Data protection at a glance

General Information

As being responsible for this website, we take the protection of your personal data very serious. We treat your personal data confidential in particular in accordance with the statutory data protection regulations.

We intend this website to be purely for informative purposes and thus do not use tracking or cookies in order to limit the collection of your personal data as much as possible.

By using this website, various personal data is collected. Personal data is data that you can be personally identified with. This data protection declaration describes which data we collect and for what we use it. It also explains how and for what purpose this is done. We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.

Responsible for this website

SinnerSchrader Praha s.r.o. | SinnerSchrader Group Drahobejlova 2400/15, Libeň 190 00 Praha 9 Czech Republic

 

Managing Board: Thomas Dyckhoff, Frank Giesler, Dr. Ralf Kordsmeier

Responsible for data protection

SinnerSchrader Praha s.r.o. | SinnerSchrader Group Data Privacy Officier Drahobejlova 2400/15, Libeň 190 00 Praha 9

datenschutz-cz@sinnerschrader.com

Visiting our website

By visiting our website we process certain data of our visitors. What kind of data, on which legal basis, for what purpose and for how long we process, please read our subsequent data privacy policy.

Providing our website:

By loading our webpage, some data is being stored in a web server protocol file:

  • Date and time of the request for the load of the web page
  • Size of the data package being transmitted within the connection
  • Type and version of the used browser as well as your IP address

Furthermore, we store the following information:

  • HTTP Method
  • Host name
  • URI of the request
  • HTTP Response Code
  • Referrer
  • User-Agent
  • Edge Result, Edge Request-ID
  • Host Header, HTTP-Protocol, Time to first byte, x-forward header, SSL-Protocol and SSL cypher, Protocol version, FLE-Status, FLE encrypted fields.

The legal base for the processing of your IP address is Art. 6, para. 1, lit. f) GDPR. Our legitimate interest to store this data is based on the following purposes:

  • ensure a seamless connection establishment
  • ensure the smooth usage of our website / application
  • technical analysis of the system security and stability

Your IP address is generally not stored, we especially do not use it for analysing personal data. A full storage of the IP address would only happen so that we can track technical errors or hacker attacks. Our web servers are configured in a way that your IP address is deleted in a timely manner after your visit of our site.

Amazon Web Services (AWS)

AWS is a subsidiary of Amazon.com, Inc. or its affiliates (“Amazon.com”). Amazon Web Services is a cloud service provider. Here we host and operate our website. Within the setup of our website, we made sure to not track any information about you in the web server logfiles. Nevertheless, for loading our website, some personal data needs to be gained to allow the technical processing of your request, e.g. your IP address. Legal basis for using AWS on our website is the privacy shield framework (https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4&status=Active). We may process your personal data until our legitimate interest ceases to exist.

For more details of AWS's privacy and security processes, please visit https://aws.amazon.com/de/privacy/ and https://policies.google.com/privacy?hl=en.

Rights according to legal data protection regulations

You have the right to request information, correction, deletion or blocking of your personal data. As far as you should request deletion of your personal data stored by us, we will execute your request without undue delay, unless legal duties for documentation or storage apply. You can object to the usage of your personal data for advertising or market research purposes or revoke given opt-ins at any time.

In case we process personal data of you, you are so called "affected" within the meaning of the General Data Protection Regulation (GDPR) and you have the following rights vis-à-vis the controller:

  • Right to information according to Art. 15 GDPR. You have the right to get information for free about your personal data stored by us at any time. Furthermore, you have the right to have your data provided to us transferred to yourself or a third party at any time.
  • Right to correct any information that is inaccurate or incomplete according to Art. 16 GDPR. ]]
  • Right to Deletion according to Art. 17 GDPR.
  • Right to limitation of processing according to Art. 18 GDPR. At your request, we will correct, block or delete the personal data stored about you, provided that other statutory regulations (e.g. obligations to store data from the German Commercial Code) do not prevent this.
  • Right to data transferability according to Art. 20 GDPR. You have the right to get information about your personal data for free in a structured, current and readable format.
  • Right of contradiction/revocation of permission according to Art. 21 GDPR. If you have given us your consent to process your personal data, you can revoke this at any time.
  • Right of complaint to the national supervisory authority according to Art. 13 para. 2 lit. d) GDPR. Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or suspect of infringement, if you believe that the processing of personal data concerning you is contrary to the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy according to Art. 78 GDPR.

In order to process your request (please mail: datenschutz-cz@sinnerschrader.com), we are obliged to check your identity carefully. Please understand that we reserve the right - depending on the criticality of the data - to request further information or proof of identity. This serves in particular to protect your personal data from unauthorized access by third parties. We would like to point out that we reserve the right not to process requests that are received inappropriately frequently or without corresponding proof of identity. We will inform you of this in writing (via E-Mail).

Children

Persons under 13 should not send us personal data without the consent of their parents or persons with parental power. We ask for no personal data from children and adolescents, nor do we collect such information nor pass it on to third parties.

Use of cookies

We do not set or store any cookies on our website sinnerschrader.cz.

Contact via email

Our website gives you the possibility to contact us via email. In the event that you contact us via e-mail, you automatically agree that we may process your personal data for the purpose of communicating with you. We do not forward your personal data to any third party. Legal basis for the processing of your data in this context is your consent pursuant to Art. 6 para. 1 lit. f) GDPR.

We may process your personal data until you revoke your consent or the processing or data processing for other reasons is no longer necessary (e.g. Communication with user via E-Mail has ended. The conversation is ended, when the circumstances of the raised communication request haven been finally resolved.

If you contact us via email, you can inform us anytime that you disagree with the usage of your personal data. In a case like this, we won't be able to resolve your earlier request any further. For disagreeing with the usage of your personal data, you can contact us anytime at datenschutz-cz@sinnerschrader.com. All personal data that has been stored concerning your email communication request will then be deleted.

Links to other websites

You will find links to other websites on this website, directly or indirectly by means of links. The legal basis for such processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. We may process your personal data until our legitimate interest ceases to exist. We hereby expressly distance ourselves from all contents of these sites to which links are established and do not adopt these contents as our own. We do not have any influence on changes of the linked content.

Our website may contain links to other providers' websites, which are not covered by this data protection policy. To the extent that the use of websites of other providers involves the capture, processing and use of personal data, please refer to the data protection policy of the relevant provider.

Online presence on social media

Data policy statement for Facebook fan pages

The use of this Facebook fan page is accompanied by the processing of personal data. In addition to Facebook, we as the fan page operator also collect and process users’ personal data on our fan page.

Our intention in providing the following information is to give you an overview of the processing mentioned above and also to advise you of your rights pursuant to the European General Data Protection Regulation (GDPR) and the Bundesdatenschutzgesetz (BDSG – German Federal Data Protection Act).

Data processing on our Facebook fan page

When you visit our fan page (www.facebook.com/S2Prague), Facebook Ltd., 4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland, collects, stores and processes your personal data in accordance with Facebook’s data policy.

Facebook uses cookies to store and further process this information, and these cookies are stored on the various devices of the visitors to the Facebook fan page, especially when the visitors are registered members of Facebook. As a result, Facebook can display targeted advertising on its own platform and also on third-party pages. Facebook does not publish in full and we do not know to what extent Facebook uses the above-mentioned data for its own purposes, to what extent activities on the Facebook fan page are associated with individual users, how long Facebook stores this data and whether data is disclosed to third parties.

Facebook, Inc., the US parent company of Facebook Ireland Ltd., is certified under the EU-US Privacy Shield and has thus declared that it complies with the European level of data protection and the accompanying data policies. As the operator of the Facebook fan page, we cannot rule out the possibility that data belonging to users of the Facebook fan page will be transferred to and processed in third countries, nor can we exclude any related risks.

For further information, please also see Facebook’s data policy: https://facebook.com/about/privacy/

Facebook furthermore offers the option of objecting to specific forms of data processing; you will find related information and opt-out choices at https://www.facebook.com/settings?tab=ads.

We use the statistics services Facebook Insights for the purpose of designing and continually updating our pages as needed. This service records your activity on our page and sends it to us in the form of anonymised statistics. This allows us to gain an insight among other things into the activity of the visitors to our fan page, page views, the reach of contributions, views and average duration of video playbacks, information about which countries and cities our visitors come from as well as statistics on the gender balance of our visitors.

In addition, Facebook records data if you interact with our page as a registered Facebook user (e.g. if you click a Like button, send us a message, or post a comment). These interactions are also recorded and provided in the statistics by Facebook; we as the operator are unable to exert an influence on this. It is therefore not possible for us as the fan page operator to deactivate this function or to prevent data from being generated and processed.

It is not possible for us as the fan page operator to identify individual users or to access individual user profiles on the basis of the insights automatically provided by Facebook.

You can find more detailed information on Facebook Insights from Facebook here: https://www.facebook.com/legal/terms/information_about_page_insights_data

Facebook and we share responsibility for processing the Insights data. The details of this are governed by the agreement on shared responsibility (Joint Controller Addendum), which you can find here: https://www.facebook.com/legal/terms/page_controller_addendum

As the fan page operator, we also process data to a very limited extent only. Our fan page is operated on the legal basis of a balance of interests in accordance with Art 6(1) f) GDPR.

In addition, we store user names and comments that are deleted on account of a breach of netiquette. These are tracked only in order to furnish any evidence that may be required in legal disputes within the period of limitation.

The legal basis for us as the operator of the Facebook fan page to process data as mentioned above is Art. 6(1) b) GDPR (e.g. if you send us a request relating to a contract) on the one hand. On the other, the data can also be processed on the basis of your consent pursuant to Art. 6(1) a) GDPR (e.g. if you “like” or comment on one of our posts or upload content onto our page). You can withdraw the consent you have given at any time with effect for the future by deleting the comment or the content in question. The withdrawal of consent shall not affect the lawfulness of processing based on consent given before it is withdrawn.

Facebook has assumed the primary responsibility for the processing of personal data using the “Insights” service offered by Facebook. This concerns the processing of Insights data and the implementation of the rights of the data subject. Please therefore contact Facebook directly concerning all obligations arising from the GDPR in relation to the processing of Insights data. We will forward to Facebook any queries that we receive from you on this subject.