Germany.

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR.

 

In case we do enter into a contract of employment with you as an applicant, all submitted data for the purpose of handling the employment relationship will be stored in accordance with the legal requirements (see Art 88 para. 1 EU GDPR in conjunction with §26 BDSG-neu). In case we do not enter into a contract of employment with you as an applicant and you have retrieved your consent of processing the data, we will delete your applications documents three months after announcing the rejection of your application automatically unless we are able to demonstrate compelling legitimate grounds for the processing or other legitimate purposes. This may be for example burden of proof according to the General Equal Treatment Act.

 

Legal basis for handling these data until the end of the three-month period is Article 88 para. 1 EU GDPR in conjunction with §26 BDSG-neu

p. CUSTOMER RELATIONSHIP MANAGEMENT

We use a state-of-the-art software tool for our customer relationship management (CRM). In this context, all data remain on servers within the European Union in accordance with the contractual stipulations. For each logging of a new user/device combination, access to the software tool is secured by two-factor authentication.

q. When you use the Nozzle Finder app, we record and process the following information:

- Used language - Selected nozzle- User behaviour with respect to the functions via Google Analytics (item 14.)The Nozzle Finder ("Düsenfinder") is the app for a fast, simple and in-depth selection of the matching nozzle for your SATAjet X 5500. The data are recorded and processed for the optimisation of the app and for an improved user experience.

Legal basis for handling these data is Article 6 para. 1 lit. b EU GDPR

 

12. Automated individual decision-making

 

We are currently not using decision-making solely based on automated processing. 

 

13. Cookies (Art. 6 para. 1 lit. f EU GDPR; Art. 6 para. 1 lit. a EU GDPR if consent is given)

 Our Internet sites use so-called cookies in various locations. The purpose of these is to make our service more user friendly, more effective and more secure. Cookies are small text files which are placed on your end device and saved.

By means of these cookies, we are able to analyse how users use our website. By means of the cookies, we can tailor the website content to the needs of our users. By using cookies, we are also able to measure the effectiveness of a specific advert and can place these depending on the thematic interests of our users for example.

The legal basis for this is Article 6 Paragraph 1 Letter f GDPR and, should consent be present, Article 6 Paragraph 1 Letter a GDPR.

We use the following cookies:

Third party provider cookies:

These types of cookies are managed by third party providers. Third party providers are those who integrate advertising banners into other websites, in particular for publishers. As an example, these use cookies in order to transfer the information that an advertising banner integrated by you led to a purchase. (For example conversion tracking).

For this purpose, so-called temporary / permanent cookies are used, which are automatically deleted after the specified time (as a rule 6 months). These temporary or permanent cookies are saved on your end device and delete themselves after the specified time. The cookies of our partner companies also only contain data in the form of a pseudonym or merely anonymous data in most cases. These enable our partner companies to trace which products you have viewed, whether a purchase was made, which products were searched for etc. In such a case, our advertising partners also record outside of the websites which sites you have previously visited or which products were of interest to you as an example. By means of such, it is possible to display individual advertising. This data in the form of a pseudonym is never combined with your personal data.

Most web browsers accept cookies automatically. It goes without saying that you can also de-activate, restrict or delete cookies on your end device manually via your browser settings or by using software.

Please note: Should you de-activate the setting of cookies, you may not be able to fully use all of the functions of our Internet site.

 

Cookies that are necessary for electronic communication or for provision of certain functionalities that you have wished for upon registration will be stored in accordance with Art. 6 para. 1 lit f) EU GDPR. We have a legitimate interest in using cookies in order to provide faultless and optimized services.

 

Provided your approval upon registration legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

 

14. User ProfileThis relates to the inner width of air lines and air hoses. The longer the airline the larger the inner diameter has to be dimensioned, in order to minimize the pressure loss and to ensure sufficient air volume..X» / web tracking

a. Google Analytics

 

This website uses Google Analytics, a web analytics service provided by Google Inc. (hereinafter referred to as “Google”).  Google Analytics uses so-called "cookies" (text files) stored on your computer. This enables Google to analyse how you use the website. The information generated by the cookie about your use of this website will generally be transferred to a Google server in the US and stored there. Google will use this information at the behest of the owner of this website in order to analyse your use of the website, prepare reports about website activities and to provide other services relating to website and Internet use to the website owner. Google will not associate the IP address transmitted by your browser in the context of Google Analytics with other data.

Deactivate Google Analytics here.

You may refuse the use of cookies at any time by selecting the appropriate settings in your browser. However, please note that if you do this, you may not be able to use the full functionality of this website.

You can furthermore prevent Google’s collection and processing of data generated by cookies relating to your use of the website (including your IP address). You can do this by downloading and installing the browser add-on available at the following link (http://tools.google.com/dlpage/gaoptout?hl=en).

You can find further information at http://www.google.com/intl/de/analytics/privacyoverview.html (general information about Google Analytics and data protection).

Please note that on this website, Google Analytics is supplemented by the code "gat._anonymizeIp();" to ensure an anonymized collection of IP addresses (so-called IP masking). At our request, Google therefore only records your IP address in a truncated form, ensuring anonymity and making it impossible to identify you. However, in case of activation of the IP anonymization on our webpages, Google will first truncate your IP address if you are located in a Member State of the European Union or any other states party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address sent to and truncated by Google servers in the USA.

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

b. Googletagmanager.com

 

Our Internet sites use Google Tag Manager, a service provided by Google. By means of this service, website tags can be administered via an interface. Google Tag Manager only implements tags. This means: no cookies are used and no personal data is gathered. Google Tag Manager initiates other tags which may in turn gather data. However, Google Tag manager does not access this data. Should de-activation have been carried out on a domain or cookie level, this remains in force for all tacking tags, to the extent that these are implemented with Google Tag Manager.

If you have activated Java script in your browser and no Java script blocker installed, your browser may transfer personal data to Google. We do not know what did a Google combines with the received data and for what purposes Google uses such data.

If you want to completely avoid the execution of JavaScript code from Google, you can install a JavaScript blocker (for example www.noscript.net).

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

 

c.       Facebook conversion tracking pixel

 

Our Internet sites use the so-called “Facebook pixel” of the social network Facebook which is operated by Facebook Inc,1 Hacker Way, Menlo Park, CA 94025, USA or should you be resident in the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Legally, the data processing is based on your consent in accordance with Article 6 Paragraph 1 Letter a GDPR.

Personal data may be transferred to the USA by Facebook Inc. However, Facebook is certified under the Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active. As a result, Facebook is obliged to comply with the data protection standards in the EU.

You can enable Facebook and its partners to display adverts on and outside Facebook. For these purposes, a cookie can be saved on your computer. We use the Facebook pixel in order to only display adverts placed by us to those users who have also visited our internet site or who display certain characteristics which we pass on to Facebook. With the assistance of the Facebook pixel, it is possible for Facebook to classify our Internet site visitors as a target group for the display of adverts.

With the assistance of the Facebook pixel, your behaviour on multiple sites can be traced, once you have viewed or clicked on a Facebook advert. The purpose of this process is to evaluate the effectiveness of the Facebook adverts for statistical and market research purposes and can help optimise future advertising measures.

The processing of the data by Facebook takes place in accordance with the Facebook data usage policy:https://www.facebook.com/policy. Specific information concerning the Facebook pixel and its function can be obtained here:https://www.facebook.com/business/help/651294705016616.

You can object to the recording by the Facebook pixel and the use of your data in order to display adverts via the following link:

Please click here to withdraw your consent  https://www.facebook.com/ads/website_custom_audiences/.

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

 

d.       Facebook remarketing / retargeting

 

This website uses the so-called “Remarketing pixel” of the social network Facebook which is operated by Facebook Inc,1 Hacker Way, Menlo Park, CA 94025, USA or should you be resident in the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Legally, the data processing is based on your consent in accordance with Article 6 Paragraph 1 Letter a GDPR.
Personal data may be transferred to the USA by Facebook Inc. However, Facebook is certified under the Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active. As a result, Facebook is obliged to comply with the data protection standards in the EU.
You can enable Facebook and its partners to display adverts on and outside Facebook. For these purposes, a cookie can be saved on your computer. We use the Facebook pixel in order to only display adverts placed by us to those users who have also visited or internet site or who display certain characteristics which we pass on to Facebook. With the assistance of the Remarketing pixel, it is possible for Facebook to classify our Internet site visitors as a target group for the display of adverts.  We gather and process the following data connected to your use of our service: Pages visited on our Internet sites.
With the assistance of the Remarketing pixel, your behaviour on multiple sites can be traced, once you have viewed or clicked on a Facebook advert. The purpose of this process is to evaluate the effectiveness of the Facebook adverts for statistical and market research purposes and can help optimise future advertising measures.
The processing of the data by Facebook takes place in accordance with the Facebook data usage policy:https://www.facebook.com/policy. Specific information concerning the Facebook pixel and its function can be obtained here:https://www.facebook.com/business/help/651294705016616.
You can object to the recording by the Facebook pixel and the use of your data in order to display adverts via the following link:

Please click here to withdraw your consent  https://www.facebook.com/ads/website_custom_audiences/

Click here to disable tracking by Facebook.

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

 

e. Firebase

In our loyalty app, we use Firebase, an analysis service of Google. Firebase uses so-called “cookies”, these are text files which are saved on your smartphone and which enable an analysis of the use of the loyalty app. The information generated by the cookie concerning your use of this app is generally transferred to a server of Google in the USA and saved there. On behalf of the operator of this app, Google will use this information in order to evaluate your use of the app, to compile reports concerning the app activities and to provide additional services connected to the use of the app for the app operator.
You can prevent the saving of the cookies at any time by carrying out the relevant settings in your app; however we wish to inform you that in such a case, you may not be able to use all of the functions of this app.
You will find further information here: http://www.google.com/intl/de/analytics/privacyoverview.html (general information concerning Firebase and data privacy)
Pleas note that in the app firebase analytics was extended by the code gat._anonymizeIp() to ensure an anonymized collection of IP addresses (IP masking). Your IP address will therefore only be collected in a shortened version to ensure anonymization an make sure that your identity cannot be traced. In case of activation your IP address will be shortened by Google within countries of the European Union and other member states of the European Economic Area. Only in exceptionnel cases will the complete IP address be submitted to Google servers in the US and will be shortened there. 

 

15. Social plugins of social networks

 

a. Facebook


Our website uses social plugins (“plugins”) of the social network Facebook.com which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The plugins are marked with a Facebook logo or the notification “Facebook social plugin”.

When you access a page on our website which contains such a plugin, your browser will establish a direct connection to the servers of Facebook. The content of the plugin will be transmitted by Facebook directly to your browser. Your browser will include it in the website.

Through the integration of the plugins, Facebook will receive the information that you have accessed the relevant page on our website. If you are logged into Facebook, Facebook will be able to link the visit with your Facebook account, even if you do not hit the “like” button. When you interact with the plugins, for example by hitting the “like” button, or if you enter a comment, your browser will transfer the relevant information directly to Facebook, where it will be stored.

Even if you do not have a Facebook account, Facebook will be able to collect data relating to you such as your IP address. For information on the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your related rights and the configuration options you can use to protect your privacy, please refer to Facebook’s data policy.

If you do not wish Facebook to collect your data via our website, you have to log out of Facebook prior to visiting our website. You can also install browser add-ons which act as blockers.

Further information can be found in Facebook’s data privacy statement.
http://www.facebook.com/policy.php

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

b. Instagram


On our Internet sites, you can find links to the social media services of Instagram. You can recognise links to the Internet sites of Instagram by the respective corporate logo of Instagram. Should you follow these links, you will reach the corporate presence of the Chamber of Craftsmen of Lower Franconia on Instagram. When clicking on a link to Instagram, a connection is established with the servers of Instragram. By means of this, the servers of Instagram are informed that you have visited our website. In addition, other data is transferred to Instagram. As an example, this includes:
 
 Address of the website on which the activated link can be found
 Date and time of accessing the website and activating the link
 Information concerning the browser and operating system used
 IP address
 
Should you already be logged in to Instagram at the time of activating the link, Instagram can determine your user name and possibly your real name from the transferred data and can assign this information to your personal user account at Instagram. You can exclude this assignment to your personal user account by logging out of your user account first.
 
The servers of Instagram are located in the USA and other countries outside of the European Union. Therefore, the data can also be processed by Instagram in countries outside of the European Union. Please bear in mind that companies in these countries are subject to data protection legislation which does not generally protect personal data to the level which is the case in the Member States of the European Union.
 
Please be aware that we have no influence over the scope, type and purpose of the data processing by Instagram. More detailed information concerning the use of your data by the social media service Instagram which is integrated into our website can be found in the data protection notice of Instagram.
Further information can be found in the data privacy statement of instagram:
http://instagram.com/about/legal/privacy/
Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

C.  YouTube


Our website uses plugins of the website YouTube, which is owned by Google. The website is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our webpages which includes a YouTube plugin, a connection will be established to the servers of YouTube, and the YouTube servers will be informed which of our pages you have visited. If you are logged into your YouTube account, you will enable YouTube to attribute your surfing activities directly to your personal ProfileThis relates to the inner width of air lines and air hoses. The longer the airline the larger the inner diameter has to be dimensioned, in order to minimize the pressure loss and to ensure sufficient air volume..X». You can avoid this by logging out of your YouTube account.

Further information can be found in YouTube’s data privacy statement.

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

b. The two-click solution:

Two clicks for better data protection.

First click:
The social network button is not activated when the page is loaded; it becomes active when it is clicked. Only then will your browser establish a direct connection to the relevant servers. With the first click on the button, you declare your consent for a transfer of data to the respective provider.
When the button is activated, the provider will thus receive the information that you have accessed the relevant page on our website. If you are logged into the respective social network, the visit can be attributed to your account from this moment forward, even if you do not click the button a second time.

Second click:
When you interact with the plugins, for example by entering a comment by hitting the button again, your browser will transfer the relevant information directly to the provider, where it will be stored.

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

 

 

16. Data security and data protection, communication via email

 

In storing your personal data, all technical and organisational measures are taken to prevent third parties from accessing them. As we cannot guarantee that data communicated via email are fully secure, we recommend that you send very sensitive information by post.

 

17. Objection against consignment of marketing emails

 

We hereby expressly object to the use of contact data published in accordance with the imprint requirement for purposes of sending us advertising and information material which we have not expressly requested. The operators of the webpages expressly reserve the right to take legal action should they receive unsolicited advertising material such as spam emails. 

 

18. Mobile apps from SATA (e.g. Loyalty App, SATA App, ...) 

 

Parts of our web content are provided via mobile device apps from SATA. All integrated data processes, i.e. data collection, data storage and data processing are carried out via the processes and processing systems indicated in the preceding data protection policy.

To provide certain features, our apps will also need permissions, specifically:

Camera: For the barcode scanner feature, the app requires access to the camera. The camera is exclusively used for scanning barcodes.

Device storage: Our apps require access to the device storage in order to cache, change or delete app contents. We do not get any data from your device memory.

Network and WLAN: Our apps require access to your telecommunication connection, your Wi-Fi/WLAN or your network, in order to receive data from our apps and our website over the Internet to update their content on a regular basis.

 

19. Links to third-party websites

 

Our website contains links to the websites of other companies. These are clearly identifiable as such. We have no influence on the content of any existing links to third-party webpages and thus have to disclaim any warranty or liability for such contents. The content of such pages is always the responsibility of the respective provider or operator.

The linked pages were reviewed for possible legal violations and recognisable infringements of rights at the time the link was placed; no unlawful content was identified at the time the link was created. However, monitoring the content linked pages on an ongoing basis is infeasible, unless specific evidence of unlawful content exists. Where we become aware of such violations, we remove such links without delay.

 

20. Inclusion, applicability and updating of the data protection statement

 

By using our services, you consent to the use of your data as described above. This data protection statement is dated 26 June 2018 in its existing form and currently valid.

It may become necessary to update this data protection statement as we improve our website or implement new technologies. SATA GmbH & Co. KG reserves the right to amend this data protection statement at any time with effect for the future. The current version of this data protection statement can be accessed at any time on our website under “Data Protection Statement". You should inform yourself about the currently applicable data protection statement, where appropriate.