Privacy Policy

Smyczek GmbH
Introduction

We, Smyczek GmbH, as the operator of the website, are the controller responsible for processing the personal data of users of the website. Our contact information can be found in the “Imprint” section of the website. The contact persons for questions relating to the processing of personal data are specified in this Privacy Policy.

We take the protection of your privacy and personal data very seriously. We only record, save, and use your personal data in accordance with the content of this Privacy Policy as well as the applicable data protection provisions, in particular the European General Data Protection Regulation (GDPR) and the national data protection provisions.

This Privacy Policy is intended to provide you with information regarding the extent to which personal data is processed in connection with the use of the website and the purpose of processing such personal data.

Personal data

Personal data means any information relating to an identified or identifiable natural person. This includes any information about your identity, such as your name, your e-mail address, or your postal address. Information that cannot be linked to your identity (such as statistics, like the number of users of the website) is not considered to be personal data.

In general, you can use our website without disclosing your identity or entering personal data. In this case, we only record general information about your visit to our website. However, for certain services, personal data is collected from you. In this case, we will only process this data for purposes relating to the use of this website, particularly to provide the requested information. When collecting personal data, it is only essential to enter the mandatory data. It may be possible to enter additional data, but such data is entered voluntarily. In each case, we indicate whether the field is a mandatory or voluntary one. We provide specific details in the appropriate section of this Privacy Policy.

No automated decisions are made on the basis of your personal data in connection with the use of our website.

Processing personal data

We save your data on specially protected servers within the European Union. These servers are subject to technical and organizational measures that protect your data from being lost, destroyed, accessed, modified, or distributed by unauthorized persons. It is only possible for a small number of authorized persons to access your data. These persons are responsible for the technical, commercial, or editorial management of the servers. However, although regular checks are made, it is not possible to protect your data against all risks.

Your personal data is transmitted in encrypted form via the internet. For data transmission purposes, we use TLS/SSL encryption (Transport Layer Security/Secure Socket Layer).

Sharing personal data with third parties

In principle, we only use your personal data to provide the services requested by you. If we employ external service providers as part of the service provision, they access the data solely for the purposes of the service provision. We take technical and organizational measures to ensure compliance with requirements under data protection law and we require our external service providers to do the same.

In addition, we do not share the data with third parties without your express consent, particularly for advertising purposes. Your personal data is only shared if you have consented to this or if we are authorized or required to do so on the basis of legal provisions and/or official or judicial orders. In particular, this may include sharing information for the purposes of criminal prosecution, prevention of hazards, or enforcement of intellectual property rights.

If we or service providers transmit your personal data to countries outside the European Union, we comply with the special requirements of Art. 44 et seq. of the GDPR and also require our service providers to comply with the same. We will therefore only transmit your data to countries outside the European Union subject to the level of protection guaranteed by the GDPR. In particular, this level of protection is guaranteed by an adequacy decision of the European Commission or by the use of standard data protection clauses in accordance with Art. 46(2)(c) of the GDPR.

Legal basis for data processing

If we obtain consent to the processing of your personal data, Art. 6(1)(a) of the GDPR serves as the legal basis for data processing.

If we process your personal data because this is necessary for the performance of a contract or as part of a quasi-contractual relationship with you, Art. 6(1)(b) of the GDPR serves as the legal basis for data processing.

If we process your personal data in order to comply with a legal obligation, Art. 6(1)(c) of the GDPR serves as the legal basis for data processing.

Furthermore, Art. 6(1)(f) of the GDPR is the legal basis if it is necessary to process your personal data in order to protect the legitimate interests of our company or of a third party, provided such interests are not overridden by your interests, fundamental rights, and fundamental freedoms that require the protection of your personal data.

In this Privacy Policy, we always indicate the legal basis applied to the processing of your personal data.

Erasure of data and storage duration

In principle, we always erase or block your personal data once the purpose of saving it no longer applies. However, the data may be saved beyond this time if this is stipulated by legal requirements to which we are subject, such as with regard to legal retention and documentation obligations. In such cases, we erase or block your personal data once the appropriate requirements no longer apply.
 

Using our website

Information about your computer

Every time you access our website, we obtain the following information about your computer, regardless of your registration status: the IP address of your computer, your browser request, and the time of this request. The status and the transmitted data volume are also recorded as part of this request. We also obtain product and version information about the browser used and the computer’s operating system. Furthermore, we record the website from which our website was accessed. Your computer’s IP address is only saved for the period of time in which the website is used and for the following three months. After this time, it is erased or anonymized by abbreviating it. The rest of the data is stored for a limited period of time.

We use this data to operate the website; in particular, we use it to identify and fix errors, to determine the utilization level of the website, and to make modifications or improvements. These purposes also cover our legitimate interest in data processing in accordance with Art. 6(1)(f) of the GDPR.

Use of cookies

Like many web pages, our website uses cookies. Cookies are small text files that are saved on your computer and that store certain settings and data for the purposes of exchange with our website via your browser. A cookie generally contains the name of the domain from which the cookie file was sent, as well as information about the age of the cookie and an alphanumeric identifier.

Cookies enable us to identify your computer and to make any default settings available immediately. As far as possible, we use session cookies, which are automatically erased at the end of the browser session. In limited cases, we may also use cookies with a longer storage duration so that your default settings and preferences can be taken into account the next time you visit our website.

Most browsers are set to accept cookies automatically. However, you can deactivate the saving of cookies or adjust your browser settings so that it informs you as soon as cookies are sent. It is also possible to erase previously saved cookies manually via the browser settings. Please note that your use of our website may be blocked or restricted if you do not consent to the saving of cookies or if you erase required cookies.

If cookies are not required for our website, we request that you consent to the use of cookies the first time you access the website. In each case, the legal basis for the associated data processing, including the sharing of data with third parties, is your consent in accordance with Art. 6(1)(a) of the GDPR. Once consent is granted, it can be withdrawn at any time with effect for the future, in particular by changing the selected settings.

The legal basis for the use of required cookies is our legitimate interest in the proper provision of our website in accordance with Art. 6(1)(f) of the GDPR and – if contracts are concluded or performed via our website – the performance of a contract in accordance with Art. 6(1)(b) of the GDPR.

Matomo

For our website, we use the open-source software Matomo (formerly Piwik) for statistical evaluation of usage. Matomo is a web analytics service. The data collected through Matomo is stored in a database for the purposes of usage analysis in order to optimize our web pages. The data collected includes the abbreviated IP address, the time, the web pages accessed, the web page from which you accessed our web page (“referrer”), the browser used, the period of time you stayed on our web pages, and the frequency of access.

The evaluations generated with Matomo are fully anonymized and cannot be used to identify an individual person. The data saved by Matomo is not linked to any other data sources or shared with third parties.

Our legal basis for the use of Matomo is your consent in accordance with Art. 6(1)(a) of the GDPR. You are free to withdraw this consent at any time. Any data processing operations completed before consent is withdrawn are not affected. You can opt out of Matomo data analysis by following this link.

Privacy settings

You can edit your settings for privacy and the individual cookies here.

 

Integration of third-party services

For certain features of our website, we access third-party services. These services are primarily optional features that you need to explicitly select or use. We have concluded contractual agreements with the relevant providers for the provision or integration of their services and we do everything we can to ensure that the third-party providers give transparent information about the extent to which personal data is processed and comply with data protection provisions.

Vimeo

In order to display videos on our website, we use “Vimeo” (Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA, hereinafter referred to as “Vimeo”).

In some cases, user data is processed on Vimeo servers in the USA.

The legal basis is Art. 6(1)(a) of the GDPR. You grant your consent by allowing the integration of external content.

If you grant your consent to the embedding of videos from Vimeo, a connection to the Vimeo servers in the USA is established in order to display the video. For technical reasons, your IP address is transmitted to Vimeo and processed by Vimeo for this purpose. In addition, the date and time you visited the relevant page is recorded.

If you are logged in to Vimeo when you visit our web pages on which a Vimeo video is embedded, Vimeo assigns the collected user data to your personal user account. To prevent this, you must either log out of Vimeo before visiting our web pages or configure the account settings on Vimeo accordingly.

Vimeo uses Google Analytics for the purposes of web analytics. Google Analytics saves cookies on your end device via your web browser and sends Google information about the use of our web pages on which a Vimeo video is embedded. Google may save and process the information on servers in the USA.

If you do not agree to the saving and processing of your data, it is necessary to prevent the installation of cookies. You can do this by configuring the relevant settings in your browser. In this regard, we refer to our statements on the subject of cookies.

More information on the collection, use, and processing of data by Vimeo and on your rights and ways to protect your privacy can be found at http://vimeo.com/privacy.
 

Friendly Captcha

We use Friendly Captcha on our website to check and prevent automated interactions, e.g., by “bots”. This is a service provided by Friendly Captcha GmbH, Wörthsee, Germany, hereinafter referred to as “Friendly Captcha”.

This service enables Friendly Captcha to determine the web pages from which a request is sent and the IP address from which you are using the Captcha input box. In addition to your IP address, Friendly Captcha may also collect other information that is necessary to provide and guarantee this service.

The legal basis is Art. 6(1)(f) of the GDPR. Our legitimate interest is in the security of our website and in the prevention of unwanted, automated access in the form of spam or similar.

Friendly Captcha offers further information on the general handling of your user data at https://friendlycaptcha.com/de/legal/privacy-end-users/.

Retargeting and remarketing

Retargeting or remarketing refers to technologies that show appropriate advertisements to users who have previously visited a certain web page, even after they have left that web page. For this purpose, it is necessary to recognize internet users again after they have left the web page, which is why cookies from the appropriate service providers are used; previous usage behavior is also taken into account. If a user views certain products, for example, they may be shown these or similar products later as advertisements on other web pages. These advertisements are customized to the needs of individual users. For these customized advertisements, it is not necessary for the user to be identified beyond the initial recognition. This means we do not combine the data used for retargeting or remarketing with any other data.

We use technologies of this type to place advertisements on the internet. We use third-party providers to place the advertisements. We use services from Google, among others, to enable products that are of interest to internet users to be shown automatically. This function is implemented using cookies. The possibility that data may be transmitted to Google in the USA in this process, and that US security agencies may gain access to this data, cannot be ruled out. More information about this technology can be found in the Google Privacy Policy at https://policies.google.com/privacy. The installation of cookies for Google remarketing and Google AdWords conversion tracking can be prevented by configuring the settings in the relevant browser software by accessing the web page http://www.google.com/policies/privacy/ads/ and changing the corresponding settings.

Our legal basis for the use of the cookies described above is your consent in accordance with Art. 6(1)(a) of the GDPR. You are free to withdraw this consent at any time. Any data processing operations completed before consent is withdrawn are not affected.
 

External hosting

We use an external service provider to save the data we collect. The company in question is Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4–6, 32339 Espelkamp, Germany.

We use this service to save our data on Mittwald servers. If you transmit data to us or if data is lawfully collected from you, it will be stored by Mittwald.

The legal basis for this is Art. 6(1)(f) of the GDPR. Our legitimate interest is to provide a fast and secure website.

Further information on data processing can be found in the Mittwald Privacy Notice at https://www.mittwald.de/datenschutz.


Job applications

You can apply for a job with us by e-mail. You can also send us your application in another way, such as by post.

When you submit an application, your documents are sent electronically to the responsible employees at our company. If you have applied for an advertised position, the documents will be automatically erased three months after completion of the appointment process, provided that the erasure does not conflict with any other legitimate interests. Legitimate interests of this type may include the burden of proof in proceedings in accordance with the General Act on Equal Treatment (Allgemeines Gleichbehandlungsgesetz – AGG). In the case of an application for a position that is not advertised (speculative application), the application will be retained for as long as the application may be of interest. You can request that your application be erased at any time, including before the scheduled retention periods have elapsed. If your application is successful, the transmitted data will be saved for the purposes of processing the employment relationship, taking account of the legal requirements. The legal basis for processing your personal data is therefore Section 26, Para. 1 Sentence 1 of the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). Data processing within the context of the applicant portal is also based on your consent in accordance with Art. 6(1)(a) of the GDPR.
 

Communication with us

You can contact us in a number of ways, including via the contact form on our web page. 

Contact form

If you have any questions, please use the online contact form. If you wish to use the contact form, we record the personal data that you enter in the contact form, particularly your name and e-mail address. We also save the IP address and the date and time of the request. We process the data transmitted via the contact form solely for the purposes of responding to your request or concern.

You can choose which information to send via the contact form. The legal basis for processing your data is your consent in accordance with Art. 6(1)(a) of the GDPR.

Once we have processed the matter, the data will initially be saved in case there are any subsequent queries. You can request that the data be erased at any time, otherwise we will erase the data once the matter has been fully resolved; legal retention obligations remain unaffected in each case.
 

Your rights and contact

We believe it is very important to be as transparent as possible when explaining how your personal data is processed and to inform you about your rights. If you wish to receive more information or exercise your rights, you can contact us at any time so that we can take care of your request.

Rights of the data subject

You have a large number of rights in relation to the processing of your personal data. Firstly, you have an extensive right of access and can request that your personal data be rectified and/or erased or blocked if necessary. You can also request a restriction of processing and have a right to object. With regard to the data transmitted to us by you, you also have a right to data portability.

If you wish to exercise one of your rights and/or wish to receive more information in this regard, please contact our Customer Service team. Alternatively, you can also contact our Data Protection Officer.

Withdrawal of consent and objection

Once you have granted consent, it can be withdrawn freely at any time with effect for the future. The withdrawal of consent shall not affect the lawfulness of the processing completed on the basis of the consent up to the time of withdrawal. Our Customer Service team and Data Protection Officer are also the points of contact in this matter.

If the processing of your personal data is not based on consent but on another legal basis, you can object to this data processing. Your objection will lead to a review and possibly to a termination of the data processing. You will be informed of the results of the review and – in the event that data processing will be continued despite the objection – you will receive more information from us as to why data processing is permissible.

Data Protection Officer and contact

We have appointed a Data Protection Officer who provides us with support in relation to matters under data protection law and who is available for you to contact directly. Our Data Protection Officer is available if you have any questions about how we handle personal data or if you require more information about matters under data protection law:

Mr. Hans-Peter Jakobfeuerborn
Phone: +49 5246 7090-0
E-mail: datenschutz@smyczek.de

Complaints

If you believe that the processing of your personal data by us is not in accordance with this Privacy Policy or the applicable data protection provisions, you have the right to lodge a complaint with a supervisory authority. You can submit a complaint to our Data Protection Officer. The Data Protection Officer will then review the matter and inform you of the results of the review.
 

Further information and changes

Links to other websites

Our website may contain links to other websites. These links are generally identified as such. We have no influence on the extent to which the linked web pages comply with the applicable data protection provisions. We therefore recommend that you obtain further information from other websites about the relevant privacy policies.

Changes to this Privacy Policy

The status of this Privacy Policy is identified by the date information (below). We reserve the right to change this Privacy Policy at any time with effect for the future. In particular, a change is made in the event of technical modifications to the website or in the event of changes to the requirements under data protection law. The current version of the Privacy Policy is always available to access directly via the website. We recommend that you inform yourself regularly of any changes to this Privacy Policy.

Status of this Privacy Policy: March 2024