Data Privacy Policy

The legal regulations for the protection of your data can be found in the General Data Protection Regulation (GDPR).
SR Suntour Europe GmbH, Riedstrasse 31, 83627 Warngau, Germany, is the responsible controller in terms of the GDPR.

Below you will find information about what personal data - that is all data that identifies or makes you identifiable, such as name, address, e-mail address or even user behavior - we collect during your visit to our website and how this data is used. Should you have any further questions, please feel free to contact us at [email protected].
You also have the right to file a complaint to any supervisory authority in the event of unlawful use of the data. The competent supervisory authority for us is:

Bavarian State Office for Data Protection Supervision
PO Box 606
91511 Ansbach
Germany
Phone: +49 (0) 981 53 1300
Fax: +49 (0) 981 53 98 1300
e-mail: [email protected]

1. Server Data

When you visit our site, various server statistics are automatically stored, which your browser sends to the server of our provider: IP address, date and time of access, name of the file accessed, subpage as well as anonymous user name, city, region and country of the user, operating system of the user, browser of the user, browser version of the user, interactions of the user on the website, pages visited by the user, duration of the session and number of sessions of the user, date of the first visit to the site, date and time of each interaction of the user, time spent on the site, duration of the user's requests, user's requests, exception errors of the site, date and time and duration of exception errors logged.

This data is used for statistical evaluation of the visits to our site and cannot be assigned to specific persons.

The legal basis for the collection of data is Art. 6 para. 1 lit. f) GDPR. A consolidation of this data with other data sources is not carried out. The IP address will be anonymized. Our legitimate interest in the collection of this data is based on the fact that we can use the data to optimize our offer for users, e.g. by preventing access from malicious sites or by optimizing access via certain browsers, and that the log of the IP address is what makes the delivery of the site to the visitor possible in the first place.

Generally you have the right to object to this collection of data. This is actually not possible in this case, because otherwise the content of this site can´t be carried out and the use of the site would not be possible.

The data will be deleted as soon as they are no longer required for the above-mentioned purposes.

1a. Security of data transmission

For the transmission of your data we use a secure server with SSL technology (Secure Socket Layer) with a 128-bit encryption. Thus your data is transmitted to us securely and unreadable for unauthorized persons.

Your passwords are hashed, i.e. stored cryptologically, and are thus protected from access by third parties as well as the responsible persons.

2. Processing and disclosure of personal data

2a. General information

As far as you have provided us with personal data, we use it to answer your inquiries, to advise you and to process contracts concluded with you and for technical administration. Your personal data will, except in the cases explicitly mentioned in this declaration, only be passed on or otherwise transmitted to third parties if this is necessary for the purpose of contract processing, for billing purposes or if you have given your prior consent. You have the right to revoke your consent with effect for the future at any time, see also section 11 on your rights as a data subject. Where we base the data processing on legitimate interests, you have the right to object.

2b. Performance of a contract

In the context of contracts of sale concluded with you, we collect and store the personal data you provide, such as name, address, for the purpose of contract processing, e.g. also for invoicing.

A passing on of the data takes place in the context of the accounting to banks. The accounting data will be transferred to the tax authorities within the framework of the legal tax requirements.

The legal basis for the collection, processing and transfer of data within the scope of contract processing is Art. 6 Par. 1 lit. b) GDPR. The legal basis for the transfer of the data to the tax authorities is Art. 6 para. 1 lit. c) GDPR.

The deletion of this data is carried out after the expiry of the applicable statutory storage obligations. As far as we are not subject to any legal storage obligations, the deletion of the data is carried out when the purpose of processing the data ceases to apply.

You have the right of information to your data stored by us at any time, see below. Clause 11 on your rights of data subjects.

2c. Request by e-mail

If you send us a contact request by e-mail, we collect and store the e-mail address and the data contained in the e-mail.

Legal basis: Should a contractual relationship develop from the inquiry in the course of contract initiation or should the inquiry refer to an existing contractual relationship, the legal basis is Art. 6 para. 1 lit. b) GDPR, as the storage of the data is necessary for the fulfilment of a pre-contractual or contractual obligation. Furthermore, we also have a legitimate interest according to Art. 6 para. 1 letter f) GDPR in the processing of the data for the purpose of communication and answering your inquiries.

The data will be deleted when the purpose for which it was stored no longer applies, i.e. after your e-mail inquiry has been answered or when the matter associated with the inquiry has been finally clarified. In the case of an existing contractual relationship or a contractual relationship resulting from the inquiry, the data will be deleted after expiry of the statutory retention periods.

3. Cookies

The Internet pages use so-called cookies in several places. They serve to make our offer more user-friendly, more effective and safer. A cookie is a piece of text information that our website places on the user´s device via your web browser. Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. We also use cookies that recognize your browser when you log in to your customer account and facilitate access to the stored content.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest results from the fact that we only use the above-mentioned cookies to make the site easier to access for you, do not collect any tracking data and therefore do not interfere with your personal rights and fundamental freedoms.

You can exclude the acceptance of cookies in your web browser. However, this may possibly lead to impairments in functionality. For your further rights of data subjects, please see section 11 below.

These cookies are only valid for the duration of your browser session and will be deleted when you end your visit to our site.

4. Facebook Page

We operate a so-called “Facebook fan page” for the purpose of exchanging information with our customers and advertising new products or services as well as for general information about our company and its employees. Customers and interested parties can join this fan page by clicking the "Like" button and thus regularly receive information about our company in their news feed on Facebook. We would like to point out that you use this Facebook fan page and its functions on your own responsibility.

This applies in particular to the use of the interactive features, such as commenting, sharing, likening (see "Things you and others have done and provided" in the Facebook Data Policy Statement: www.facebook.com/policy), as well as information about the devices used by users (e.g., IP addresses, operating system, browser type, language settings, cookie data; see "Device Information" in the Facebook Data Policy Statement: www.facebook.com/policy)

For the operation of our Facebook fanpage we use the technical platform and services of Facebook Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland.

As explained in the Facebook Data Policy under "How we use this information," Facebook also collects and uses information to provide analytics services, known as "page insights," to site operators to help them understand how people interact with their sites and the content associated with them. This information is used to provide us, as operators of the Facebook Pages, with statistical information about the usage of the Facebook Fanpage.

We have concluded a special agreement with Facebook ("Information on Page Insights", www.facebook.com/legal/terms/page_controller_addendum), which specifically regulates the security measures that Facebook must observe and in which Facebook has agreed to fulfill the rights of the data subjects (i.e. users can, for example, send information or deletion requests directly to Facebook). The rights of users (in particular to information, deletion, objection and complaints to the competent supervisory authority) are not limited by the agreements with Facebook. Further information can be found in the "Information on Page Insights" (https://www.facebook.com/legal/terms/information_about_page_insights_data).

The data collected about you in this context will be processed by Facebook Ltd. and may be transferred to countries outside the European Union. What information Facebook receives and how this information is used is described in general terms by Facebook in its Data Privacy Policy.

There you will also find information on how to contact Facebook and how to set up ads. The data policy is available at the following link: www.facebook.com/privacy/explanation

In what way Facebook uses the data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook fan page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook fan page is passed on to third parties is not conclusively and clearly stated by Facebook and is not known to us.

Facebook Ltd. is able to understand that you have visited our fan page and how you have used it by means of the cookies it uses and the information it collects. This also applies to all other Facebook pages as well as to the use of the social share buttons, if they are integrated on our website.

This data can be used to offer content or advertising tailored to your needs.

If you want to avoid this, you should log off from Facebook or deactivate the "stay logged in" function, delete the cookies on your device, close your browser and restart it. This will delete Facebook information that can be used to identify you immediately.

This allows you to use our Facebook fan page without revealing your Facebook identification, but your IP address will be recorded and cookies will be set again. You can exclude the acceptance of cookies in your web browser. However, this can possibly lead to impairments in functionality.

When you access interactive features of the site (Like, Comment, Share, Messages, etc.), a Facebook login screen will appear. Once you have logged in, Facebook will again recognize you as a specific user.

For information on how to manage or delete existing information about you, please refer to the Facebook Data Policy.

We are jointly and severally responsible with Facebook Ireland Ltd. for the collection or receipt in the course of a transmission (but not the further processing) of "event data" that Facebook collects or receives in the course of a transmission for the following purposes by means of the Facebook Social Plugins that are executed on our online offer:

- Advertising information that corresponds to the presumed interests of users and the display of content;

- Delivery of commercial and transactional information;

- improving ad delivery and personalizing features and content.

We have entered into a special agreement with Facebook ("Addendum for Controllers", www.facebook.com/legal/controller_addendum), which specifically addresses the security measures that Facebook must comply with (https://www.facebook.com/legal/terms/data_security_terms) and in which Facebook agrees to comply with the rights of data subjects.

Note: If Facebook provides us with measurements, analyses and reports that do not contain any information about individual users and are anonymous to us, then this processing is not carried out within the scope of joint responsibility, but on the basis of a contract processing agreement ("Data Processing Conditions ", www.facebook.com/legal/terms/dataprocessing) The "Data Security Terms" (https://www.facebook.com/legal/terms/data_security_terms) and, with regard to processing in the USA, on the basis of standard contractual clauses ("Facebook-EU Data Transfer Supplement, www.facebook.com/legal/EU_data_transfer_addendum).

Further information on Facebook and other social networks and how you can protect your data in the context of private settings can be found, for example, at youngdata.de.

The legal basis for the use of the Facebook fan page is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is based on the fact that we enable our customers to exchange information directly with our company via this social media service, also for complaints, and thus constantly optimize our service.

The rights of the users are not restricted by the agreements with Facebook.

Regarding your rights as a data subject, see section 11 below.

5. Matomo

We use the open source web analytics service Matomo (formerly Piwik), provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand.

Cookies are stored on your computer for this analysis. The information collected in this way is stored by the responsible person exclusively on our server. A storage of the personal data of the users only takes place there. The data will not be passed on to third parties.

We use Matomo to analyse the use of our website and to improve it regularly. With the statistics we can improve our offer and make it more interesting for you as a user. By evaluating the collected data, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness.

We use Matomo with the extension "AnonymizeIP". This means that IP addresses are further processed in a shortened form, so that a direct personal reference can be excluded. The IP address transmitted by your browser via Matomo is not merged with other data collected by us.

Information from Matomo on data protection is available at matomo.org/privacy-policy/.

The legal basis for the use of Matomo is Art. 6 Abs. 1 lit. a) GDPR.

You can prevent the evaluation by deleting existing cookies and preventing the storage of cookies. If you deactivate the storage of cookies, we point out that you may not be able to use this website to its full extent. The prevention of the storage of cookies is possible through the settings in your browser. The prevention of the use of Matomo is possible by removing the following check mark and thus activating the opt-out plug-in:

<iframe frameborder="no" width="500px" height="250px" src="https://www.IHRE-DOMAIN.de/sites/index.php?module=CoreAdminHome&action=optOut&language=de"></iframe>

6. Newsletter Mailchimp

a. General information

With our newsletter we will inform you regularly about our latest offers and products. If you would like to receive the offered newsletter, we need a first and last name as well as a valid email address from you in our newsletter form. We will then send you a confirmation email, with which you can verify your email address and your request to receive the newsletter. To verify your registration, we store the IP address, both when you register and when you activate the confirmation link. In addition, to provide legally binding proof of your registration, we store the date and time of your registration, the e-mail address provided and the date and time of activation of the link in the confirmation e-mail.

The legal basis for the collection and processing of your data for newsletter marketing is, as a result of your express consent, Art. 6 para. 1 lit. a) GDPR. The conditions for consent and its revocation have their legal basis in Art. 7 GDPR.

b. Passing on of data

We use the newsletter tool "Mailchimp" from The Rocket Science Group LLC, Georgia, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, Georgia 30308, which transfers your email address and behavioral data to The Rocket Science Group LLC in the USA when you open the newsletter. We have also entered into a Data-Processing-Agreement with The Rocket Science Group LLC to ensure that we comply with appropriate technical and organizational measures.


How Mailchimp stores and processes the data on its premises, you can read in the privacy policy of The Rocket Science Group LLC.

By subscribing to the newsletter you agree to the transfer of your data to The Rocket Science Group LLC.

It is possible that a link in the newsletter e-mail redirects you to the mailchimp.com site of The Rocket Science Group LLC. This is especially the case if a newsletter is not displayed correctly and you want to read it by clicking on a link in the newsletter on the website. Then you must be aware that when you visit the mailchimp.com site, cookies are used which are installed in your internet browser or via the browser in your operating system. You can read the statement on the use of cookies by mailchimp, which cookies are used and how. Here also third-party cookies from other providers are used. You can exclude the acceptance of cookies in your web browser from the outset, e.g. in Firefox under "Settings/Privacy&Security, there under sub-item "Protection from activity tracking". This can result in the website being only partially usable. You can also object to the setting of cookies by opting out via the portals Interest Based Advertising Policies, NAI opt out tool or opt out via the DAA.

c. Web Beacons

The Rocket Science Group LLC uses web beacons in every email sent to newsletter subscribers. Web beacons are small graphic files (also known as "pixel tags" or "clear GIFs") that contain certain unique identifiers that allow us and The Rocket Science Group LLC to determine when users have opened an e-mail and when they have clicked on certain links. The following information about each subscriber is stored:

E-mail address, IP address, date and time related to opening and clicking on a newsletter advertising campaign. This data is used to generate reports for users on how an e-mail campaign is responding and what actions users have taken. By subscribing to the newsletter, you agree to the use of web beacons to the extent described above.

d. Revocation of consent

You can at any time by clicking on a link "unsubscribe newsletter" at the end of each newsletter object to receiving further newsletters without incurring any costs other than the transmission costs according to the basic rates. You can also send us an e-mail with the corresponding request to unsubscribe from the mailing list at [email protected].

You have the right of information and objection to your data stored by us at any time, see section 11 below on your rights as a data subject.

7. Instagram

We operate a fan page on the "Instagram" platform for the purpose of exchanging information with our customers, promoting new products or services and providing general information about our company and its employees. This service is provided on the technical platform and through the services of Instagram LLC, represented by Kevin Systrom and Mike Krieger, 1601 Willow Road Menlo Park, CA 94025 (hereinafter "Instagram").

Responsible for data processing of persons living outside the United States is Facebook Ireland Ltd. 4 Grand Canal Square Grand Canal Harbour Dublin 2 Ireland.

If you access the site through our website by clicking on the Instagram icon and are logged into your Instagram account at the same time, Instagram can directly attribute your visit to our website to your Instagram account.

If you do not want Instagram to associate your information with your account, you must log out of Instagram before visiting our website.

When you access interactive features of the site (liking, commenting, sharing, news, etc.), an Instagram login screen will appear. After you log in, Instagram will recognize you as a specific user again. For information on how to manage or delete existing information about you, please refer to the Instagram Data Policy.

We as the operator of our Instagram fan page do not collect or process any other data. For more information about Instagram and other social networks and how you can protect your data in the context of your privacy settings, please see, for example, youngdata.de.

Legal basis for the use of the Instagram fanpage is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is based on the fact that we enable our customers to exchange information directly with our company via this social media service, also for complaints, and thus constantly optimize our service.

Regarding your rights as a person affected, see section 11 below.

8. Video Channels

8a. YouTube

On this page, videos from third party providers are integrated as content via the video portal "YouTube" of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. By clicking on a video and the associated use of YouTube, your data can be processed by "YouTube". If you are logged in to "Google/YouTube" at the same time as your user account when viewing the video, YouTube can track from which subpage of our website the video is accessed. If you would like to prevent this data collection, please log out of YouTube/Google before visiting our site or viewing the video. Details can be found in the YouTube terms of use and the Google privacy policy.

The legal basis for the embedding of YouTube videos is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to provide our customers with useful videos with instructions.

You have the right of information and right of objection to your data stored by us at any time, see below. Clause 11 on your rights of data subjects.

8b. Vimeo

On this page, third-party videos are integrated as content via the "Vimeo" video portal of Vimeo, Inc. 555 West 18th Street, New York, New York 10011. By clicking on a video and the associated use of Vimeo, your data can be processed by "Vimeo". If you are logged in to " Vimeo" at the same time as your user account, Vimeo can determine from which subpage of our website the video is retrieved. If you wish to prevent this data collection, please log out of Vimeo before visiting our site or viewing the video.

More information and details can be found in the Vimeo Terms of Use/Privacy Policy.

The legal basis for embedding Vimeo videos is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to provide our customers with useful videos with instructions.

You have the right of information and objection to your data stored by us at any time, see section 11 below on your rights as a data subject.

9. flickr

Our website uses plugins from the Flickr platform of Flickr, Inc. suite 20067 E Evelyn Avenue, Mountain View, CA 94041, USA. We use Flickr to run a fan page on which we publish our own pictures and to integrate picture galleries on our website. If you simply call up a page of our offer with a thumbnail of a Flickr gallery, no connection to the servers is established, which would enable the provider to collect information about page visitors (IP address, surfing behavior). Such a connection is only established after the user clicks on the preview image and only then is it possible for Flickr to collect data in the manner described.

For more information about Flickr's use of data, please see Flickr's privacy policy at www.flickr.com/help/privacy.

Legal basis for embedding the Flickr plugin Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is that we want to maintain a fan page with pictures and videos to present our products and advertising content to our customers.

Regarding your rights of data subjects, see section 11 below.

10. Cloudflare

We use a Content Delivery Network (CDN) of Cloudflare, Inc., 101 Townsend Street, San Francisco, California 94107, USA ("Cloudflare") to integrate scripts and libraries on our website. A Content Delivery Network is a service that stores content from our Web site on the service's server and distributes that content to you or your browser over a network of regional servers when you access the Web site. The purpose of this is to better ward off attacks, such as DDoS attacks, on our website and, in the case of large amounts of script and data, to make the contents of our website available to you quickly and in an optimized form.

Since the data traffic of our website runs via Cloudfare servers, your IP address is also transmitted to Cloudflare. We have also concluded a Data-Processing-Agreement with Cloudflare, with which this company documents the compliance of appropriate technical and organizational measures.

Legal basis of our use of Cloudflare is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest results from the fact that this service is technically necessary to take security measures against attacks on our website and that large amounts of data can be delivered in an optimized way. The interference with your basic freedoms is minimal, since Cloudflare guarantees the data protection level according to the GDPR.

Regarding your rights of data subjects, see section 11 below.

11. Rights of the data subjects

a. Right to object

If we process your data to protect legitimate interests (Art. 6 Par. 1 lit. f) GDPR), you may object to this processing for reasons arising from your particular situation. We will then no longer process your personal data unless we can prove compelling reasons for processing worthy of protection that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.

In the event of an objection to data processing for the purpose of direct marketing, processing for this purpose will no longer be carried out.

b. Right of access by the data subject

You have the right to request confirmation from us as to whether we are processing personal data concerning you and, if so, a right to access the personal data and related information in accordance with Article 15 of the GDPR.

c. Right of rectification

You have the right to ask us to correct or complete any incorrect or incomplete personal data concerning you without delay in accordance with Art. 16 GDPR.

d. Right to erasure (‘right to be forgotten’)

You have the right to demand the immediate deletion of personal data concerning you and we are obliged to delete them immediately if one of the reasons mentioned in article 17 GDPR applies.

e. Right to restriction of processing

You have the right to ask us to restrict the personal data concerning you if one of the conditions mentioned in art. 18 GDPR is fulfilled.

f. Right to data transferability

You have the right to receive the personal data concerning you that you have provided us with in a structured, common and machine-readable format and you have the right to request that we transfer the data to another controller, as far as this is technically feasible.

General Privacy Policy