Data Protection Statement of SATA GmbH & Co. KG

1. General information

 

We appreciate your interest in our company, products and services and we take the protection of your personal data very seriously. We process your data in accordance with the applicable laws and regulations for the protection of personal data, in particular the EU General Data Protection Regulation (EU GDPR) and the national implementation acts that apply to us. The purpose of this privacy statement is to provide you with comprehensive information about the processing of your personal data by SATA GmbH & Co. KG and your rights in this context.

Personal data are defined as information allowing the identification of a natural person. This includes in particular the name, date of birth, address, phone number, email address but also your IP address. 

Data are considered anonymous when no personal connection whatsoever can be made to the user.

The following declaration will thus show you what kinds of data we collect for which purpose, the extent to which these data are made accessible to third parties and what kinds of security measures we are taking. You will also be informed about your statutory rights in relation to the processing of these data.

It is our goal to provide the highest possible level of protection for all data entrusted to us and to fully comply with all statutory requirements. If you have any suggestions how we might improve the security of the data entrusted to us, please let us know under datenschutz@sata.com.

2. Controller and data protection officer

Responsible Organisation Art. 4 Paragraph 7 GDPR 

SATA GmbH & Co. KG

Domertalstr. 20

70806 Kornwestheim

Phone: +49 (7154) 811 – 0

Fax: +49 (7154) 811 – 196

Email: datenschutz@sata.com

Web: www.sata.com

 

Contact details of the data protection officer

atarax GmbH & Co. KG

Norbert Rauch

Email: DSB@sata.com

3. Your rights as the “data subject”

 

Let us start by informing you about your rights as the “data subject”. These rights are set out under articles 15 - 22 EU GDPR. They include the right…

of access (Art. 15 EU GDPR),

of erasure (Art. 17 EU GDPR),

of rectification (Art. 16 EU GDPR),

to data portability (Art. 20 EU GDPR),

to restriction of processing (Art. 18 EU GDPR),

to object to data processing (Art. 21 EU GDPR).

To exercise these rights or if you have any questions on the data processing of our company, please contact our above-mentioned data protection officer. You are also entitled to lodge a complaint with a supervisory authority for data protection.


4. Rights of objection 

 

Please note the following in relation to rights of objection:

If we are processing your personal data for direct marketing purposes, you have the right to object to such processing at any time without providing reasons therefor. The same applies for measures to improve the offered products and services or the shopping experience, to the extent that it is related to direct marketing.

If you object to the processing for the purpose of direct marketing or for the purpose of improving our offerings, we will no longer process your personal data for these purposes. The objection must be submitted to our above-mentioned contact details; it is not subject to formal requirements.

Where we process your data for the purpose of legitimate interests, you also have the right to object at any time to such processing on grounds relating to your particular situation; this also applies for the creation of a user profile based on these provisions.

If you file an objection, we will no longer process your personal data unless we are able to demonstrate compelling legitimate grounds for the processing. This may be the case if the processing serves for the establishment, exercise or defence of legal claims or if it serves other legitimate purposes which override your interests, rights and freedoms.


5. Purposes and legal basis of the data processing

 

The processing of your personal data is in compliance with the provisions of the EU GDPR and all other applicable data protection provisions. The legal basis of the data processing derives in particular from Article 6 EU GDPR.

We will use your data for the purposes of initiating business, to fulfil contractual and legal obligations, to carry out the contract, to offer products and services, to process queries and (if applicable) to process orders/contracts, for administrative purposes and to strengthen the relationship with the customer, for staff and customer satisfaction surveys (which may also include analyses for marketing purposes and direct marketing with product and price information) and in the context of our application portal. If necessary, you will be asked for your consent. Your data will also be used for further purposes which are specifically stated in a consent, for example, for information on newsletter offers, etc.

Your consent constitutes a permission subject to data protection law. In this context, we will inform you about the purposes of the data processing and your right to object. Should the consent also cover the processing of special categories of personal data, we will explicitly advise you of this in Article 88 para. 1 EU GDPR regarding consent.

Processing of special categories of personal data within the meaning of Article 9 para. 1 EU GDPR will only be carried out if it is required by law and there is no reason to assume that you have an overriding legitimate interest in your data being excluded from processing, Article 88 para. 1 EU GDPR.

6. Disclosure to third parties / purposes and extent

 

We will disclose your data to third parties only where permitted by law, to meet our contractual obligations or on the basis of a corresponding consent. In this context, we will only disclose your data (e.g. name and address) which we require to meet our statutory, legal or contractual obligations or which third parties require to ensure smooth functioning, in particular to implement a concluded contract. 

No other disclosure will be made to third parties, unless we are required to make such disclosure due to compelling legal acts or provisions (disclosure to external bodies such as regulatory authorities or law enforcement authorities).

7. Recipients of data/categories of recipients

 

We will ensure within our company that only persons who require your data to carry out their job responsibilities or meet the contractual and statutory obligations receive your data. This also applies for any exchange of data with our affiliated companies (e.g. UK or Canada), or for the disclosure (to our international distribution partners) of address data of customers who have given their consent to be contacted or to receive, for example, our newsletter, or which have provided their address data in the context of the implementation of the contract.

In many cases, the work of our specialist departments is supported by service providers. The necessary contractual arrangements have been put in place with all service providers, for example in the form of a data processor agreement. 

8. Transfer of data to third countries and intent to transfer to third countries

 

Data will only be transferred to third countries (outside of the European Union or the European Economic Area) if this is necessary for carrying out the contract, required by law or if you have given your consent. The scope of the transferred information is described under no. 6.

A sufficient level of protection is, provided that the state does not ensure a level of data protection that is accepted by the EU, ensured by EU standard contractual clauses.

9. Data storage period

 

We will store your data for as long as the specific purpose of processing requires. Please note that various retention periods require the continued storage of data. This concerns in particular record retention requirements under commercial and tax law (e.g. German Commercial Code, German Tax Code, etc.). If no further retention requirements apply, the data will be routinely erased once the purpose has been achieved.

In addition, we may retain data if you have granted your consent or if legal disputes arise and we use evidence subject to statutory limitation periods.

10. Transferring your data

 

We use appropriate technical and organisational security measures to protect our stored data optimally against accidental or intentional manipulation, loss, destruction, and access by unauthorised persons. The security levels are reviewed on an ongoing basis in cooperation with security experts and adapted to new security standards.

The exchange of data with our website is encrypted (in both directions). Our website offers SSL as communication protocol, using the most up-to-date encryption protocols. For applications via our applicant portal, we offer content encryption. Only we are able to decrypt these data. Alternative communication channels are also available (for example by post).

Requirements to make data available

 

Various personal data are necessary for the conclusion, implementation and termination of the contract as well as for the fulfilment of the contractual and statutory requirements related thereto. The same applies for the use of our website and the various functions provided by it.

We have summarised details under para. 11. In certain cases, the law requires us to collect and/or provide data. Please note, that processing your request or carrying out the underlying contractual relationship is not possible without the provision of these data. If you therefore refuse the consent to the use of your data (or if you limit your consent) for reason of extreme caution, you may not be able to take advantage of our products and/or services, or only to a limited degree. By continuing to use our products/services or parts thereof, you accept any potential disadvantages arising therefrom.

Categories, sources and origin of the data

 

Which data we process depends on the context of the relevant case. The content and scope of the data differs, for example, if you place an order online, if you enter a query into our contact form, if you submit an application or a complaint.

Please note that we may provide information on data protection in specific data processing situations separately at an appropriate place, for example, when application documents are uploaded or a contact request is submitted.

11. Offered services and data requests:

General information on requesting and using data / the principle of data minimisation

We collect the data specified below for certain services, such as website visits, SAL checks, user logins (e.g. for premium warranty and forum), contact requests, registration on the website of our company e.g. at MySATA, user self-service, password changes, newsletter registration, registration for the virtual painter, registration for photobox, SATA loyalty programme, order transactions, registration for prize competitions, registration for meetings, registration for seminars and courses, ordering brochures and ordering from the marketing catalogue. These data are used for establishing contact, for responding to your questions and wishes, to facilitate your visit on our website, to adapt your data, as a requirement for participating in SATA activities, for processing the order, for participating in customer loyalty programs and for supporting the sales activities of our customers and partners. We will not disclose these data without your consent, except in the specific situations described above.

In this context, the principle of data minimisation and data avoidance is observed as you will only be asked to provide data we absolutely need to process your request or to provide the relevant service. In most cases, your IP address will also be processed. This is required for technical reasons and to establish legal security. All fields not marked with an (*) asterisk are not compulsory. Filling them in is optional and may be done for example to enable more individualised answers to your questions. Some services also require additional consent for more extensive processing of your personal data. You will be asked to provide the consent and informed of the respective purpose. Without this consent, no additional processing of your personal data will take place.

If you contact us via email, we will process all personal data contained in the email exclusively for the purpose of processing your inquiry. If you do not use the provided contact forms, no additional data will be collected.

When registering on our website, the IP address of the user, the date and time of the registration will also be stored (technical background data). By clicking the button “Accept”, you consent to the processing of your data.

Please note: The password you choose is stored as encrypted. Our employees are not able to read this password and can therefore not provide you with any information should you forget your password.

In this case, you should use the “forgot your password” function to receive an email with an automatically generated new password. Our employees will never ask you for your password either on the phone or in writing. You should therefore never give your password if you receive such requests.

Once the registration is concluded, we store your data for your use of the protected customer section. As soon as you login to our website with your email as the login name and your password, these data you provided will be made available on our website or are available for retrieval.

You can of course cancel all services for which you have registered at any time using the relevant function of the service or by sending an email to unsubscribe@sata.com, revoking your consent and giving a specific description of the service you want to cancel. 

Should you give your consent for the use of your data for advertising purposes by clicking the relevant checkbox (e.g. to subscribe to our newsletter), we will also process your data to send you information and offers relating to our products/services/new products/news on technology/promotions/special offers/price information/events such as trade fairs, other events, training/courses, via email or post. You can always revoke your consent under +49 (0) 7154/811-0, via email to unsubscribe@sata.com or by post to

SATA GmbH & Co. KG, Domertalstrasse 20, 70806 Kornwestheim, Postfach 1828 70799 Kornwestheim, Germany. 

You do not have to give any reasons for revoking your consent.

a. When you visit our website, we will collect and process the following data:

Name of the Internet service provider

Information about the website from which you came to us

Your web browser and operating system

The IP address assigned by your Internet service provider

Requested files, transferred data volume, downloads/file export

Information about the websites you access on our website, including date and time

For reasons of IT security (in particular to defend against attempted attacks on our web server), these data will be stored in accordance with Art. 6 para. 1 lit f) EU GDPR.

b. For a SAL check, we collect and process the following data:

Name

Phone number

Country

Email address

Whether you want to receive the newsletter

IP address

Dealer name and address

SAL number*

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

c. For a registration for the premium warranty, we collect and process the following data:

 

User data

Salutation

Company name

First name*

Name*

Street

Additional address

Postcode

City

State/Province

Country

Email

 

Dealer details

Company name

Street

Additional address

Postcode

City

Country

Seller name

 

Product data

Purchase date*

Product type*

Serial number*

 

Legal basis for handling these data is Article 6 para. 1 lit. b EU GDPR

d. For a contact request (contact form), we collect and process the following data:

Salutation

First name

Last name

Company name

Title

Street

Postcode

City

Country

Telephone

Fax

Email*

Field of work (automotive repair, industry, carpentry, painter, other field)

Interest in (spray guns, automatic guns, air filtration, breathing protection, material feed systems, spraying systems, spray gun cleaning, corrosion protection, spare parts)

Lacquer used

Captcha

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

e. For a MySATA registration (user registration, e.g. for use of the forum), we collect and process the following data:

Password*

Email address*

Salutation

First name*

Last name*

Company name

Address

Additional address

Postcode

Place of residence

Country

State/country/province

Telephone

Fax

Industry (automotive repair, airbrush, lacquer manufacture, vocational school, wholesaler/retailer, private individual, other, industry, carpenter/painter)

Language

I want to receive relevant information about SATA and SATA products per email or in the newsletter (yes, no)

 

Legal basis for handling these data is Article 6 para. 1 lit. b EU GDPR

f. For the user self-service, we collect and process the following data:

Form language

Salutation

First name*

Last name*

Email address*

Country

Language*

Industry (automotive repair, airbrush, lacquer manufacture, vocational school, wholesaler/retailer, private individual, other, industry, carpenter/painter)

Company name

Street/street number

Postcode

City

Whether you want information via email or newsletter

Whether you want information by post

Whether you wish to receive any information at all

 

Legal basis for handling these data is Article 6 para. 1 lit. b EU GDPR

g. For a password change, we collect and process the following data:

Password*

Email address*

 

Legal basis for handling these data is Article 6 para. 1 lit. b EU GDPR

h. For a newsletter registration, we collect and process the following data:

Email*

Salutation

First name

Last name

Company name

Industry (automotive repair, airbrush, lacquer manufacture, vocational school, wholesaler/retailer, private individual, other, industry, carpenter/painter)

Country

Newsletter language*

Consent to marketing via email or newsletter*

You can subscribe to a free newsletter on our website The email address indicated for the newsletter registration as well as your name, your country of origin and the industry in which you work will be used for sending you a personalised newsletter. We will provide you with special information for your industry and country. If you want to receive the newsletter by post, we require your address data.

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

i. For staff and customer satisfaction surveys, the following data are collected:

Name

Address

Company name

Company address

How likely you are to recommend us

Reasoning

The required personal data may be stored in this context and disclosed to third parties (service provider companies). All legal provisions and requirements relating to commissioned data processing will be observed. 

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

j. In the context of the ordering transaction, we process the following data

Salutation

Last name, first name*

Delivery address*

Invoice address*

Email Address*

Company name (if corporate customer)

VAT no. (if corporate customer)

Phone number (optional)

We offer users the option to register on our website with their personal data. A registration offers certain benefits. For example, the system will remember the data you enter into the order form, so you don’t have to re-enter it for your next order, and you will also be enabled to view your order history. The registration is thus required to carry out a contract or measures in advance of a contract; however, it is also possible to proceed with guest access.

In order to deliver on web shop orders, we will also require the invoice address (salutation, first name, last name, address). Should the delivery address differ from the invoice address, you will have to provide the same information with regard to the delivery address.

If you are registered, you will be able to change/correct invoice or delivery address via the order history yourself. However, it is possible that such a change is made too late to be taken into account for orders that have been placed but not yet delivered. Our customer service will gladly carry out changes/corrections for you upon request: Kundenservice@sata.com (D+AT); customerservice@sata.com (rest of world). You can of course also cancel/delete the registration/your customer account.

Your IP address will also be processed. This is required for technical reasons and to establish legal security. Without these data, we will unfortunately not be able to conclude the contract with you. Without the data, we will be unable to carry out the contract or we may be forced to terminate an existing contract. Of course you can also provide additional data on your own initiative, if you choose to do so.

Payment systems, credit check

Our online shop offers credit card or PayPal payment. This requires the collection of payment data in order to carry out your order as well as the payment transaction. Your IP address will also be processed. This is required for technical reasons and to establish legal security. The payment is processed by our payment provider PaySquare SE.

We reserve the right to obtain a credit check (based on mathematical and statistical methods) from credit agencies in order to protect our legitimate interests. To this end, we transfer the personal data required for the credit check to third parties. We are then provided with information about the statistical probability of a payment default which we use to make a balanced decision on the establishment, implementation or termination of the contractual relationship. The credit check may include score values which are calculated on the basis of scientifically recognised mathematical and statistical methods and which are based, among other things, on address data. 

Your legitimate interests will be taken into account in accordance with the law. You can request information about the data stored in relation to you by contacting Datenschutz@sata.com. Except for the indicated purposes of carrying out credit checks, implementing the contract and processing the payment, no data will be disclosed to third parties.

Our payment system uses SSL encryption for transmitting your data.

Note regarding credit card payments: As is customary for credit card payments, the credit card information will be verified and a credit check will be carried out. By selecting this payment option, the cardholder consents to the disclosure of the information required to carry out the credit check.

The personal data disclosed to PayPal generally comprises the first name, last name, address, email address, IP address, phone number, mobile phone number or other data required to process the payment.

Note regarding PayPal: PayPal as a company of PayPal (Europe) S.à r.l. et Cie, S.C.A.
22-24 Boulevard Royal, L-2449 Luxembourg. If the customer selects the payment option “PayPal” in our online shop during the order process, the customer’s data will be transferred to PayPal automatically.

By selecting this payment option, the customer consents to the disclosure of the personal data required for payment processing. The personal data disclosed to PayPal generally comprises the first name, last name, address, email address, IP address, phone number, mobile phone number or other data required to process the payment.

Carrying out the purchase contract also requires the personal data related to the relevant order. Details on PayPal’s data protection are available under:

Https://www.paypal.com/de/webapps/mpp/ua/privacy-prev (for the legal situation applicable from 25 May 2018).

Legal basis for handling these data is Article 6 para. 1 lit. b EU GDPR

k. For requests for brochures and personalised brochures, we collect and process the following data:

Name*

Customer number*

Company name*

Street*

Postcode*

City*

Country*

Telephone

Email*

Ordered items*

 

Delivery address

Name

Customer number

Company name

Street

Postcode

City

Country

Comments

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

l. For orders from the marketing catalogue, we collect and process the following data: 

Name*

Company name*

Street*

Postcode*

City*

Country*

Telephone

Email*

Ordered items*

 

Delivery address

Name

Company name

Street

Postcode

City

Country

Comments

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

m.  For prize competitions, we collect and process the following data:

Last name, first name

Address

Email address (depending on the contact channel)

Age

(If applicable) consent for newsletter receipt

We offer you the option of participating in one of our prize competitions via our website or for example via Facebook If you fill out the prize competition form, we will process the entered data to carry out the prize competition and (with your consent) to provide you with the newsletter (advertising consent).

The prize competition form also offers you the option of consenting to the use of your data for advertising purposes. You can of course also participate in the prize competition without granting advertising consent.

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

n. For the creation and use of an account of the SATA Loyalty App, we will process the following data:

Last name, first name*

Date of birth*

Company name*

Address*

Email address*

Usage data (login times, IP address, manufacturer and model of the user device)

Bonus data (optional, e.g. job, usage data relating to SATA products)

Scan/purchase data

Scan/purchase frequency

Scope of scan

Industry

Job of the person logging in

The SATA Loyalty Programme (“Programme”) is a loyalty-based customer retention programme. SATA GmbH & Co. KG (“SATA”) operates the programme and the SATA Loyalty App (“App”). The implementation of the programme is first of all governed by the conditions for participation (Allgemeine Teilnahmebedingungen) as amended from time to time. These conditions are supplemented by the following data protection provisions, which apply for natural persons participating in the programme (“participants”) and regulate the handling of personal and other data of the participants (“participant data”) on occasion of and in the context of the programme, setting out in particular specifically when and which participant data are collected, used and processed, to which purposes, as well as the rights of the participants relating to the respective data-related activities.

Collection and processing of participant data by SATA 

 

Registration and usage data

 

When creating a user account, SATA will collect name, date of birth, mobile and landline number, email address and address of the participant as well as the name and the address of the company for which the participant acts with regard to the collection of reward points and for redeeming rewards (“registration data”). SATA uses the registration data to implement and process the programme, in particular for the management of “coins” and for sending out rewards. 

In addition to the registration data, SATA automatically collects further participant data via the App in connection with the use of the App; the participant is not separately notified of this collection and does not have to actively cooperate in this collection. This data collection includes the date and time of the last logins and changes to the App user account, as well as the IP address, manufacturer and model name of the user device used in the most recent login (“usage data”). SATA uses the usage data to enable and improve the use of the App and to ensure the security and stability of its IT systems. The IP address of the user device executing the App is analysed in the event of attacks on or the misuse of SATA’s IT systems as well as for statistical purposes. The usage data are automatically erased after the expiration of a maximum storage period of 6 months after the collection of the relevant data.

Subject to the prior consent of the participant, the registration and usage data will also be used and processed to determine so-called “booster periods” and for determining prizes and establishing contact in the context of “Treasure Hunt“ prize competitions. During promotional periods defined by SATA, “point boosters” apply where the scan of one coin returns a multiple of the usual points; “Treasure Hunt” prize competitions offer the opportunity of winning instant prizes.

 

Bonus data and data analysis for improving products

 

Participants may voluntarily provide additional participant data in the App; this may be done in return for a certain number of coins which are credited to the participant. The data concern the use of SATA products by the participants and/or their companies (for example the job of the participants, type, scope and purpose of their use of SATA products – hereinafter collectively referred to as “bonus data”. 

Subject to the prior consent of the participant, SATA will analyse registration, usage and bonus data in order to better understand the use of SATA products by the participants and their companies and in order to improve SATA products and the loyalty programme.

 

Participant consent

As a participant, you may have expressly granted us the following consents.

Consent to the use of data for product improvement

I consent that SATA analyses my personal data collected in the context of the programme participation for the purpose of improving the products distributed by SATA or the products and services offerings (including the loyalty programme); this consent shall apply until I revoke it.

Consent to email advertising

I consent that SATA uses my contact data collected in the context of the programme participation in order to inform me (via electronic mail (email)) about products, services, promotions or additional services of the loyalty programme; this consent shall apply until I revoke it. 

 You can check your consent status under the profile settings of the app.

Consent to phone marketing

I consent that SATA uses my contact data collected in the context of the programme participation in order to inform me (by phone) about promotions or additional services of the loyalty programme, if I have provided my consent in my account; this consent shall apply until I revoke it.

The individual consent status can be viewed in the profile settings of the app.

If you have granted your consent, your consent as participant of the SATA loyalty programme will be logged by SATA. This is done exclusively to meet SATA’s legal obligation to retain the content of such consents for the participants so that it can be retrieved at any time. 

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

o. Applicant portal 

We are pleased that you are interested in working for SATA GmbH & Co. KG. We understand the importance of keeping your data confidential. We will process the personal data you provide via the application form only for the purpose of carrying out the application process correctly and effectively and in order to contact you in the context of the application process. We will not disclose the data to third parties without your consent.

Our data protection practices are in compliance with the provisions of the EU General Data Protection Regulation (EU GDPR) and the German Telemedia Act (TMG). We will collect, process and store your personal data exclusively for processing applications. Only if you consent in advance will your data be used for additional purposes, which must be specifically indicated in your consent, such as the receipt of a newsletter with information about special offers. We collect, process and store the following data when this website or individual files of the website are called up: IP address, website from which the file was called up, name of the file, date and time of the call-up, the name of your Internet service provider, your operating system, browser type/browser version, transferred data volume and a notification whether the call-up was successful (so-called web log). These data are processed in order to enable use of the website (for establishing a connection), for system security, for the technical administration of the network infrastructure and for optimising our internet content. As it will not be possible to attribute the collected data to specific persons, you (as a user) remain anonymous. These data are not combined with other data sources.

The personal data you provide by registering on our job portal and by filling out the online form will only be used by SATA in order to process the application and for the process of filling the position. This also includes documents uploaded to our server such as school leaving certificates, educational certificates, certificates, employment references and photos. These documents will be stored in connection with your personal data and will only be used for purposes of the application process.

All personal data we receive from you in the context of the use of our website will only be collected, processed and used by us for the indicated purpose. We will only do this in compliance with the applicable legal provisions or only with your consent. 

The application form requires you to enter personal data. In this context, we observe the principle of data minimisation and data avoidance in that you will only have to provide us with the data we need to carry out a full review of your application documents. This mandatory information is marked with an asterisk (*). Without these data we will unfortunately not be able to review your application documents; our application system will therefore prevent the uploading of application documents as long as the provided data is incomplete. You can of course provide additional information in the application form on a voluntary basis.

We will store the following of your data (assuming you provide them). Mandatory fields are marked with an asterisk (*), the rest of the data can be added voluntarily.

 

Personal data

Login name*

Password*

Salutation*

Title

Last name*

First name*

Date of birth*

Country*

Street/no.*

Additional address

Postcode*

City*

Contact phone number

Email*

 

Schooling

Highest school degree*

Final grade*

Final grade in German

Final grade in English

Final grade in mathematics

Year of graduation

 

Information on vocational training*

Designation/field

Name of company

Begin of vocational training

Date of graduation

Final grade

 

Information on studies*

Targeted degree

University/institution

City

Begin of studies

Date of the (planned) graduation

1. Study focus

2. Study focus

Targeted academic degree

(Bachelor, master, diploma etc.)

 

Language skills

PC skills

 

Current/most recent work as well as past work

Industry

Companies

City

Field

Title

Job designation

Begin

End

 

Key data

Letter of motivation*

Questions for the company

Earliest possible start date*

Applicable notice period*

Most recent gross annual salary (EUR)

Salary expectation*

 

Annexes

Cover letter*

CV*

Report cards, certificates, references etc.*

Photo

Other documents

We use appropriate security measures to optimally ensure the security and confidentiality of your data. The transfer of your application documents to us is encrypted.

We store your data for the above-mentioned purpose until the application process is concluded. You may opt for a longer storage period for your application documents, enabling us to match your profile with other vacant positions.

For this, we require your explicit consent which you grant by clicking the relevant checkbox prior to uploading your application documents. In this case, we will store your data for six months. You may of course revoke your consent with effect for the future at any time and without giving any reasons, by calling +49 (0) 7154-811-0, by emailing personal@sata.com or via post to SATA GmbH & Co. KG, Domertalstraße 20, 70806 Kornwestheim, Germany.

 

Legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR.

 

In case we do enter into a contract of employment with you as an applicant, all submitted data for the purpose of handling the employment relationship will be stored in accordance with the legal requirements (see Art 88 para. 1 EU GDPR in conjunction with §26 BDSG-neu). In case we do not enter into a contract of employment with you as an applicant and you have retrieved your consent of processing the data, we will delete your applications documents three months after announcing the rejection of your application automatically unless we are able to demonstrate compelling legitimate grounds for the processing or other legitimate purposes. This may be for example burden of proof according to the General Equal Treatment Act.

 

Legal basis for handling these data until the end of the three-month period is Article 88 para. 1 EU GDPR in conjunction with §26 BDSG-neu

p. CUSTOMER RELATIONSHIP MANAGEMENT

We use a state-of-the-art software tool for our customer relationship management (CRM). In this context, all data remain on servers within the European Union in accordance with the contractual stipulations. For each logging of a new user/device combination, access to the software tool is secured by two-factor authentication.

12. Automated individual decision-making

 

We are currently not using decision-making solely based on automated processing. 

13. Cookies

 

Our Internet websites use so-called cookies in several areas. They serve to make our website more user-friendly, more effective and more secure. Cookies are small text files which are stored on your computer and which are saved by your browser (locally on your hard drive).

These cookies allow us to analyse how users interact with our website. This enables us to design the content of our website in accordance with the requirements of our users. Cookies also allow us to measure the effectiveness of displayed content and for example choose its location depending on thematic user interests.

Most of the cookies we use are so-called "session cookies”, which are automatically deleted after your visit. Permanent cookies are deleted automatically from your computer after their period of validity expires (usually six months). You can also delete them manually at any time.

Most web browsers will accept cookies automatically. However, you will usually be able to change the settings of your browser if you prefer not to provide such information. If you are asked to consent to the use of cookies in the context of using one of our services, the use of the service will either be precluded or restricted unless you grant your prior consent. 

Cookies are stored on the computer of the user and transferred to our website. You as the user therefore have full control over the use of cookies. By changing the settings of your Internet browser, you can deactivate or limit the transfer of cookies. You can also delete cookies already placed via an Internet browser or other software programs at any time. All common Internet browsers allow this.

Please note: If you deactivate cookies, it may not be possible to fully utilise all of the features of our website.

 

Cookies that are necessary for electronic communication or for provision of certain functionalities that you have wished for upon registration will be stored in accordance with Art. 6 para. 1 lit f) EU GDPR. We have a legitimate interest in using cookies in order to provide faultless and optimized services.

 

Provided your approval upon registration legal basis for handling these data is Article 6 para. 1 lit. a EU GDPR

14. User profile / web tracking

a. Google Analytics

 

This website uses Google Analytics, a web analytics service provided by Google Inc. (hereinafter referred to as “Google”).  Google Analytics uses so-called "cookies" (text files) stored on your computer. This enables Google to analyse how you use the website. The information generated by the cookie about your use of this website will generally be transferred to a Google server in the US and stored there. Google will use this information at the behest of the owner of this website in order to analyse your use of the website, prepare reports about website activities and to provide other services relating to website and Internet use to the website owner. Google will not associate the IP address transmitted by your browser in the context of Google Analytics with other data.

Deactivate Google Analytics here.

You may refuse the use of cookies at any time by selecting the appropriate settings in your browser. However, please note that if you do this, you may not be able to use the full functionality of this website.

You can furthermore prevent Google’s collection and processing of data generated by cookies relating to your use of the website (including your IP address). You can do this by downloading and installing the browser add-on available at the following link (http://tools.google.com/dlpage/gaoptout?hl=en).

You can find further information at http://www.google.com/intl/de/analytics/privacyoverview.html (general information about Google Analytics and data protection).

Please note that on this website, Google Analytics is supplemented by the code "gat._anonymizeIp();" to ensure an anonymized collection of IP addresses (so-called IP masking). At our request, Google therefore only records your IP address in a truncated form, ensuring anonymity and making it impossible to identify you. However, in case of activation of the IP anonymization on our webpages, Google will first truncate your IP address if you are located in a Member State of the European Union or any other states party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address sent to and truncated by Google servers in the USA.

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

b. Googletagmanager.com

 

Our website re-loads Java script code of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: Google).

If you have activated Java script in your browser and no Java script blocker installed, your browser may transfer personal data to Google. We do not know what did a Google combines with the received data and for what purposes Google uses such data.

If you want to completely avoid the execution of JavaScript code from Google, you can install a JavaScript blocker (for example www.noscript.net).

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

 

c.       Facebook conversion tracking pixel

 

With your consent, our website uses the conversion tracking pixel service by Facebook, Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA (“Facebook”). This lets us track the actions of users after they have been forwarded to a provider website by clicking on a Facebook ad. We are thus in a position to record the efficacy of Facebook advertisements for the purposes of statistics and market research. The collected data remain anonymous. In other words, we cannot view the personal data of the individual users. However, the collected data are saved and processed by Facebook. We are informing you about this matter in accordance with our current information. Facebook can associate the data with data of your Facebook account, and uses the data for its own advertising purposes, according to the Facebook privacy policy https://www.facebook.com/about/privacy/. Facebook conversion tracking also lets Facebook and its partners show you ads inside and outside Facebook. A cookie is also saved on your computer to this end.

Consent may only be given by users aged 13 and more. If you are younger than 13 years, please contact your legal guardian.

Please click here to withdraw your consent  https://www.facebook.com/ads/website_custom_audiences/.

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

 

d.       Facebook remarketing / retargeting

 

The social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA integrates remarketing tags on our website. When you visit our website, the remarketing tags create a direct link between your browser and the Facebook server. Facebook is thus informed that you have visited our website with your IP address. As a result, Facebook can associate the visit to our website with your user account. We can use the information obtained in this way for displaying Facebook ads. Please note that as provider of this website, we are not given any information about the contents of the transmitted data and their use by Facebook. More information about this can be found in the Facebook privacy policy on https://www.facebook.com/about/privacy/.

Please click here to withdraw your consent  https://www.facebook.com/ads/website_custom_audiences/

Click here to disable tracking by Facebook.

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

15. Social plugins of social networks

a. Facebook

 

Our website uses social plugins (“plugins”) of the social network Facebook.com which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The plugins are marked with a Facebook logo or the notification “Facebook social plugin”.

When you access a page on our website which contains such a plugin, your browser will establish a direct connection to the servers of Facebook. The content of the plugin will be transmitted by Facebook directly to your browser. Your browser will include it in the website.

Through the integration of the plugins, Facebook will receive the information that you have accessed the relevant page on our website. If you are logged into Facebook, Facebook will be able to link the visit with your Facebook account, even if you do not hit the “like” button. When you interact with the plugins, for example by hitting the “like” button, or if you enter a comment, your browser will transfer the relevant information directly to Facebook, where it will be stored.

Even if you do not have a Facebook account, Facebook will be able to collect data relating to you such as your IP address. For information on the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your related rights and the configuration options you can use to protect your privacy, please refer to Facebook’s data policy.

If you do not wish Facebook to collect your data via our website, you have to log out of Facebook prior to visiting our website. You can also install browser add-ons which act as blockers.

Further information can be found in Facebook’s data privacy statement.

http://www.facebook.com/policy.php

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

b. Twitter

 

Our website includes Twitter features. These features are provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. By using Twitter and the function “retweet”, the websites you use will be linked with your Twitter account and disclosed to other users. In this context, data are transferred to Twitter.

Please note that we – as the provider of the webpages – have no knowledge of the content of the transferred data or of its use by Twitter. You can change your Twitter data privacy settings in your account under http://twitter.com/account/settings.

Further information can be found in Twitter’s data privacy statement.

http://twitter.com/privacy

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

c. Google +1

 

Our websites use features of Google +1. These features are provided by Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

Collection and disclosure of information: The Google +1 button allows you to make information available publicly and globally. Via the Google +1 button, you and other users can receive personalised content from Google and our partners. Google stores both the information that you have clicked +1 for certain content, as well as information about the site you were viewing when you clicked +1. Your +1's can be shown as tips together with your profile name and photo in Google services, such as search results or your Google profile, or in other places on websites and in ads on the Internet. Google records information on your +1 activities to improve Google services for you and others. To be able to use the Google +1 button, you need a globally visible, public Google profile that must contain at least the name chosen for the profile. This name is used in all Google services. In some cases, this name can also replace another name that you have used when sharing content via your Google account. The identity of your Google profile can be displayed to users who know your email address or have other identifying information about you.

Use of the collected information: In addition to the above-described uses, the information you provide is used in accordance with the applicable Google data protection policies. Google may publish aggregate statistics regarding the +1 activities of users or disclose these to users and partners, such as publishers, advertisers or associated websites.

Further information can be found in Google’s data privacy statement.

https://developers.google.com/+/web/buttons-policy.

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

d. Instagram

 

Our webpages include Instagram features. These features are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. While you are logged into your Instagram account, clicking the Instagram button will link the content of our webpages with your Instagram profile. This enables Instagram to attribute the visit of our webpages to your user account. Please note that we – as the provider of the webpages – have no knowledge of the content of the transferred data or of its use by Instagram.

Further information can be found in Instagram’s data privacy statement.

http://instagram.com/about/legal/privacy/

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

e. YouTube

 

Our website uses plugins of the website YouTube, which is owned by Google. The website is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our webpages which includes a YouTube plugin, a connection will be established to the servers of YouTube, and the YouTube servers will be informed which of our pages you have visited. If you are logged into your YouTube account, you will enable YouTube to attribute your surfing activities directly to your personal profile. You can avoid this by logging out of your YouTube account.

Further information can be found in YouTube’s data privacy statement.

https://policies.google.com/privacy?hl=en&gl=eny

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

f. The two-click solution: 

 

Two clicks for better data protection. 

 

First click: 

The social network button is not activated when the page is loaded; it becomes active when it is clicked. Only then will your browser establish a direct connection to the relevant servers. With the first click on the button, you declare your consent for a transfer of data to the respective provider.

When the button is activated, the provider will thus receive the information that you have accessed the relevant page on our website. If you are logged into the respective social network, the visit can be attributed to your account from this moment forward, even if you do not click the button a second time. 

 

Second click:

When you interact with the plugins, for example by entering a comment by hitting the button again, your browser will transfer the relevant information directly to the provider, where it will be stored.

 

Legal basis for handling these data is Article 6 para. 1 lit. f EU GDPR

16. Data security and data protection, communication via email

 

In storing your personal data, all technical and organisational measures are taken to prevent third parties from accessing them. As we cannot guarantee that data communicated via email are fully secure, we recommend that you send very sensitive information by post.

17. Objection against consignment of marketing emails

 

We hereby expressly object to the use of contact data published in accordance with the imprint requirement for purposes of sending us advertising and information material which we have not expressly requested. The operators of the webpages expressly reserve the right to take legal action should they receive unsolicited advertising material such as spam emails. 

18. Mobile apps from SATA (e.g. Loyalty App, SATA App, ...) 

 

Parts of our web content are provided via mobile device apps from SATA. All integrated data processes, i.e. data collection, data storage and data processing are carried out via the processes and processing systems indicated in the preceding data protection policy.

To provide certain features, our apps will also need permissions, specifically:

Camera: For the barcode scanner feature, the app requires access to the camera. The camera is exclusively used for scanning barcodes.

Device storage: Our apps require access to the device storage in order to cache, change or delete app contents. We do not get any data from your device memory.

Network and WLAN: Our apps require access to your telecommunication connection, your Wi-Fi/WLAN or your network, in order to receive data from our apps and our website over the Internet to update their content on a regular basis.

19. Links to third-party websites

 

Our website contains links to the websites of other companies. These are clearly identifiable as such. We have no influence on the content of any existing links to third-party webpages and thus have to disclaim any warranty or liability for such contents. The content of such pages is always the responsibility of the respective provider or operator.

The linked pages were reviewed for possible legal violations and recognisable infringements of rights at the time the link was placed; no unlawful content was identified at the time the link was created. However, monitoring the content linked pages on an ongoing basis is infeasible, unless specific evidence of unlawful content exists. Where we become aware of such violations, we remove such links without delay.

20. Inclusion, applicability and updating of the data protection statement

 

By using our services, you consent to the use of your data as described above. This data protection statement is dated 26 June 2018 in its existing form and currently valid.

It may become necessary to update this data protection statement as we improve our website or implement new technologies. SATA GmbH & Co. KG reserves the right to amend this data protection statement at any time with effect for the future. The current version of this data protection statement can be accessed at any time on our website under “Data Protection Statement". You should inform yourself about the currently applicable data protection statement, where appropriate.